Vulnerabilities > Juniper
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-13 | CVE-2017-10612 | Cross-site Scripting vulnerability in Juniper Junos Space A persistent site scripting vulnerability in Juniper Networks Junos Space allows users who can change certain configuration to implant malicious Javascript or HTML which may be used to steal information or perform actions as other Junos Space users or administrators. | 6.0 |
| 2017-10-13 | CVE-2017-10611 | Unspecified vulnerability in Juniper Junos If extended statistics are enabled via 'set chassis extended-statistics', when executing any operation that fetches interface statistics, including but not limited to SNMP GET requests, the pfem process or the FPC may crash and restart. network juniper | 4.3 |
| 2017-10-13 | CVE-2017-10610 | Improper Input Validation vulnerability in Juniper Junos 12.1X46/12.3X48/15.1X49 On SRX Series devices, a crafted ICMP packet embedded within a NAT64 IPv6 to IPv4 tunnel may cause the flowd process to crash. | 4.3 |
| 2017-10-13 | CVE-2017-10608 | Resource Exhaustion vulnerability in Juniper Junos Any Juniper Networks SRX series device with one or more ALGs enabled may experience a flowd crash when traffic is processed by the Sun/MS-RPC ALGs. | 5.0 |
| 2017-10-13 | CVE-2017-10607 | Unspecified vulnerability in Juniper Junos 16.1 Juniper Networks Junos OS 16.1R1, and services releases based off of 16.1R1, are vulnerable to the receipt of a crafted BGP Protocol Data Unit (PDU) sent directly to the router, which can cause the RPD routing process to crash and restart. | 5.0 |
| 2017-10-13 | CVE-2017-10606 | Unspecified vulnerability in Juniper Trusted Platform Module Firmware 4.40 Version 4.40 of the TPM (Trusted Platform Module) firmware on Juniper Networks SRX300 Series has a weakness in generating cryptographic keys that may allow an attacker to decrypt sensitive information in SRX300 Series products. | 2.1 |
| 2017-10-13 | CVE-2016-4925 | Data Processing Errors vulnerability in Juniper Junose Receipt of a specifically malformed IPv6 packet processed by the router may trigger a line card reset: processor exception 0x68616c74 (halt) in task: scheduler. | 5.0 |
| 2017-10-13 | CVE-2016-4924 | Permission Issues vulnerability in Juniper Junos 14.1/15.1 An incorrect permissions vulnerability in Juniper Networks Junos OS on vMX may allow local unprivileged users on a host system read access to vMX or vPFE images and obtain sensitive information contained in them such as private cryptographic keys. | 1.7 |
| 2017-10-13 | CVE-2016-4923 | Cross-site Scripting vulnerability in Juniper Junos Insufficient cross site scripting protection in J-Web component in Juniper Networks Junos OS may potentially allow a remote unauthenticated user to inject web script or HTML and steal sensitive data and credentials from a J-Web session and to perform administrative actions on the Junos device. | 4.3 |
| 2017-10-13 | CVE-2016-4922 | Command Injection vulnerability in Juniper Junos Certain combinations of Junos OS CLI commands and arguments have been found to be exploitable in a way that can allow unauthorized access to the operating system. | 7.2 |