Vulnerabilities > Juniper
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-10 | CVE-2018-0005 | Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos 14.1X53/15.1/15.1X53 QFX and EX Series switches configured to drop traffic when the MAC move limit is exceeded will forward traffic instead of dropping traffic. | 8.8 |
| 2018-01-10 | CVE-2018-0004 | Resource Exhaustion vulnerability in Juniper Junos A sustained sequence of different types of normal transit traffic can trigger a high CPU consumption denial of service condition in the Junos OS register and schedule software interrupt handler subsystem when a specific command is issued to the device. | 6.5 |
| 2018-01-10 | CVE-2018-0003 | Unspecified vulnerability in Juniper Junos A specially crafted MPLS packet received or processed by the system, on an interface configured with MPLS, will store information in the system memory. low complexity juniper | 6.5 |
| 2018-01-10 | CVE-2018-0002 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Juniper Junos On SRX Series and MX Series devices with a Service PIC with any ALG enabled, a crafted TCP/IP response packet processed through the device results in memory corruption leading to a flowd daemon crash. | 5.9 |
| 2018-01-10 | CVE-2018-0001 | Use After Free vulnerability in Juniper Junos A remote, unauthenticated attacker may be able to execute code by exploiting a use-after-free defect found in older versions of PHP through injection of crafted data via specific PHP URLs within the context of the J-Web process. | 9.8 |
| 2017-10-13 | CVE-2017-10624 | Insufficient Verification of Data Authenticity vulnerability in Juniper Junos Space Insufficient verification of node certificates in Juniper Networks Junos Space may allow a man-in-the-middle type of attacker to make unauthorized modifications to Space database or add nodes. | 7.5 |
| 2017-10-13 | CVE-2017-10623 | Improper Authentication vulnerability in Juniper Junos Space Lack of authentication and authorization of cluster messages in Juniper Networks Junos Space may allow a man-in-the-middle type of attacker to intercept, inject or disrupt Junos Space cluster operations between two nodes. | 8.1 |
| 2017-10-13 | CVE-2017-10622 | Improper Authentication vulnerability in Juniper Junos Space 16.1/17.1 An authentication bypass vulnerability in Juniper Networks Junos Space Network Management Platform may allow a remote unauthenticated network based attacker to login as any privileged user. | 9.8 |
| 2017-10-13 | CVE-2017-10621 | Resource Exhaustion vulnerability in Juniper Junos A denial of service vulnerability in telnetd service on Juniper Networks Junos OS allows remote unauthenticated attackers to cause a denial of service. | 5.3 |
| 2017-10-13 | CVE-2017-10620 | Improper Certificate Validation vulnerability in Juniper Junos 12.1X46/12.3X48/15.1X49 Juniper Networks Junos OS on SRX series devices do not verify the HTTPS server certificate before downloading anti-virus updates. | 7.4 |