Vulnerabilities > Juniper
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-13 | CVE-2017-10608 | Resource Exhaustion vulnerability in Juniper Junos Any Juniper Networks SRX series device with one or more ALGs enabled may experience a flowd crash when traffic is processed by the Sun/MS-RPC ALGs. | 7.5 |
| 2017-10-13 | CVE-2017-10607 | Unspecified vulnerability in Juniper Junos 16.1 Juniper Networks Junos OS 16.1R1, and services releases based off of 16.1R1, are vulnerable to the receipt of a crafted BGP Protocol Data Unit (PDU) sent directly to the router, which can cause the RPD routing process to crash and restart. | 7.5 |
| 2017-10-13 | CVE-2017-10606 | Unspecified vulnerability in Juniper Trusted Platform Module Firmware 4.40 Version 4.40 of the TPM (Trusted Platform Module) firmware on Juniper Networks SRX300 Series has a weakness in generating cryptographic keys that may allow an attacker to decrypt sensitive information in SRX300 Series products. | 4.4 |
| 2017-10-13 | CVE-2016-4925 | Data Processing Errors vulnerability in Juniper Junose Receipt of a specifically malformed IPv6 packet processed by the router may trigger a line card reset: processor exception 0x68616c74 (halt) in task: scheduler. | 7.5 |
| 2017-10-13 | CVE-2016-4924 | Permission Issues vulnerability in Juniper Junos 14.1/15.1 An incorrect permissions vulnerability in Juniper Networks Junos OS on vMX may allow local unprivileged users on a host system read access to vMX or vPFE images and obtain sensitive information contained in them such as private cryptographic keys. | 5.5 |
| 2017-10-13 | CVE-2016-4923 | Cross-site Scripting vulnerability in Juniper Junos Insufficient cross site scripting protection in J-Web component in Juniper Networks Junos OS may potentially allow a remote unauthenticated user to inject web script or HTML and steal sensitive data and credentials from a J-Web session and to perform administrative actions on the Junos device. | 6.1 |
| 2017-10-13 | CVE-2016-4922 | Command Injection vulnerability in Juniper Junos Certain combinations of Junos OS CLI commands and arguments have been found to be exploitable in a way that can allow unauthorized access to the operating system. | 7.8 |
| 2017-10-13 | CVE-2016-4921 | Resource Management Errors vulnerability in Juniper Junos By flooding a Juniper Networks router running Junos OS with specially crafted IPv6 traffic, all available resources can be consumed, leading to the inability to store next hop information for legitimate traffic. | 7.5 |
| 2017-10-13 | CVE-2016-1265 | Information Exposure vulnerability in Juniper Junos Space A remote unauthenticated network based attacker with access to Junos Space may execute arbitrary code on Junos Space or gain access to devices managed by Junos Space using cross site request forgery (CSRF), default authentication credentials, information leak and command injection attack vectors. | 9.8 |
| 2017-10-13 | CVE-2016-1261 | Cross-Site Request Forgery (CSRF) vulnerability in Juniper Junos J-Web does not validate certain input that may lead to cross-site request forgery (CSRF) issues or cause a denial of J-Web service (DoS). | 8.8 |