Vulnerabilities > Juniper
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-17 | CVE-2017-2349 | Command Injection vulnerability in Juniper Junos A command injection vulnerability in the IDP feature of Juniper Networks Junos OS on SRX series devices potentially allows a user with login access to the device to execute shell commands and elevate privileges. | 8.8 |
| 2017-07-17 | CVE-2017-2348 | Resource Exhaustion vulnerability in Juniper Junos The Juniper Enhanced jdhcpd daemon may experience high CPU utilization, or crash and restart upon receipt of an invalid IPv6 UDP packet. | 7.5 |
| 2017-07-17 | CVE-2017-2347 | Improper Input Validation vulnerability in Juniper Junos A denial of service vulnerability in rpd daemon of Juniper Networks Junos OS allows a malformed MPLS ping packet to crash the rpd daemon if MPLS OAM is configured. | 7.5 |
| 2017-07-17 | CVE-2017-2346 | Unspecified vulnerability in Juniper Junos An MS-MPC or MS-MIC Service PIC may crash when large fragmented packets are passed through an Application Layer Gateway (ALG). | 5.9 |
| 2017-07-17 | CVE-2017-2345 | Improper Input Validation vulnerability in Juniper Junos On Junos OS devices with SNMP enabled, a network based attacker with unfiltered access to the RE can cause the Junos OS snmpd daemon to crash and restart by sending a crafted SNMP packet. | 9.8 |
| 2017-07-17 | CVE-2017-2344 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Juniper Junos A routine within an internal Junos OS sockets library is vulnerable to a buffer overflow. | 7.8 |
| 2017-07-17 | CVE-2017-2343 | Use of Hard-coded Credentials vulnerability in Juniper Junos 12.3X48/15.1X49 The Integrated User Firewall (UserFW) feature was introduced in Junos OS version 12.1X47-D10 on the Juniper SRX Series devices to provide simple integration of user profiles on top of the existing firewall polices. | 9.8 |
| 2017-07-17 | CVE-2017-2342 | Unspecified vulnerability in Juniper Junos 15.1X49 MACsec feature on Juniper Networks Junos OS 15.1X49 prior to 15.1X49-D100 on SRX300 series does not report errors when a secure link can not be established. low complexity juniper | 8.1 |
| 2017-07-17 | CVE-2017-2341 | Improper Authentication vulnerability in Juniper Junos An insufficient authentication vulnerability on platforms where Junos OS instances are run in a virtualized environment, may allow unprivileged users on the Junos OS instance to gain access to the host operating environment, and thus escalate privileges. | 8.8 |
| 2017-07-17 | CVE-2017-2339 | Cross-site Scripting vulnerability in Juniper Screenos 6.3.0 A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator. | 5.4 |