Vulnerabilities > Juniper > Qfx3500

DATE CVE VULNERABILITY TITLE RISK
2020-02-28 CVE-2015-3006 Insufficient Entropy vulnerability in Juniper Junos
On the QFX3500 and QFX3600 platforms, the number of bytes collected from the RANDOM_INTERRUPT entropy source when the device boots up is insufficient, possibly leading to weak or duplicate SSH keys or self-signed SSL/TLS certificates.
network
low complexity
juniper CWE-331
6.8
2019-01-15 CVE-2019-0014 Data Processing Errors vulnerability in Juniper Junos 17.2X75/17.4/18.2
On QFX and PTX Series, receipt of a malformed packet for J-Flow sampling might crash the FPC (Flexible PIC Concentrator) process which causes all interfaces to go down.
network
low complexity
juniper CWE-19
5.0
2019-01-15 CVE-2019-0003 Improper Input Validation vulnerability in Juniper Junos
When a specific BGP flowspec configuration is enabled and upon receipt of a specific matching BGP packet meeting a specific term in the flowspec configuration, a reachable assertion failure occurs, causing the routing protocol daemon (rpd) process to crash with a core file being generated.
network
juniper CWE-20
4.3
2018-10-10 CVE-2018-0060 Improper Input Validation vulnerability in Juniper Junos
An improper input validation weakness in the device control daemon process (dcd) of Juniper Networks Junos OS allows an attacker to cause a Denial of Service to the dcd process and interfaces and connected clients when the Junos device is requesting an IP address for itself.
network
juniper CWE-20
4.3
2018-07-11 CVE-2018-0024 Improper Privilege Management vulnerability in Juniper Junos
An Improper Privilege Management vulnerability in a shell session of Juniper Networks Junos OS allows an authenticated unprivileged attacker to gain full control of the system.
local
low complexity
juniper CWE-269
7.2
2017-05-30 CVE-2017-2304 Information Exposure vulnerability in Juniper Junos 14.1X53/15.1/15.1X53
Juniper Networks QFX3500, QFX3600, QFX5100, QFX5200, EX4300 and EX4600 devices running Junos OS 14.1X53 prior to 14.1X53-D40, 15.1X53 prior to 15.1X53-D40, 15.1 prior to 15.1R2, do not pad Ethernet packets with zeros, and thus some packets can contain fragments of system memory or data from previous packets.
network
low complexity
juniper CWE-200
5.0
2016-04-15 CVE-2016-1274 Data Processing Errors vulnerability in Juniper Junos 14.1X53
Juniper Junos OS 14.1X53 before 14.1X53-D30 on QFX Series switches allows remote attackers to cause a denial of service (PFE panic) via a high rate of unspecified VXLAN packets.
network
low complexity
juniper CWE-19
7.8
2015-07-16 CVE-2015-5357 Resource Management Errors vulnerability in Juniper Junos 13.2X51/14.1X53
The Juniper EX4600, QFX3500, QFX3600, and QFX5100 switches with Junos 13.2X51-D15 through 13.2X51-D25, 13.2X51 before 13.2X51-D30, and 14.1X53 before 14.1X53-D10 allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors.
network
low complexity
juniper CWE-399
5.0