Vulnerabilities > Juniper > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-19 | CVE-2022-22162 | Information Exposure Through an Error Message vulnerability in Juniper Junos A Generation of Error Message Containing Sensitive Information vulnerability in the CLI of Juniper Networks Junos OS allows a locally authenticated attacker with low privileges to elevate these to the level of any other user logged in via J-Web at this time, potential leading to a full compromise of the device. | 7.8 |
| 2022-01-19 | CVE-2022-22170 | Missing Release of Resource after Effective Lifetime vulnerability in Juniper Junos A Missing Release of Resource after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a Denial of Service (DoS) by sending specific packets over VXLAN which cause heap memory to leak and on exhaustion the PFE to reset. | 7.5 |
| 2022-01-19 | CVE-2022-22171 | Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a Denial of Service (DoS) by sending specific packets over VXLAN which cause the PFE to reset. | 7.5 |
| 2022-01-19 | CVE-2022-22173 | Memory Leak vulnerability in Juniper Junos A Missing Release of Memory after Effective Lifetime vulnerability in the Public Key Infrastructure daemon (pkid) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause Denial of Service (DoS). | 7.5 |
| 2022-01-19 | CVE-2022-22174 | Improper Handling of Exceptional Conditions vulnerability in Juniper Junos A vulnerability in the processing of inbound IPv6 packets in Juniper Networks Junos OS on QFX5000 Series and EX4600 switches may cause the memory to not be freed, leading to a packet DMA memory leak, and eventual Denial of Service (DoS) condition. | 7.5 |
| 2022-01-19 | CVE-2022-22175 | Improper Locking vulnerability in Juniper Junos An Improper Locking vulnerability in the SIP ALG of Juniper Networks Junos OS on MX Series and SRX Series allows an unauthenticated networked attacker to cause a flowprocessing daemon (flowd) crash and thereby a Denial of Service (DoS). | 7.5 |
| 2022-01-19 | CVE-2022-22177 | Improper Handling of Exceptional Conditions vulnerability in Juniper Junos 12.3/15.1/18.3 A release of illegal memory vulnerability in the snmpd daemon of Juniper Networks Junos OS, Junos OS Evolved allows an attacker to halt the snmpd daemon causing a sustained Denial of Service (DoS) to the service until it is manually restarted. | 7.5 |
| 2022-01-19 | CVE-2022-22178 | Stack-based Buffer Overflow vulnerability in Juniper Junos A Stack-based Buffer Overflow vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on MX Series and SRX series allows an unauthenticated networked attacker to cause a flowd crash and thereby a Denial of Service (DoS). | 7.5 |
| 2022-01-19 | CVE-2022-22180 | Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos An Improper Check for Unusual or Exceptional Conditions vulnerability in the processing of specific IPv6 packets on certain EX Series devices may lead to exhaustion of DMA memory causing a Denial of Service (DoS). | 7.5 |
| 2021-10-19 | CVE-2021-0296 | Cleartext Transmission of Sensitive Information vulnerability in Juniper Ctpview 7.3/9.1 The Juniper Networks CTPView server is not enforcing HTTP Strict Transport Security (HSTS). | 7.4 |