Vulnerabilities > Juniper > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-01-16 | CVE-2017-3145 | Use After Free vulnerability in multiple products BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. | 7.5 |
| 2019-01-15 | CVE-2019-0030 | Use of Password Hash With Insufficient Computational Effort vulnerability in Juniper Advanced Threat Prevention Firmware 5.0.0/5.0.1/5.0.2 Juniper ATP uses DES and a hardcoded salt for password hashing, allowing for trivial de-hashing of the password file contents. | 7.2 |
| 2019-01-15 | CVE-2019-0029 | Information Exposure Through Log Files vulnerability in Juniper Advanced Threat Prevention Juniper ATP Series Splunk credentials are logged in a file readable by authenticated local users. | 7.8 |
| 2019-01-15 | CVE-2019-0017 | Unrestricted Upload of File with Dangerous Type vulnerability in Juniper Junos Space The Junos Space application, which allows Device Image files to be uploaded, has insufficient validity checking which may allow uploading of malicious images or scripts, or other content types. | 8.8 |
| 2019-01-15 | CVE-2019-0014 | Data Processing Errors vulnerability in Juniper Junos 17.2X75/17.4/18.2 On QFX and PTX Series, receipt of a malformed packet for J-Flow sampling might crash the FPC (Flexible PIC Concentrator) process which causes all interfaces to go down. | 7.5 |
| 2019-01-15 | CVE-2019-0013 | Data Processing Errors vulnerability in Juniper Junos The routing protocol daemon (RPD) process will crash and restart when a specific invalid IPv4 PIM Join packet is received. | 7.5 |
| 2019-01-15 | CVE-2019-0012 | Unspecified vulnerability in Juniper Junos A Denial of Service (DoS) vulnerability in BGP in Juniper Networks Junos OS configured as a VPLS PE allows an attacker to craft a specific BGP message to cause the routing protocol daemon (rpd) process to crash and restart. | 7.5 |
| 2019-01-15 | CVE-2019-0010 | Allocation of Resources Without Limits or Throttling vulnerability in Juniper Junos 12.1X46/12.3X48/15.1X49 An SRX Series Service Gateway configured for Unified Threat Management (UTM) may experience a system crash with the error message "mbuf exceed" -- an indication of memory buffer exhaustion -- due to the receipt of crafted HTTP traffic. | 7.5 |
| 2019-01-15 | CVE-2019-0001 | Uncontrolled Recursion vulnerability in multiple products Receipt of a malformed packet on MX Series devices with dynamic vlan configuration can trigger an uncontrolled recursion loop in the Broadband Edge subscriber management daemon (bbe-smgd), and lead to high CPU usage and a crash of the bbe-smgd service. | 7.5 |
| 2018-10-10 | CVE-2018-0062 | Improper Input Validation vulnerability in Juniper Junos A Denial of Service vulnerability in J-Web service may allow a remote unauthenticated user to cause Denial of Service which may prevent other users to authenticate or to perform J-Web operations. | 7.5 |