Vulnerabilities > Juniper > High

DATE CVE VULNERABILITY TITLE RISK
2018-10-10 CVE-2018-0058 Improper Input Validation vulnerability in Juniper Junos
Receipt of a specially crafted IPv6 exception packet may be able to trigger a kernel crash (vmcore), causing the device to reboot.
network
low complexity
juniper CWE-20
7.5
2018-10-10 CVE-2018-0052 Improper Authentication vulnerability in Juniper Junos
If RSH service is enabled on Junos OS and if the PAM authentication is disabled, a remote unauthenticated attacker can obtain root access to the device.
network
high complexity
juniper CWE-287
8.1
2018-10-10 CVE-2018-0049 NULL Pointer Dereference vulnerability in Juniper Junos
A NULL Pointer Dereference vulnerability in Juniper Networks Junos OS allows an attacker to cause the Junos OS kernel to crash.
network
low complexity
juniper CWE-476
7.5
2018-10-10 CVE-2018-0048 Resource Exhaustion vulnerability in Juniper Junos
A vulnerability in the Routing Protocols Daemon (RPD) with Juniper Extension Toolkit (JET) support can allow a network based unauthenticated attacker to cause a severe memory exhaustion condition on the device.
network
low complexity
juniper CWE-400
7.5
2018-10-10 CVE-2018-0045 Improper Input Validation vulnerability in Juniper Junos
Receipt of a specific Draft-Rosen MVPN control packet may cause the routing protocol daemon (RPD) process to crash and restart or may lead to remote code execution.
low complexity
juniper CWE-20
8.8
2018-10-10 CVE-2018-0044 Improper Authentication vulnerability in Juniper Junos 18.1R2
An insecure SSHD configuration in Juniper Device Manager (JDM) and host OS on Juniper NFX Series devices may allow remote unauthenticated access if any of the passwords on the system are empty.
network
high complexity
juniper CWE-287
8.1
2018-10-10 CVE-2018-0043 Improper Input Validation vulnerability in Juniper Junos
Receipt of a specific MPLS packet may cause the routing protocol daemon (RPD) process to crash and restart or may lead to remote code execution.
low complexity
juniper CWE-20
8.8
2018-08-18 CVE-2018-15505 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2.
network
low complexity
embedthis juniper CWE-476
7.5
2018-08-18 CVE-2018-15504 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2.
network
low complexity
embedthis juniper CWE-476
7.5
2018-07-11 CVE-2018-0032 Improper Input Validation vulnerability in Juniper Junos
The receipt of a crafted BGP UPDATE can lead to a routing process daemon (RPD) crash and restart.
network
low complexity
juniper CWE-20
7.5