Vulnerabilities > Juniper > High

DATE CVE VULNERABILITY TITLE RISK
2018-07-11 CVE-2018-0030 Resource Exhaustion vulnerability in Juniper Junos
Receipt of a specific MPLS packet may cause MPC7/8/9, PTX-FPC3 (FPC-P1, FPC-P2) line cards or PTX1K to crash and restart.
network
low complexity
juniper CWE-400
7.5
2018-07-11 CVE-2018-0026 Unspecified vulnerability in Juniper Junos 15.1/15.1X8
After Junos OS device reboot or upgrade, the stateless firewall filter configuration may not take effect.
network
low complexity
juniper
7.5
2018-07-11 CVE-2018-0025 Unspecified vulnerability in Juniper Junos 12.1X46/12.3X48/15.1X49
When an SRX Series device is configured to use HTTP/HTTPS pass-through authentication services, a client sending authentication credentials in the initial HTTP/HTTPS session is at risk that these credentials may be captured during follow-on HTTP/HTTPS requests by a malicious actor through a man-in-the-middle attack or by authentic servers subverted by malicious actors.
network
high complexity
juniper
8.1
2018-07-11 CVE-2018-0024 Improper Privilege Management vulnerability in Juniper Junos
An Improper Privilege Management vulnerability in a shell session of Juniper Networks Junos OS allows an authenticated unprivileged attacker to gain full control of the system.
local
low complexity
juniper CWE-269
7.8
2018-04-11 CVE-2018-0022 Resource Exhaustion vulnerability in Juniper Junos
A Junos device with VPLS routing-instances configured on one or more interfaces may be susceptible to an mbuf leak when processing a specific MPLS packet.
network
low complexity
juniper CWE-400
7.5
2018-04-11 CVE-2018-0021 Unspecified vulnerability in Juniper Junos
If all 64 digits of the connectivity association name (CKN) key or all 32 digits of the connectivity association key (CAK) key are not configured, all remaining digits will be auto-configured to 0.
low complexity
juniper
8.8
2018-04-11 CVE-2018-0020 Improper Input Validation vulnerability in Juniper Junos
Junos OS may be impacted by the receipt of a malformed BGP UPDATE which can lead to a routing process daemon (rpd) crash and restart.
network
low complexity
juniper CWE-20
7.5
2018-04-11 CVE-2018-0016 Unspecified vulnerability in Juniper Junos
Receipt of a specially crafted Connectionless Network Protocol (CLNP) datagram destined to an interface of a Junos OS device may result in a kernel crash or lead to remote code execution.
network
high complexity
juniper
7.5
2018-02-22 CVE-2018-0015 Missing Authorization vulnerability in Juniper Appformix
A malicious user with unrestricted access to the AppFormix application management platform may be able to access a Python debug console and execute system commands with root privilege.
network
high complexity
juniper CWE-862
7.5
2018-01-10 CVE-2018-0012 Unspecified vulnerability in Juniper Junos Space
Junos Space is affected by a privilege escalation vulnerability that may allow a local authenticated attacker to gain root privileges.
local
low complexity
juniper
7.8