Vulnerabilities > Juniper > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-15 | CVE-2021-0202 | Memory Leak vulnerability in Juniper Junos On Juniper Networks MX Series and EX9200 Series platforms with Trio-based MPC (Modular Port Concentrator) where Integrated Routing and Bridging (IRB) interface is configured and it is mapped to a VPLS instance or a Bridge-Domain, certain network events at Customer Edge (CE) device may cause memory leak in the MPC which can cause an out of memory and MPC restarts. | 7.5 |
| 2020-10-16 | CVE-2020-1686 | Unspecified vulnerability in Juniper Junos On Juniper Networks Junos OS devices, receipt of a malformed IPv6 packet may cause the system to crash and restart (vmcore). | 7.5 |
| 2020-10-16 | CVE-2020-1684 | Unspecified vulnerability in Juniper Junos On Juniper Networks SRX Series configured with application identification inspection enabled, receipt of specific HTTP traffic can cause high CPU load utilization, which could lead to traffic interruption. | 7.5 |
| 2020-10-16 | CVE-2020-1683 | Memory Leak vulnerability in Juniper Junos On Juniper Networks Junos OS devices, a specific SNMP OID poll causes a memory leak which over time leads to a kernel crash (vmcore). | 7.5 |
| 2020-10-16 | CVE-2020-1679 | Unspecified vulnerability in Juniper Junos On Juniper Networks PTX and QFX Series devices with packet sampling configured using tunnel-observation mpls-over-udp, sampling of a malformed packet can cause the Kernel Routing Table (KRT) queue to become stuck. | 7.5 |
| 2020-10-16 | CVE-2020-1677 | Insufficient Verification of Data Authenticity vulnerability in Juniper Mist Cloud UI When SAML authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly handle child elements in SAML responses, allowing a remote attacker to modify a valid SAML response without invalidating its cryptographic signature to bypass SAML authentication security controls. | 7.2 |
| 2020-10-16 | CVE-2020-1676 | Unspecified vulnerability in Juniper Mist Cloud UI When SAML authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly handle SAML responses, allowing a remote attacker to modify a valid SAML response without invalidating its cryptographic signature to bypass SAML authentication security controls. | 7.2 |
| 2020-10-16 | CVE-2020-1675 | Improper Certificate Validation vulnerability in Juniper Mist Cloud UI When Security Assertion Markup Language (SAML) authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly process invalid authentication certificates which could allow a malicious network-based user to access unauthorized data. | 8.3 |
| 2020-10-16 | CVE-2020-1673 | Cross-site Scripting vulnerability in Juniper Junos Insufficient Cross-Site Scripting (XSS) protection in Juniper Networks J-Web and web based (HTTP/HTTPS) services allows an unauthenticated attacker to hijack the target user's HTTP/HTTPS session and perform administrative actions on the Junos device as the targeted user. | 8.8 |
| 2020-10-16 | CVE-2020-1672 | Unspecified vulnerability in Juniper Junos On Juniper Networks Junos OS devices configured with DHCPv6 relay enabled, receipt of a specific DHCPv6 packet might crash the jdhcpd daemon. | 7.5 |