Vulnerabilities > Juniper > High

DATE CVE VULNERABILITY TITLE RISK
2021-07-15 CVE-2021-0278 Improper Input Validation vulnerability in Juniper Junos
An Improper Input Validation vulnerability in J-Web of Juniper Networks Junos OS allows a locally authenticated attacker to escalate their privileges to root over the target device.
local
low complexity
juniper CWE-20
7.8
2021-07-15 CVE-2021-0281 Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos
On Juniper Networks Junos OS devices configured with BGP origin validation using Resource Public Key Infrastructure (RPKI) receipt of a specific packet from the RPKI cache server may cause routing process daemon (RPD) to crash and restart, creating a Denial of Service (DoS) condition.
network
low complexity
juniper CWE-754
7.5
2021-04-22 CVE-2021-0264 Improper Handling of Exceptional Conditions vulnerability in Juniper Junos and Junos OS Evolved
A vulnerability in the processing of traffic matching a firewall filter containing a syslog action in Juniper Networks Junos OS on MX Series with MPC10/MPC11 cards installed, PTX10003 and PTX10008 Series devices, will cause the line card to crash and restart, creating a Denial of Service (DoS).
network
low complexity
juniper CWE-755
7.5
2021-04-22 CVE-2021-0255 Improper Privilege Management vulnerability in Juniper Junos
A local privilege escalation vulnerability in ethtraceroute of Juniper Networks Junos OS may allow a locally authenticated user with shell access to escalate privileges and write to the local filesystem as root.
local
low complexity
juniper CWE-269
7.8
2021-04-22 CVE-2021-0253 Unspecified vulnerability in Juniper Junos
NFX Series devices using Juniper Networks Junos OS are susceptible to a local command execution vulnerability thereby allowing an attacker to elevate their privileges via the Junos Device Management Daemon (JDMD) process.
local
low complexity
juniper
7.8
2021-04-22 CVE-2021-0252 Unspecified vulnerability in Juniper Junos
NFX Series devices using Juniper Networks Junos OS are susceptible to a local code execution vulnerability thereby allowing an attacker to elevate their privileges via the Junos Device Management Daemon (JDMD) process.
local
low complexity
juniper
7.8
2021-04-22 CVE-2021-0232 Authentication Bypass by Spoofing vulnerability in multiple products
An authentication bypass vulnerability in the Juniper Networks Paragon Active Assurance Control Center may allow an attacker with specific information about the deployment to mimic an already registered Test Agent and access its configuration including associated inventory details.
network
high complexity
juniper fedoraproject CWE-290
7.4
2021-04-22 CVE-2021-0230 Memory Leak vulnerability in Juniper Junos
On Juniper Networks SRX Series devices with link aggregation (lag) configured, executing any operation that fetches Aggregated Ethernet (AE) interface statistics, including but not limited to SNMP GET requests, causes a slow kernel memory leak.
network
low complexity
juniper CWE-401
7.5
2021-04-22 CVE-2021-0226 Improper Initialization vulnerability in Juniper Junos OS Evolved 20.1/20.2/20.3
On Juniper Networks Junos OS Evolved devices, receipt of a specific IPv6 packet may cause an established IPv6 BGP session to terminate, creating a Denial of Service (DoS) condition.
network
low complexity
juniper CWE-665
7.5
2020-10-16 CVE-2020-1684 Unspecified vulnerability in Juniper Junos
On Juniper Networks SRX Series configured with application identification inspection enabled, receipt of specific HTTP traffic can cause high CPU load utilization, which could lead to traffic interruption.
network
low complexity
juniper
7.5