Vulnerabilities > Juniper > Low

DATE CVE VULNERABILITY TITLE RISK
2017-10-13 CVE-2016-4924 Permission Issues vulnerability in Juniper Junos 14.1/15.1
An incorrect permissions vulnerability in Juniper Networks Junos OS on vMX may allow local unprivileged users on a host system read access to vMX or vPFE images and obtain sensitive information contained in them such as private cryptographic keys.
local
low complexity
juniper CWE-275
1.7
2017-10-13 CVE-2017-10606 Unspecified vulnerability in Juniper Trusted Platform Module Firmware 4.40
Version 4.40 of the TPM (Trusted Platform Module) firmware on Juniper Networks SRX300 Series has a weakness in generating cryptographic keys that may allow an attacker to decrypt sensitive information in SRX300 Series products.
local
low complexity
juniper
2.1
2017-10-13 CVE-2017-10613 Resource Exhaustion vulnerability in Juniper Junos
A vulnerability in a specific loopback filter action command, processed in a specific logical order of operation, in a running configuration of Juniper Networks Junos OS, allows an attacker with CLI access and the ability to initiate remote sessions to the loopback interface with the defined action, to hang the kernel.
local
low complexity
juniper CWE-400
2.1
2017-07-17 CVE-2017-2335 Cross-site Scripting vulnerability in Juniper Screenos 6.3.0
A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator.
network
juniper CWE-79
3.5
2017-07-17 CVE-2017-2336 Cross-site Scripting vulnerability in Juniper Screenos 6.3.0
A reflected cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a network based attacker to inject HTML/JavaScript content into the management session of other users including the administrator.
network
juniper CWE-79
3.5
2017-07-17 CVE-2017-2337 Cross-site Scripting vulnerability in Juniper Screenos 6.3.0
A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator.
network
juniper CWE-79
3.5
2017-07-17 CVE-2017-2338 Cross-site Scripting vulnerability in Juniper Screenos 6.3.0
A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator.
network
juniper CWE-79
3.5
2017-07-17 CVE-2017-2339 Cross-site Scripting vulnerability in Juniper Screenos 6.3.0
A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator.
network
juniper CWE-79
3.5
2017-04-24 CVE-2017-2322 Resource Exhaustion vulnerability in Juniper Northstar Controller
A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1, may allow an authenticated user to cause widespread denials of service to system services by consuming TCP and UDP ports which are normally reserved for other system services.
local
low complexity
juniper CWE-400
2.1
2017-04-24 CVE-2017-2316 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Juniper Northstar Controller
A buffer overflow vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an authenticated malicious user to cause a buffer overflow leading to a denial of service.
local
low complexity
juniper CWE-119
2.1