Vulnerabilities > Juniper > Low

DATE CVE VULNERABILITY TITLE RISK
2021-10-19 CVE-2021-31370 Unspecified vulnerability in Juniper Junos
An Incomplete List of Disallowed Inputs vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on QFX5000 Series and EX4600 Series allows an adjacent unauthenticated attacker which sends a high rate of specific multicast traffic to cause control traffic received from the network to be dropped.
low complexity
juniper
3.3
2021-10-19 CVE-2021-31367 Memory Leak vulnerability in Juniper Junos
A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on PTX Series allows an adjacent attacker to cause a Denial of Service (DoS) by sending genuine BGP flowspec packets which cause an FPC heap memory leak.
2.9
2021-10-19 CVE-2021-31366 Unchecked Return Value vulnerability in Juniper Junos
An Unchecked Return Value vulnerability in the authd (authentication daemon) of Juniper Networks Junos OS on MX Series configured for subscriber management / BBE allows an adjacent attacker to cause a crash by sending a specific username.
low complexity
juniper CWE-252
3.3
2021-10-19 CVE-2021-31365 Resource Exhaustion vulnerability in Juniper Junos
An Uncontrolled Resource Consumption vulnerability in Juniper Networks Junos OS on EX2300, EX3400 and EX4300 Series platforms allows an adjacent attacker sending a stream of layer 2 frames will trigger an Aggregated Ethernet (AE) interface to go down and thereby causing a Denial of Service (DoS).
2.9
2021-10-19 CVE-2021-31363 Infinite Loop vulnerability in Juniper Junos and Junos OS Evolved
In an MPLS P2MP environment a Loop with Unreachable Exit Condition vulnerability in the routing protocol daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause high load on RPD which in turn may lead to routing protocol flaps.
low complexity
juniper CWE-835
3.3
2021-10-19 CVE-2021-31362 Unspecified vulnerability in Juniper Junos
A Protection Mechanism Failure vulnerability in RPD (routing protocol daemon) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent unauthenticated attacker to cause established IS-IS adjacencies to go down by sending a spoofed hello PDU leading to a Denial of Service (DoS) condition.
low complexity
juniper
3.3
2021-10-19 CVE-2021-31355 Cross-site Scripting vulnerability in Juniper Junos
A persistent cross-site scripting (XSS) vulnerability in the captive portal graphical user interface of Juniper Networks Junos OS may allow a remote authenticated user to inject web script or HTML and steal sensitive data and credentials from a web administration session, possibly tricking a follow-on administrative user to perform administrative actions on the device.
network
juniper CWE-79
3.5
2021-07-15 CVE-2021-0295 Incorrect Comparison vulnerability in Juniper Junos
A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) of Juniper Networks Junos OS on the QFX10K Series switches allows an attacker to trigger a packet forwarding loop, leading to a partial Denial of Service (DoS).
2.9
2021-07-15 CVE-2021-0293 Memory Leak vulnerability in Juniper Junos
A vulnerability in Juniper Networks Junos OS caused by Missing Release of Memory after Effective Lifetime leads to a memory leak each time the CLI command 'show system connections extensive' is executed.
local
low complexity
juniper CWE-401
2.1
2021-07-15 CVE-2021-0292 Resource Exhaustion vulnerability in Juniper Junos OS Evolved 19.4/20.1/20.2
An Uncontrolled Resource Consumption vulnerability in the ARP daemon (arpd) and Network Discovery Protocol (ndp) process of Juniper Networks Junos OS Evolved allows a malicious attacker on the local network to consume memory resources, ultimately resulting in a Denial of Service (DoS) condition.
low complexity
juniper CWE-400
3.3