Vulnerabilities > Juniper > Low

DATE CVE VULNERABILITY TITLE RISK
2021-04-22 CVE-2021-0241 Improper Handling of Exceptional Conditions vulnerability in Juniper Junos
On Juniper Networks Junos OS platforms configured as DHCPv6 local server or DHCPv6 Relay Agent, Juniper Networks Dynamic Host Configuration Protocol Daemon (JDHCPD) process might crash with a core dump if a specific DHCPv6 packet is received, resulting in a restart of the daemon.
low complexity
juniper CWE-755
3.3
2021-04-22 CVE-2021-0243 Unspecified vulnerability in Juniper Junos 17.3/17.4/18.1
Improper Handling of Unexpected Data in the firewall policer of Juniper Networks Junos OS on EX4300 switches allows matching traffic to exceed set policer limits, possibly leading to a limited Denial of Service (DoS) condition.
low complexity
juniper
3.3
2021-04-22 CVE-2021-0256 Improper Privilege Management vulnerability in Juniper Junos 17.3/17.4/18.1
A sensitive information disclosure vulnerability in the mosquitto message broker of Juniper Networks Junos OS may allow a locally authenticated user with shell access the ability to read portions of sensitive files, such as the master.passwd file.
local
low complexity
juniper CWE-269
2.1
2021-04-22 CVE-2021-0257 Memory Leak vulnerability in Juniper Junos
On Juniper Networks MX Series and EX9200 Series platforms with Trio-based MPCs (Modular Port Concentrators) where Integrated Routing and Bridging (IRB) interfaces are configured and mapped to a VPLS instance or a Bridge-Domain, certain Layer 2 network events at Customer Edge (CE) devices may cause memory leaks in the MPC of Provider Edge (PE) devices which can cause an out of memory condition and MPC restart.
low complexity
juniper CWE-401
3.3
2021-04-22 CVE-2021-0259 Improper Handling of Exceptional Conditions vulnerability in Juniper Junos 17.3/17.4/18.1
Due to a vulnerability in DDoS protection in Juniper Networks Junos OS and Junos OS Evolved on QFX5K Series switches in a VXLAN configuration, instability might be experienced in the underlay network as a consequence of exceeding the default ddos-protection aggregate threshold.
low complexity
juniper CWE-755
3.3
2021-04-22 CVE-2021-0262 Use After Free vulnerability in Juniper Junos 19.1/19.2/20.2
Through routine static code analysis of the Juniper Networks Junos OS software codebase, the Secure Development Life Cycle team identified a Use After Free vulnerability in PFE packet processing on the QFX10002-60C switching platform.
low complexity
juniper CWE-416
3.3
2021-04-22 CVE-2021-0267 Improper Input Validation vulnerability in Juniper Junos
An Improper Input Validation vulnerability in the active-lease query portion in JDHCPD's DHCP Relay Agent of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) by sending a crafted DHCP packet to the device thereby crashing the jdhcpd DHCP service.
low complexity
juniper CWE-20
3.3
2021-04-22 CVE-2021-0271 Double Free vulnerability in Juniper Junos 12.3/15.1
A Double Free vulnerability in the software forwarding interface daemon (sfid) process of Juniper Networks Junos OS allows an adjacently-connected attacker to cause a Denial of Service (DoS) by sending a crafted ARP packet to the device.
low complexity
juniper CWE-415
3.3
2021-01-15 CVE-2021-0208 Improper Input Validation vulnerability in Juniper Junos 15.1X49/17.3/17.4
An improper input validation vulnerability in the Routing Protocol Daemon (RPD) service of Juniper Networks Junos OS allows an attacker to send a malformed RSVP packet when bidirectional LSPs are in use, which when received by an egress router crashes the RPD causing a Denial of Service (DoS) condition.
low complexity
juniper CWE-20
3.3
2021-01-15 CVE-2021-0215 Memory Leak vulnerability in Juniper Junos
On Juniper Networks Junos EX series, QFX Series, MX Series and SRX branch series devices, a memory leak occurs every time the 802.1X authenticator port interface flaps which can lead to other processes, such as the pfex process, responsible for packet forwarding, to crash and restart.
2.9