Vulnerabilities > Juniper > Low

DATE CVE VULNERABILITY TITLE RISK
2021-01-15 CVE-2021-0217 Allocation of Resources Without Limits or Throttling vulnerability in Juniper Junos
A vulnerability in processing of certain DHCP packets from adjacent clients on EX Series and QFX Series switches running Juniper Networks Junos OS with DHCP local/relay server configured may lead to exhaustion of DMA memory causing a Denial of Service (DoS).
low complexity
juniper CWE-770
3.3
2021-01-15 CVE-2021-0220 Insufficiently Protected Credentials vulnerability in Juniper Junos Space
The Junos Space Network Management Platform has been found to store shared secrets in a recoverable format that can be exposed through the UI.
network
juniper CWE-522
3.5
2021-01-15 CVE-2021-0221 Infinite Loop vulnerability in Juniper Junos 17.3/17.4/18.1
In an EVPN/VXLAN scenario, if an IRB interface with a virtual gateway address (VGA) is configured on a PE, a traffic loop may occur upon receipt of specific IP multicast traffic.
2.9
2020-10-16 CVE-2020-1668 Unspecified vulnerability in Juniper Junos
On Juniper Networks EX2300 Series, receipt of a stream of specific multicast packets by the layer2 interface can cause high CPU load, which could lead to traffic interruption.
low complexity
juniper
3.3
2020-10-16 CVE-2020-1669 Insufficiently Protected Credentials vulnerability in Juniper Junos 19.4/20.1
The Juniper Device Manager (JDM) container, used by the disaggregated Junos OS architecture on Juniper Networks NFX350 Series devices, stores password hashes in the world-readable file /etc/passwd.
local
low complexity
juniper CWE-522
2.1
2020-10-16 CVE-2020-1670 Unspecified vulnerability in Juniper Junos
On Juniper Networks EX4300 Series, receipt of a stream of specific IPv4 packets can cause Routing Engine (RE) high CPU load, which could lead to network protocol operation issue and traffic interruption.
low complexity
juniper
3.3
2020-10-16 CVE-2020-1678 Memory Leak vulnerability in Juniper Junos and Junos OS Evolved
On Juniper Networks Junos OS and Junos OS Evolved platforms with EVPN configured, receipt of specific BGP packets causes a slow memory leak.
2.9
2020-10-16 CVE-2020-1682 Improper Input Validation vulnerability in Juniper Junos 15.1X49/17.4
An input validation vulnerability exists in Juniper Networks Junos OS, allowing an attacker to crash the srxpfe process, causing a Denial of Service (DoS) through the use of specific maintenance commands.
local
low complexity
juniper CWE-20
2.1
2020-10-16 CVE-2020-1687 Unspecified vulnerability in Juniper Junos
On Juniper Networks EX4300-MP Series, EX4600 Series and QFX5K Series deployed in (Ethernet VPN) EVPN-(Virtual Extensible LAN) VXLAN configuration, receipt of a stream of specific VXLAN encapsulated layer 2 frames can cause high CPU load, which could lead to network protocol operation issue and traffic interruption.
2.9
2020-10-16 CVE-2020-1688 Unspecified vulnerability in Juniper Junos
On Juniper Networks SRX Series and NFX Series, a local authenticated user with access to the shell may obtain the Web API service private key that is used to provide encrypted communication between the Juniper device and the authenticator services.
local
low complexity
juniper
2.1