Vulnerabilities > Juniper > Low

DATE CVE VULNERABILITY TITLE RISK
2020-04-08 CVE-2020-1625 Memory Leak vulnerability in Juniper Junos
The kernel memory usage represented as "temp" via 'show system virtual-memory' may constantly increase when Integrated Routing and Bridging (IRB) is configured with multiple underlay physical interfaces, and one interface flaps.
low complexity
juniper CWE-401
3.3
2020-04-08 CVE-2020-1630 Unspecified vulnerability in Juniper Junos
A privilege escalation vulnerability in Juniper Networks Junos OS devices configured with dual Routing Engines (RE), Virtual Chassis (VC) or high-availability cluster may allow a local authenticated low-privileged user with access to the shell to perform unauthorized configuration modification.
local
low complexity
juniper
2.1
2019-10-09 CVE-2019-0069 Cleartext Transmission of Sensitive Information vulnerability in Juniper Junos
On EX4600, QFX5100 Series, NFX Series, QFX10K Series, QFX5110, QFX5200 Series, QFX5110, QFX5200, QFX10K Series, vSRX, SRX1500, SRX4000 Series, vSRX, SRX1500, SRX4000, QFX5110, QFX5200, QFX10K Series, when the user uses console management port to authenticate, the credentials used during device authentication are written to a log file in clear text.
local
low complexity
juniper CWE-319
2.1
2019-10-09 CVE-2019-0072 Insufficiently Protected Credentials vulnerability in Juniper SBR Carrier 8.4.1/8.5.0
An Unprotected Storage of Credentials vulnerability in the identity and access management certificate generation procedure allows a local attacker to gain access to confidential information.
local
low complexity
juniper CWE-522
2.1
2019-10-09 CVE-2019-0073 Improper Preservation of Permissions vulnerability in Juniper Junos
The PKI keys exported using the command "run request security pki key-pair export" on Junos OS may have insecure file permissions.
local
low complexity
juniper CWE-281
2.1
2019-10-09 CVE-2019-0074 Path Traversal vulnerability in Juniper Junos
A path traversal vulnerability in NFX150 Series and QFX10K Series, EX9200 Series, MX Series and PTX Series devices with Next-Generation Routing Engine (NG-RE) allows a local authenticated user to read sensitive system files.
local
low complexity
juniper CWE-22
2.1
2019-04-10 CVE-2019-0032 Credentials Management vulnerability in Juniper Service Insight and Service NOW
A password management issue exists where the Organization authentication username and password were stored in plaintext in log files.
local
low complexity
juniper CWE-255
2.1
2019-04-10 CVE-2019-0042 Unspecified vulnerability in Juniper Identity Management Service
Juniper Identity Management Service (JIMS) for Windows versions prior to 1.1.4 may send an incorrect message to associated SRX services gateways.
local
juniper
1.9
2019-01-15 CVE-2019-0004 Information Exposure vulnerability in Juniper Advanced Threat Prevention
On Juniper ATP, the API key and the device key are logged in a file readable by authenticated local users.
local
low complexity
juniper CWE-200
2.1
2019-01-15 CVE-2019-0009 Improper Input Validation vulnerability in Juniper Junos 15.1X53/18.1/18.2
On EX2300 and EX3400 series, high disk I/O operations may disrupt the communication between the routing engine (RE) and the packet forwarding engine (PFE).
local
low complexity
juniper CWE-20
2.1