Vulnerabilities > Juniper > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-08 | CVE-2020-1628 | Unspecified vulnerability in Juniper Junos Juniper Networks Junos OS uses the 128.0.0.0/2 subnet for internal communications between the RE and PFEs. | 5.3 |
| 2020-04-08 | CVE-2020-1625 | Memory Leak vulnerability in Juniper Junos The kernel memory usage represented as "temp" via 'show system virtual-memory' may constantly increase when Integrated Routing and Bridging (IRB) is configured with multiple underlay physical interfaces, and one interface flaps. | 6.5 |
| 2020-04-08 | CVE-2020-1624 | Information Exposure Through Log Files vulnerability in Juniper Junos OS Evolved 18.3/19.1 A local, authenticated user with shell can obtain the hashed values of login passwords and shared secrets via raw objmon configuration files. | 5.5 |
| 2020-04-08 | CVE-2020-1623 | Information Exposure Through Log Files vulnerability in Juniper Junos OS Evolved 18.3/19.1/19.2 A local, authenticated user with shell can view sensitive configuration information via the ev.ops configuration file. | 5.5 |
| 2020-04-08 | CVE-2020-1622 | Information Exposure Through Log Files vulnerability in Juniper Junos OS Evolved 18.3/19.1 A local, authenticated user with shell can obtain the hashed values of login passwords and shared secrets via the EvoSharedObjStore. | 5.5 |
| 2020-04-08 | CVE-2020-1621 | Information Exposure Through Log Files vulnerability in Juniper Junos OS Evolved A local, authenticated user with shell can obtain the hashed values of login passwords via configd traces. | 5.5 |
| 2020-04-08 | CVE-2020-1620 | Information Exposure Through Log Files vulnerability in Juniper Junos OS Evolved A local, authenticated user with shell can obtain the hashed values of login passwords via configd streamer log. | 5.5 |
| 2020-04-08 | CVE-2020-1619 | Unspecified vulnerability in Juniper Junos A privilege escalation vulnerability in Juniper Networks QFX10K Series, EX9200 Series, MX Series, and PTX Series with Next-Generation Routing Engine (NG-RE), allows a local authenticated high privileged user to access the underlying WRL host. | 6.7 |
| 2020-04-08 | CVE-2020-1618 | Improper Authentication vulnerability in Juniper Junos On Juniper Networks EX and QFX Series, an authentication bypass vulnerability may allow a user connected to the console port to login as root without any password. | 6.8 |
| 2020-04-08 | CVE-2020-1616 | Improper Restriction of Excessive Authentication Attempts vulnerability in Juniper products Due to insufficient server-side login attempt limit enforcement, a vulnerability in the SSH login service of Juniper Networks Juniper Advanced Threat Prevention (JATP) Series and Virtual JATP (vJATP) devices allows an unauthenticated, remote attacker to perform multiple login attempts in excess of the configured login attempt limit. | 5.3 |