Vulnerabilities > Juniper > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-19 | CVE-2021-31352 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Juniper Session and Resource Control An Information Exposure vulnerability in Juniper Networks SRC Series devices configured for NETCONF over SSH permits the negotiation of weak ciphers, which could allow a remote attacker to obtain sensitive information. | 5.3 |
| 2021-10-19 | CVE-2021-31353 | Improper Handling of Exceptional Conditions vulnerability in Juniper Junos and Junos OS Evolved An Improper Handling of Exceptional Conditions vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an attacker to inject a specific BGP update, causing the routing protocol daemon (RPD) to crash and restart, leading to a Denial of Service (DoS). | 5.0 |
| 2021-10-19 | CVE-2021-31354 | Out-of-bounds Read vulnerability in Juniper Junos An Out Of Bounds (OOB) access vulnerability in the handling of responses by a Juniper Agile License (JAL) Client in Juniper Networks Junos OS and Junos OS Evolved, configured in Network Mode (to use Juniper Agile License Manager) may allow an attacker to cause a partial Denial of Service (DoS), or lead to remote code execution (RCE). | 5.4 |
| 2021-10-19 | CVE-2021-31361 | Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos An Improper Check for Unusual or Exceptional Conditions vulnerability combined with Improper Handling of Exceptional Conditions in Juniper Networks Junos OS on QFX Series and PTX Series allows an unauthenticated network based attacker to cause increased FPC CPU utilization by sending specific IP packets which are being VXLAN encapsulated leading to a partial Denial of Service (DoS). | 5.3 |
| 2021-10-19 | CVE-2021-31364 | Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos An Improper Check for Unusual or Exceptional Conditions vulnerability combined with a Race Condition in the flow daemon (flowd) of Juniper Networks Junos OS on SRX300 Series, SRX500 Series, SRX1500, and SRX5000 Series with SPC2 allows an unauthenticated network based attacker sending specific traffic to cause a crash of the flowd/srxpfe process, responsible for traffic forwarding in SRX, which will cause a Denial of Service (DoS). | 4.3 |
| 2021-10-19 | CVE-2021-31369 | Allocation of Resources Without Limits or Throttling vulnerability in Juniper Junos On MX Series platforms with MS-MPC/MS-MIC, an Allocation of Resources Without Limits or Throttling vulnerability in Juniper Networks Junos OS allows an unauthenticated network attacker to cause a partial Denial of Service (DoS) with a high rate of specific traffic. | 4.3 |
| 2021-10-19 | CVE-2021-31371 | Unspecified vulnerability in Juniper Junos Juniper Networks Junos OS uses the 128.0.0.0/2 subnet for internal communications between the RE and PFEs. | 5.0 |
| 2021-10-19 | CVE-2021-31374 | Unspecified vulnerability in Juniper Junos 17.3/17.4/18.1 On Juniper Networks Junos OS and Junos OS Evolved devices processing a specially crafted BGP UPDATE or KEEPALIVE message can lead to a routing process daemon (RPD) crash and restart, causing a Denial of Service (DoS). | 5.0 |
| 2021-10-19 | CVE-2021-31375 | Unspecified vulnerability in Juniper Junos An Improper Input Validation vulnerability in routing process daemon (RPD) of Juniper Networks Junos OS devices configured with BGP origin validation using Resource Public Key Infrastructure (RPKI), allows an attacker to send a specific BGP update which may cause RPKI policy-checks to be bypassed. | 5.3 |
| 2021-10-19 | CVE-2021-31376 | Improper Input Validation vulnerability in Juniper Junos 18.4 An Improper Input Validation vulnerability in Packet Forwarding Engine manager (FXPC) process of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) by sending specific DHCPv6 packets to the device and crashing the FXPC service. | 5.0 |