Vulnerabilities > Juniper > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-04-22 CVE-2021-0267 Improper Input Validation vulnerability in Juniper Junos
An Improper Input Validation vulnerability in the active-lease query portion in JDHCPD's DHCP Relay Agent of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) by sending a crafted DHCP packet to the device thereby crashing the jdhcpd DHCP service.
low complexity
juniper CWE-20
6.5
2021-04-22 CVE-2021-0263 Unspecified vulnerability in Juniper Junos
A Data Processing vulnerability in the Multi-Service process (multi-svcs) on the FPC of Juniper Networks Junos OS on the PTX Series routers may lead to the process becoming unresponsive, ultimately affecting traffic forwarding, allowing an attacker to cause a Denial of Service (DoS) condition .
network
high complexity
juniper
5.9
2021-04-22 CVE-2021-0262 Use After Free vulnerability in Juniper Junos 19.1/19.2/20.2
Through routine static code analysis of the Juniper Networks Junos OS software codebase, the Secure Development Life Cycle team identified a Use After Free vulnerability in PFE packet processing on the QFX10002-60C switching platform.
low complexity
juniper CWE-416
6.5
2021-04-22 CVE-2021-0258 Race Condition vulnerability in Juniper Junos
A vulnerability in the forwarding of transit TCPv6 packets received on the Ethernet management interface of Juniper Networks Junos OS allows an attacker to trigger a kernel panic, leading to a Denial of Service (DoS).
network
high complexity
juniper CWE-362
5.9
2021-04-22 CVE-2021-0257 Memory Leak vulnerability in Juniper Junos
On Juniper Networks MX Series and EX9200 Series platforms with Trio-based MPCs (Modular Port Concentrators) where Integrated Routing and Bridging (IRB) interfaces are configured and mapped to a VPLS instance or a Bridge-Domain, certain Layer 2 network events at Customer Edge (CE) devices may cause memory leaks in the MPC of Provider Edge (PE) devices which can cause an out of memory condition and MPC restart.
low complexity
juniper CWE-401
6.5
2021-04-22 CVE-2021-0256 Improper Privilege Management vulnerability in Juniper Junos
A sensitive information disclosure vulnerability in the mosquitto message broker of Juniper Networks Junos OS may allow a locally authenticated user with shell access the ability to read portions of sensitive files, such as the master.passwd file.
local
low complexity
juniper CWE-269
5.5
2021-04-22 CVE-2021-0247 Race Condition vulnerability in Juniper Junos
A Race Condition (Concurrent Execution using Shared Resource with Improper Synchronization) vulnerability in the firewall process (dfwd) of Juniper Networks Junos OS allows an attacker to bypass the firewall rule sets applied to the input loopback filter on any interfaces of a device.
network
high complexity
juniper CWE-362
5.5
2021-04-22 CVE-2021-0243 Unspecified vulnerability in Juniper Junos
Improper Handling of Unexpected Data in the firewall policer of Juniper Networks Junos OS on EX4300 switches allows matching traffic to exceed set policer limits, possibly leading to a limited Denial of Service (DoS) condition.
low complexity
juniper
4.7
2021-04-22 CVE-2021-0242 Allocation of Resources Without Limits or Throttling vulnerability in Juniper Junos
A vulnerability due to the improper handling of direct memory access (DMA) buffers on EX4300 switches on Juniper Networks Junos OS allows an attacker sending specific unicast frames to trigger a Denial of Service (DoS) condition by exhausting DMA buffers, causing the FPC to crash and the device to restart.
low complexity
juniper CWE-770
6.5
2021-04-22 CVE-2021-0241 Improper Handling of Exceptional Conditions vulnerability in Juniper Junos
On Juniper Networks Junos OS platforms configured as DHCPv6 local server or DHCPv6 Relay Agent, Juniper Networks Dynamic Host Configuration Protocol Daemon (JDHCPD) process might crash with a core dump if a specific DHCPv6 packet is received, resulting in a restart of the daemon.
low complexity
juniper CWE-755
6.5