Vulnerabilities > Juniper > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-10 | CVE-2018-0013 | Information Exposure vulnerability in Juniper Junos Space A local file inclusion vulnerability in Juniper Networks Junos Space Network Management Platform may allow an authenticated user to retrieve files from the system. | 6.5 |
| 2018-01-10 | CVE-2018-0011 | Cross-site Scripting vulnerability in Juniper Junos Space A reflected cross site scripting (XSS) vulnerability in Junos Space may potentially allow a remote authenticated user to inject web script or HTML and steal sensitive data and credentials from a session, and to perform administrative actions on the Junos Space network management device. | 5.4 |
| 2018-01-10 | CVE-2018-0010 | Improper Privilege Management vulnerability in Juniper Junos Space A vulnerability in the Juniper Networks Junos Space Security Director allows a user who does not have SSH access to a device to reuse the URL that was created for another user to perform SSH access. | 6.5 |
| 2018-01-10 | CVE-2018-0009 | Unspecified vulnerability in Juniper Junos 12.1X46/12.3X48/15.1X49 On Juniper Networks SRX series devices, firewall rules configured to match custom application UUIDs starting with zeros can match all TCP traffic. | 5.9 |
| 2018-01-10 | CVE-2018-0008 | Improper Authentication vulnerability in Juniper Junos An unauthenticated root login may allow upon reboot when a commit script is used. | 6.2 |
| 2018-01-10 | CVE-2018-0006 | Allocation of Resources Without Limits or Throttling vulnerability in Juniper Junos A high rate of VLAN authentication attempts sent from an adjacent host on the local broadcast domain can trigger high memory utilization by the BBE subscriber management daemon (bbe-smgd), and lead to a denial of service condition. | 5.3 |
| 2018-01-10 | CVE-2018-0004 | Resource Exhaustion vulnerability in Juniper Junos A sustained sequence of different types of normal transit traffic can trigger a high CPU consumption denial of service condition in the Junos OS register and schedule software interrupt handler subsystem when a specific command is issued to the device. | 6.5 |
| 2018-01-10 | CVE-2018-0003 | Unspecified vulnerability in Juniper Junos A specially crafted MPLS packet received or processed by the system, on an interface configured with MPLS, will store information in the system memory. low complexity juniper | 6.5 |
| 2018-01-10 | CVE-2018-0002 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Juniper Junos On SRX Series and MX Series devices with a Service PIC with any ALG enabled, a crafted TCP/IP response packet processed through the device results in memory corruption leading to a flowd daemon crash. | 5.9 |
| 2017-10-13 | CVE-2017-10621 | Resource Exhaustion vulnerability in Juniper Junos A denial of service vulnerability in telnetd service on Juniper Networks Junos OS allows remote unauthenticated attackers to cause a denial of service. | 5.3 |