Vulnerabilities > Juniper > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-16 | CVE-2020-1677 | Insufficient Verification of Data Authenticity vulnerability in Juniper Mist Cloud UI When SAML authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly handle child elements in SAML responses, allowing a remote attacker to modify a valid SAML response without invalidating its cryptographic signature to bypass SAML authentication security controls. | 4.3 |
| 2020-10-16 | CVE-2020-1676 | Unspecified vulnerability in Juniper Mist Cloud UI When SAML authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly handle SAML responses, allowing a remote attacker to modify a valid SAML response without invalidating its cryptographic signature to bypass SAML authentication security controls. network juniper | 4.3 |
| 2020-10-16 | CVE-2020-1675 | Improper Certificate Validation vulnerability in Juniper Mist Cloud UI When Security Assertion Markup Language (SAML) authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly process invalid authentication certificates which could allow a malicious network-based user to access unauthorized data. | 4.3 |
| 2020-10-16 | CVE-2020-1672 | Unspecified vulnerability in Juniper Junos On Juniper Networks Junos OS devices configured with DHCPv6 relay enabled, receipt of a specific DHCPv6 packet might crash the jdhcpd daemon. | 5.0 |
| 2020-10-16 | CVE-2020-1671 | Unspecified vulnerability in Juniper Junos 17.4/18.1/18.2 On Juniper Networks Junos OS platforms configured as DHCPv6 local server or DHCPv6 Relay Agent, Juniper Networks Dynamic Host Configuration Protocol Daemon (JDHCPD) process might crash with a core dump if a malformed DHCPv6 packet is received, resulting with the restart of the daemon. | 5.0 |
| 2020-10-16 | CVE-2020-1667 | Race Condition vulnerability in Juniper Junos When DNS filtering is enabled on Juniper Networks Junos MX Series with one of the following cards MS-PIC, MS-MIC or MS-MPC, an incoming stream of packets processed by the Multiservices PIC Management Daemon (mspmand) process might be bypassed due to a race condition. | 4.0 |
| 2020-10-16 | CVE-2020-1665 | Unspecified vulnerability in Juniper Junos On Juniper Networks MX Series and EX9200 Series, in a certain condition the IPv6 Distributed Denial of Service (DDoS) protection might not take affect when it reaches the threshold condition. | 5.0 |
| 2020-10-16 | CVE-2020-1662 | Unspecified vulnerability in Juniper Junos On Juniper Networks Junos OS and Junos OS Evolved devices, BGP session flapping can lead to a routing process daemon (RPD) crash and restart, limiting the attack surface to configured BGP peers. network juniper | 4.3 |
| 2020-10-16 | CVE-2020-1661 | Unspecified vulnerability in Juniper Junos 12.3/15.1 On Juniper Networks Junos OS devices configured as a DHCP forwarder, the Juniper Networks Dynamic Host Configuration Protocol Daemon (jdhcp) process might crash when receiving a malformed DHCP packet. network juniper | 4.3 |
| 2020-10-16 | CVE-2020-1660 | Unspecified vulnerability in Juniper Junos When DNS filtering is enabled on Juniper Networks Junos MX Series with one of the following cards MS-PIC, MS-MIC or MS-MPC, an incoming stream of packets processed by the Multiservices PIC Management Daemon (mspmand) process, responsible for managing "URL Filtering service", may crash, causing the Services PIC to restart. network juniper | 6.8 |