Vulnerabilities > Juniper > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-09 | CVE-2019-0074 | Path Traversal vulnerability in Juniper Junos A path traversal vulnerability in NFX150 Series and QFX10K Series, EX9200 Series, MX Series and PTX Series devices with Next-Generation Routing Engine (NG-RE) allows a local authenticated user to read sensitive system files. | 5.5 |
| 2019-10-09 | CVE-2019-0072 | Insufficiently Protected Credentials vulnerability in Juniper SBR Carrier 8.4.1/8.5.0 An Unprotected Storage of Credentials vulnerability in the identity and access management certificate generation procedure allows a local attacker to gain access to confidential information. | 5.5 |
| 2019-10-09 | CVE-2019-0069 | Cleartext Transmission of Sensitive Information vulnerability in Juniper Junos On EX4600, QFX5100 Series, NFX Series, QFX10K Series, QFX5110, QFX5200 Series, QFX5110, QFX5200, QFX10K Series, vSRX, SRX1500, SRX4000 Series, vSRX, SRX1500, SRX4000, QFX5110, QFX5200, QFX10K Series, when the user uses console management port to authenticate, the credentials used during device authentication are written to a log file in clear text. | 5.5 |
| 2019-10-09 | CVE-2019-0067 | Unspecified vulnerability in Juniper Junos 16.1/16.2/17.1 Receipt of a specific link-local IPv6 packet destined to the RE may cause the system to crash and restart (vmcore). low complexity juniper | 6.5 |
| 2019-07-22 | CVE-2019-1010232 | Out-of-bounds Write vulnerability in Juniper Libslax 0.22.0 Juniper juniper/libslax libslax latest version (as of commit 084ddf6ab4a55b59dfa9a53f9c5f14d192c4f8e5 Commits on Sep 1, 2018) is affected by: Buffer Overflow. | 6.5 |
| 2019-07-11 | CVE-2019-0048 | Unspecified vulnerability in Juniper Junos On EX4300 Series switches with TCAM optimization enabled, incoming multicast traffic matches an implicit loopback filter rule first, since it has high priority. | 5.8 |
| 2019-07-11 | CVE-2019-0046 | Resource Exhaustion vulnerability in Juniper Junos A vulnerability in the pfe-chassisd Chassis Manager (CMLC) daemon of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the EX4300 when specific valid broadcast packets create a broadcast storm condition when received on the me0 interface of the EX4300 Series device. | 6.5 |
| 2019-04-20 | CVE-2019-11358 | jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. | 6.1 |
| 2019-04-10 | CVE-2019-0042 | Unspecified vulnerability in Juniper Identity Management Service Juniper Identity Management Service (JIMS) for Windows versions prior to 1.1.4 may send an incorrect message to associated SRX services gateways. high complexity juniper | 4.2 |
| 2019-04-10 | CVE-2019-0038 | Allocation of Resources Without Limits or Throttling vulnerability in Juniper Junos Crafted packets destined to the management interface (fxp0) of an SRX340 or SRX345 services gateway may create a denial of service (DoS) condition due to buffer space exhaustion. | 6.5 |