Vulnerabilities > Juniper > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-11 | CVE-2018-0027 | Improper Input Validation vulnerability in Juniper Junos 16.1 Receipt of a crafted or malformed RSVP PATH message may cause the routing protocol daemon (RPD) to hang or crash. | 5.9 |
| 2018-04-11 | CVE-2018-0023 | Incorrect Default Permissions vulnerability in Juniper Jsnapy JSNAPy is an open source python version of Junos Snapshot Administrator developed by Juniper available through github. | 5.5 |
| 2018-04-11 | CVE-2018-0019 | Improper Input Validation vulnerability in Juniper Junos A vulnerability in Junos OS SNMP MIB-II subagent daemon (mib2d) may allow a remote network based attacker to cause the mib2d process to crash resulting in a denial of service condition (DoS) for the SNMP subsystem. | 5.9 |
| 2018-04-11 | CVE-2018-0018 | Information Exposure vulnerability in Juniper Junos 12.1X46/12.3X48/15.1X49 On SRX Series devices during compilation of IDP policies, an attacker sending specially crafted packets may be able to bypass firewall rules, leading to information disclosure which an attacker may use to gain control of the target device or other internal devices, systems or services protected by the SRX Series device. | 5.9 |
| 2018-04-11 | CVE-2018-0017 | Improper Input Validation vulnerability in Juniper Junos A vulnerability in the Network Address Translation - Protocol Translation (NAT-PT) feature of Junos OS on SRX series devices may allow a certain valid IPv6 packet to crash the flowd daemon. | 6.5 |
| 2018-01-10 | CVE-2018-0014 | Information Exposure vulnerability in Juniper Screenos Juniper Networks ScreenOS devices do not pad Ethernet packets with zeros, and thus some packets can contain fragments of system memory or data from previous packets. | 6.5 |
| 2018-01-10 | CVE-2018-0013 | Information Exposure vulnerability in Juniper Junos Space A local file inclusion vulnerability in Juniper Networks Junos Space Network Management Platform may allow an authenticated user to retrieve files from the system. | 6.5 |
| 2018-01-10 | CVE-2018-0011 | Cross-site Scripting vulnerability in Juniper Junos Space A reflected cross site scripting (XSS) vulnerability in Junos Space may potentially allow a remote authenticated user to inject web script or HTML and steal sensitive data and credentials from a session, and to perform administrative actions on the Junos Space network management device. | 5.4 |
| 2018-01-10 | CVE-2018-0010 | Improper Privilege Management vulnerability in Juniper Junos Space A vulnerability in the Juniper Networks Junos Space Security Director allows a user who does not have SSH access to a device to reuse the URL that was created for another user to perform SSH access. | 6.5 |
| 2018-01-10 | CVE-2018-0009 | Unspecified vulnerability in Juniper Junos 12.1X46/12.3X48/15.1X49 On Juniper Networks SRX series devices, firewall rules configured to match custom application UUIDs starting with zeros can match all TCP traffic. | 5.9 |