Vulnerabilities > Juniper > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-10 | CVE-2018-0008 | Improper Authentication vulnerability in Juniper Junos An unauthenticated root login may allow upon reboot when a commit script is used. | 6.2 |
| 2018-01-10 | CVE-2018-0006 | Allocation of Resources Without Limits or Throttling vulnerability in Juniper Junos A high rate of VLAN authentication attempts sent from an adjacent host on the local broadcast domain can trigger high memory utilization by the BBE subscriber management daemon (bbe-smgd), and lead to a denial of service condition. | 5.3 |
| 2018-01-10 | CVE-2018-0004 | Resource Exhaustion vulnerability in Juniper Junos A sustained sequence of different types of normal transit traffic can trigger a high CPU consumption denial of service condition in the Junos OS register and schedule software interrupt handler subsystem when a specific command is issued to the device. | 6.5 |
| 2018-01-10 | CVE-2018-0003 | Unspecified vulnerability in Juniper Junos A specially crafted MPLS packet received or processed by the system, on an interface configured with MPLS, will store information in the system memory. low complexity juniper | 6.5 |
| 2018-01-10 | CVE-2018-0002 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Juniper Junos On SRX Series and MX Series devices with a Service PIC with any ALG enabled, a crafted TCP/IP response packet processed through the device results in memory corruption leading to a flowd daemon crash. | 5.9 |
| 2017-10-13 | CVE-2017-10621 | Resource Exhaustion vulnerability in Juniper Junos A denial of service vulnerability in telnetd service on Juniper Networks Junos OS allows remote unauthenticated attackers to cause a denial of service. | 5.3 |
| 2017-10-13 | CVE-2017-10618 | Unspecified vulnerability in Juniper Junos When the 'bgp-error-tolerance' feature â€" designed to help mitigate remote session resets from malformed path attributes â€" is enabled, a BGP UPDATE containing a specifically crafted set of transitive attributes can cause the RPD routing process to crash and restart. | 5.9 |
| 2017-10-13 | CVE-2017-10617 | XXE vulnerability in Juniper Contrail The ifmap service that comes bundled with Contrail has an XML External Entity (XXE) vulnerability that may allow an attacker to retrieve sensitive system files. | 5.0 |
| 2017-10-13 | CVE-2017-10616 | Use of Hard-coded Credentials vulnerability in Juniper Contrail The ifmap service that comes bundled with Juniper Networks Contrail releases uses hard coded credentials. | 5.3 |
| 2017-10-13 | CVE-2017-10613 | Resource Exhaustion vulnerability in Juniper Junos A vulnerability in a specific loopback filter action command, processed in a specific logical order of operation, in a running configuration of Juniper Networks Junos OS, allows an attacker with CLI access and the ability to initiate remote sessions to the loopback interface with the defined action, to hang the kernel. | 5.5 |