Vulnerabilities > Juniper > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-24 | CVE-2017-2330 | Excessive Iteration vulnerability in Juniper Northstar Controller 2.1.0 A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenticated, local user, to create a fork bomb scenario, also known as a rabbit virus, or wabbit, which will create processes that replicate themselves, until all resources are consumed on the system, leading to a denial of service to the entire system until it is restarted. | 6.2 |
| 2017-04-24 | CVE-2017-2329 | Improper Authentication vulnerability in Juniper Northstar Controller 2.1.0 An insufficient authentication vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unprivileged, authenticated, user to execute certain specific unprivileged system files capable of causing widespread denials of system services. | 6.2 |
| 2017-04-24 | CVE-2017-2328 | Information Exposure vulnerability in Juniper Northstar Controller 2.1.0 An information leak vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unprivileged, authenticated, user to elevate their permissions through reading unprivileged information stored in the NorthStar controller. | 5.5 |
| 2017-04-24 | CVE-2017-2327 | Resource Exhaustion vulnerability in Juniper Northstar Controller 2.1.0 A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an authenticated malicious user to consume large amounts of system resources leading to a cascading denial of services. | 5.5 |
| 2017-04-24 | CVE-2017-2326 | Information Exposure vulnerability in Juniper Northstar Controller 2.1.0 An information disclosure vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unprivileged, authenticated, network-based attacker to replicate the underlying Junos OS VM and all data it maintains to their local system for future analysis. | 6.5 |
| 2017-04-24 | CVE-2017-2325 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Juniper Northstar Controller 2.1.0 A buffer overflow vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an authenticated malicious user to cause a buffer overflow leading to a denial of service. | 6.5 |
| 2017-04-24 | CVE-2017-2324 | Command Injection vulnerability in Juniper Northstar Controller 2.1.0 A command injection vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a network-based malicious attacker to cause a denial of service condition. | 5.3 |
| 2017-04-24 | CVE-2017-2318 | Information Exposure vulnerability in Juniper Northstar Controller 2.1.0 A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an authenticated malicious user to read log files which will compromise the integrity of the system, or provide elevation of privileges. | 6.5 |
| 2017-04-24 | CVE-2017-2316 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Juniper Northstar Controller 2.1.0 A buffer overflow vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an authenticated malicious user to cause a buffer overflow leading to a denial of service. | 6.5 |
| 2017-04-24 | CVE-2017-2312 | Missing Release of Resource after Effective Lifetime vulnerability in Juniper Junos On Juniper Networks devices running Junos OS affected versions and with LDP enabled, a specific LDP packet destined to the RE (Routing Engine) will consume a small amount of the memory allocated for the rpd (routing protocol daemon) process. | 6.5 |