Vulnerabilities > Juniper > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-24 | CVE-2017-2327 | Resource Exhaustion vulnerability in Juniper Northstar Controller A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an authenticated malicious user to consume large amounts of system resources leading to a cascading denial of services. | 4.9 |
| 2017-04-24 | CVE-2017-2326 | Information Exposure vulnerability in Juniper Northstar Controller An information disclosure vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unprivileged, authenticated, network-based attacker to replicate the underlying Junos OS VM and all data it maintains to their local system for future analysis. | 6.8 |
| 2017-04-24 | CVE-2017-2325 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Juniper Northstar Controller A buffer overflow vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an authenticated malicious user to cause a buffer overflow leading to a denial of service. | 4.0 |
| 2017-04-24 | CVE-2017-2324 | Command Injection vulnerability in Juniper Northstar Controller A command injection vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a network-based malicious attacker to cause a denial of service condition. | 5.0 |
| 2017-04-24 | CVE-2017-2323 | Denial of Service vulnerability in Juniper NorthStar Controller Application A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a malicious attacker crafting packets destined to the device to cause a persistent denial of service to the path computation server service. | 5.0 |
| 2017-04-24 | CVE-2017-2318 | Information Exposure vulnerability in Juniper Northstar Controller A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an authenticated malicious user to read log files which will compromise the integrity of the system, or provide elevation of privileges. | 4.0 |
| 2017-04-24 | CVE-2017-2313 | Improper Input Validation vulnerability in Juniper Junos Juniper Networks devices running affected Junos OS versions may be impacted by the receipt of a crafted BGP UPDATE which can lead to an rpd (routing process daemon) crash and restart. | 5.0 |
| 2017-04-24 | CVE-2017-2312 | Missing Release of Resource after Effective Lifetime vulnerability in Juniper Junos On Juniper Networks devices running Junos OS affected versions and with LDP enabled, a specific LDP packet destined to the RE (Routing Engine) will consume a small amount of the memory allocated for the rpd (routing protocol daemon) process. | 6.8 |
| 2017-03-20 | CVE-2016-4931 | XXE vulnerability in Juniper Junos Space 15.1/15.2 XML entity injection in Junos Space before 15.2R2 allows attackers to cause a denial of service. | 4.0 |
| 2017-03-20 | CVE-2016-4930 | Cross-site Scripting vulnerability in Juniper Junos Space 15.1/15.2 Cross-site scripting (XSS) vulnerability in Junos Space before 15.2R2 allows remote attackers to steal sensitive information or perform certain administrative actions. | 4.3 |