Vulnerabilities > Juniper > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-04-17 CVE-2023-28978 Insecure Default Initialization of Resource vulnerability in Juniper Junos OS Evolved
An Insecure Default Initialization of Resource vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network based attacker to read certain confidential information.
network
low complexity
juniper CWE-1188
5.3
2023-04-17 CVE-2023-28979 Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos
An Improper Check for Unusual or Exceptional Conditions vulnerability in the kernel of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to bypass an integrity check.
low complexity
juniper CWE-754
4.7
2023-04-17 CVE-2023-28980 Use After Free vulnerability in Juniper Junos and Junos OS Evolved
A Use After Free vulnerability in the routing protocol daemon of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause Denial of Service (DoS).
local
low complexity
juniper CWE-416
5.5
2023-04-17 CVE-2023-28981 Improper Input Validation vulnerability in Juniper Junos
An Improper Input Validation vulnerability in the kernel of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS).
low complexity
juniper CWE-20
6.5
2023-04-17 CVE-2023-28984 Use After Free vulnerability in Juniper Junos
A Use After Free vulnerability in the Layer 2 Address Learning Manager (l2alm) of Juniper Networks Junos OS on QFX Series allows an adjacent attacker to cause the Packet Forwarding Engine to crash and restart, leading to a Denial of Service (DoS).
high complexity
juniper CWE-416
5.3
2023-04-17 CVE-2023-1697 Unspecified vulnerability in Juniper Junos
An Improper Handling of Missing Values vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause a dcpfe process core and thereby a Denial of Service (DoS).
low complexity
juniper
6.5
2023-04-17 CVE-2023-28959 Improper Check or Handling of Exceptional Conditions vulnerability in Juniper Junos
An Improper Check or Handling of Exceptional Conditions vulnerability in packet processing of Juniper Networks Junos OS on QFX10002 allows an unauthenticated, adjacent attacker on the local broadcast domain sending a malformed packet to the device, causing all PFEs other than the inbound PFE to wedge and to eventually restart, resulting in a Denial of Service (DoS) condition.
low complexity
juniper CWE-703
6.5
2023-04-17 CVE-2023-28961 Unspecified vulnerability in Juniper Junos
An Improper Handling of Unexpected Data Type vulnerability in IPv6 firewall filter processing of Juniper Networks Junos OS on the ACX Series devices will prevent a firewall filter with the term 'from next-header ah' from being properly installed in the packet forwarding engine (PFE).
network
low complexity
juniper
5.3
2023-04-17 CVE-2023-28963 Improper Authentication vulnerability in Juniper Junos
An Improper Authentication vulnerability in cert-mgmt.php, used by the J-Web component of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to read arbitrary files from temporary folders on the device.
network
low complexity
juniper CWE-287
5.3
2023-04-17 CVE-2023-28968 Allocation of Resources Without Limits or Throttling vulnerability in Juniper Appid Service Sigpack, Jdpi-Decoder Engine and Junos
An Improperly Controlled Sequential Memory Allocation vulnerability in the Juniper Networks Deep Packet Inspection-Decoder (JDPI-Decoder) Application Signature component of Junos OS's AppID service on SRX Series devices will stop the JDPI-Decoder from identifying dynamic application traffic, allowing an unauthenticated network-based attacker to send traffic to the target device using the JDPI-Decoder, designed to inspect dynamic application traffic and take action upon this traffic, to instead begin to not take action and to pass the traffic through.
network
low complexity
juniper CWE-770
5.3