Vulnerabilities > Juniper > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-17 | CVE-2023-28963 | Improper Authentication vulnerability in Juniper Junos An Improper Authentication vulnerability in cert-mgmt.php, used by the J-Web component of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to read arbitrary files from temporary folders on the device. | 5.3 |
| 2023-04-17 | CVE-2023-28968 | Allocation of Resources Without Limits or Throttling vulnerability in Juniper Appid Service Sigpack, Jdpi-Decoder Engine and Junos An Improperly Controlled Sequential Memory Allocation vulnerability in the Juniper Networks Deep Packet Inspection-Decoder (JDPI-Decoder) Application Signature component of Junos OS's AppID service on SRX Series devices will stop the JDPI-Decoder from identifying dynamic application traffic, allowing an unauthenticated network-based attacker to send traffic to the target device using the JDPI-Decoder, designed to inspect dynamic application traffic and take action upon this traffic, to instead begin to not take action and to pass the traffic through. | 5.3 |
| 2023-04-17 | CVE-2023-28970 | Improper Handling of Exceptional Conditions vulnerability in Juniper Junos An Improper Check or Handling of Exceptional Conditions vulnerability in packet processing on the network interfaces of Juniper Networks Junos OS on JRR200 route reflector appliances allows an adjacent, network-based attacker sending a specific packet to the device to cause a kernel crash, resulting in a Denial of Service (DoS). | 6.5 |
| 2023-04-17 | CVE-2023-28972 | Link Following vulnerability in Juniper Junos An Improper Link Resolution Before File Access vulnerability in console port access of Juniper Networks Junos OS on NFX Series allows an attacker to bypass console access controls. | 6.8 |
| 2023-04-17 | CVE-2023-28974 | Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos An Improper Check for Unusual or Exceptional Conditions vulnerability in the bbe-smgd of Juniper Networks Junos OS allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). | 6.5 |
| 2023-04-17 | CVE-2023-28975 | Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos An Unexpected Status Code or Return Value vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated attacker with physical access to the device to cause a Denial of Service (DoS). | 4.6 |
| 2023-01-13 | CVE-2023-22395 | Memory Leak vulnerability in Juniper Junos A Missing Release of Memory after Effective Lifetime vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). | 6.5 |
| 2023-01-13 | CVE-2023-22397 | Allocation of Resources Without Limits or Throttling vulnerability in Juniper Junos OS Evolved An Allocation of Resources Without Limits or Throttling weakness in the memory management of the Packet Forwarding Engine (PFE) on Juniper Networks Junos OS Evolved PTX10003 Series devices allows an adjacently located attacker who has established certain preconditions and knowledge of the environment to send certain specific genuine packets to begin a Time-of-check Time-of-use (TOCTOU) Race Condition attack which will cause a memory leak to begin. | 6.1 |
| 2023-01-13 | CVE-2023-22398 | Access of Uninitialized Pointer vulnerability in Juniper Junos 15.1/19.1/19.2 An Access of Uninitialized Pointer vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). | 5.5 |
| 2023-01-13 | CVE-2023-22402 | Use After Free vulnerability in Juniper Junos OS Evolved A Use After Free vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). | 5.9 |