Vulnerabilities > Juniper > Session AND Resource Control

DATE CVE VULNERABILITY TITLE RISK
2021-10-19 CVE-2021-31352 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Juniper Session and Resource Control
An Information Exposure vulnerability in Juniper Networks SRC Series devices configured for NETCONF over SSH permits the negotiation of weak ciphers, which could allow a remote attacker to obtain sensitive information.
network
low complexity
juniper CWE-327
5.3
2021-10-19 CVE-2021-31380 Unspecified vulnerability in Juniper Session and Resource Control
A configuration weakness in the JBoss Application Server (AppSvr) component of Juniper Networks SRC Series allows a remote attacker to send a specially crafted query to cause the web server to disclose sensitive information in the HTTP response which allows the attacker to obtain sensitive information.
network
low complexity
juniper
5.0
2021-10-19 CVE-2021-31381 Unspecified vulnerability in Juniper Session and Resource Control
A configuration weakness in the JBoss Application Server (AppSvr) component of Juniper Networks SRC Series allows a remote attacker to send a specially crafted query to cause the web server to delete files which may allow the attacker to disrupt the integrity and availability of the system.
network
low complexity
juniper
6.4
2008-06-10 CVE-2008-0960 Improper Authentication vulnerability in Juniper Session and Resource Control and SRC PE
SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nexus products; (8) Ingate Firewall 3.1.0 and later and SIParator 3.1.0 and later; (9) HP OpenView SNMP Emanate Master Agent 15.x; and possibly other products relies on the client to specify the HMAC length, which makes it easier for remote attackers to bypass SNMP authentication via a length value of 1, which only checks the first byte.
network
low complexity
cisco ecos-sourceware net-snmp sun ingate juniper CWE-287
critical
10.0