VYPR

Junos

by Juniper Networks

CVEs (766)

  • CVE-2021-0204Jan 15, 2021
    risk 0.00cvss epss 0.00

    A sensitive information disclosure vulnerability in delta-export configuration utility (dexp) of Juniper Networks Junos OS may allow a locally authenticated shell user the ability to create and read database files generated by the dexp utility, including password hashes of local…

  • CVE-2021-0203Jan 15, 2021
    risk 0.00cvss epss 0.01

    On Juniper Networks EX and QFX5K Series platforms configured with Redundant Trunk Group (RTG), Storm Control profile applied on the RTG interface might not take affect when it reaches the threshold condition. Storm Control enables the device to monitor traffic levels and to drop…

  • CVE-2021-0202Jan 15, 2021
    risk 0.00cvss epss 0.01

    On Juniper Networks MX Series and EX9200 Series platforms with Trio-based MPC (Modular Port Concentrator) where Integrated Routing and Bridging (IRB) interface is configured and it is mapped to a VPLS instance or a Bridge-Domain, certain network events at Customer Edge (CE)…

  • CVE-2020-1689Oct 16, 2020
    risk 0.00cvss epss 0.01

    On Juniper Networks EX4300-MP Series, EX4600 Series and QFX5K Series deployed in a Virtual Chassis configuration, receipt of a stream of specific layer 2 frames can cause high CPU load, which could lead to traffic interruption. This issue does not occur when the device is…

  • CVE-2020-1688Oct 16, 2020
    risk 0.00cvss epss 0.00

    On Juniper Networks SRX Series and NFX Series, a local authenticated user with access to the shell may obtain the Web API service private key that is used to provide encrypted communication between the Juniper device and the authenticator services. Exploitation of this…

  • CVE-2020-1687Oct 16, 2020
    risk 0.00cvss epss 0.00

    On Juniper Networks EX4300-MP Series, EX4600 Series and QFX5K Series deployed in (Ethernet VPN) EVPN-(Virtual Extensible LAN) VXLAN configuration, receipt of a stream of specific VXLAN encapsulated layer 2 frames can cause high CPU load, which could lead to network protocol…

  • CVE-2020-1686Oct 16, 2020
    risk 0.00cvss epss 0.01

    On Juniper Networks Junos OS devices, receipt of a malformed IPv6 packet may cause the system to crash and restart (vmcore). This issue can be trigged by a malformed IPv6 packet destined to the Routing Engine. An attacker can repeatedly send the offending packet resulting in an…

  • CVE-2020-1685Oct 16, 2020
    risk 0.00cvss epss 0.01

    When configuring stateless firewall filters in Juniper Networks EX4600 and QFX 5000 Series devices using Virtual Extensible LAN protocol (VXLAN), the discard action will fail to discard traffic under certain conditions. Given a firewall filter configuration similar to: family…

  • CVE-2020-1684Oct 16, 2020
    risk 0.00cvss epss 0.01

    On Juniper Networks SRX Series configured with application identification inspection enabled, receipt of specific HTTP traffic can cause high CPU load utilization, which could lead to traffic interruption. Application identification is enabled by default and is automatically…

  • CVE-2020-1683Oct 16, 2020
    risk 0.00cvss epss 0.01

    On Juniper Networks Junos OS devices, a specific SNMP OID poll causes a memory leak which over time leads to a kernel crash (vmcore). Prior to the kernel crash other processes might be impacted, such as failure to establish SSH connection to the device. The administrator can…

  • CVE-2020-1682Oct 16, 2020
    risk 0.00cvss epss 0.00

    An input validation vulnerability exists in Juniper Networks Junos OS, allowing an attacker to crash the srxpfe process, causing a Denial of Service (DoS) through the use of specific maintenance commands. The srxpfe process restarts automatically, but continuous execution of the…

  • CVE-2020-1680Oct 16, 2020
    risk 0.00cvss epss 0.01

    On Juniper Networks MX Series with MS-MIC or MS-MPC card configured with NAT64 configuration, receipt of a malformed IPv6 packet may crash the MS-PIC component on MS-MIC or MS-MPC. This issue occurs when a multiservice card is translating the malformed IPv6 packet to IPv4…

  • CVE-2020-1679Oct 16, 2020
    risk 0.00cvss epss 0.01

    On Juniper Networks PTX and QFX Series devices with packet sampling configured using tunnel-observation mpls-over-udp, sampling of a malformed packet can cause the Kernel Routing Table (KRT) queue to become stuck. KRT is the module within the Routing Process Daemon (RPD) that…

  • CVE-2020-1678Oct 16, 2020
    risk 0.00cvss epss 0.00

    On Juniper Networks Junos OS and Junos OS Evolved platforms with EVPN configured, receipt of specific BGP packets causes a slow memory leak. If the memory is exhausted the rpd process might crash. If the issue occurs, the memory leak could be seen by executing the "show task…

  • CVE-2020-1673Oct 16, 2020
    risk 0.00cvss epss 0.02

    Insufficient Cross-Site Scripting (XSS) protection in Juniper Networks J-Web and web based (HTTP/HTTPS) services allows an unauthenticated attacker to hijack the target user's HTTP/HTTPS session and perform administrative actions on the Junos device as the targeted user. This…

  • CVE-2020-1672Oct 16, 2020
    risk 0.00cvss epss 0.01

    On Juniper Networks Junos OS devices configured with DHCPv6 relay enabled, receipt of a specific DHCPv6 packet might crash the jdhcpd daemon. The jdhcpd daemon automatically restarts without intervention, but continuous receipt of specific crafted DHCP messages will repeatedly…

  • CVE-2020-1671Oct 16, 2020
    risk 0.00cvss epss 0.01

    On Juniper Networks Junos OS platforms configured as DHCPv6 local server or DHCPv6 Relay Agent, Juniper Networks Dynamic Host Configuration Protocol Daemon (JDHCPD) process might crash with a core dump if a malformed DHCPv6 packet is received, resulting with the restart of the…

  • CVE-2020-1670Oct 16, 2020
    risk 0.00cvss epss 0.01

    On Juniper Networks EX4300 Series, receipt of a stream of specific IPv4 packets can cause Routing Engine (RE) high CPU load, which could lead to network protocol operation issue and traffic interruption. This specific packets can originate only from within the broadcast domain…

  • CVE-2020-1669Oct 16, 2020
    risk 0.00cvss epss 0.00

    The Juniper Device Manager (JDM) container, used by the disaggregated Junos OS architecture on Juniper Networks NFX350 Series devices, stores password hashes in the world-readable file /etc/passwd. This is not a security best current practice as it can allow an attacker with…

  • CVE-2020-1668Oct 16, 2020
    risk 0.00cvss epss 0.01

    On Juniper Networks EX2300 Series, receipt of a stream of specific multicast packets by the layer2 interface can cause high CPU load, which could lead to traffic interruption. This issue occurs when multicast packets are received by the layer 2 interface. To check if the device…

Page 29 of 39