VYPR

Junos

by Juniper Networks

CVEs (766)

  • CVE-2019-0043Apr 10, 2019
    risk 0.00cvss epss 0.01

    In MPLS environments, receipt of a specific SNMP packet may cause the routing protocol daemon (RPD) process to crash and restart. By continuously sending a specially crafted SNMP packet, an attacker can repetitively crash the RPD process causing prolonged denial of service. No…

  • CVE-2019-0041Apr 10, 2019
    risk 0.00cvss epss 0.01

    On EX4300-MP Series devices with any lo0 filters applied, transit network traffic may reach the control plane via loopback interface (lo0). The device may fail to forward such traffic. This issue affects Juniper Networks Junos OS 18.2 versions prior to 18.2R1-S2, 18.2R2 on…

  • CVE-2019-0040Apr 10, 2019
    risk 0.00cvss epss 0.02

    On Junos OS, rpcbind should only be listening to port 111 on the internal routing instance (IRI). External packets destined to port 111 should be dropped. Due to an information leak vulnerability, responses were being generated from the source address of the management interface…

  • CVE-2019-0039Apr 10, 2019
    risk 0.00cvss epss 0.01

    If REST API is enabled, the Junos OS login credentials are vulnerable to brute force attacks. The high default connection limit of the REST API may allow an attacker to brute-force passwords using advanced scripting techniques. Additionally, administrators who do not enforce a…

  • CVE-2019-0038Apr 10, 2019
    risk 0.00cvss epss 0.01

    Crafted packets destined to the management interface (fxp0) of an SRX340 or SRX345 services gateway may create a denial of service (DoS) condition due to buffer space exhaustion. This issue only affects the SRX340 and SRX345 services gateways. No other products or platforms are…

  • CVE-2019-0037Apr 10, 2019
    risk 0.00cvss epss 0.01

    In a Dynamic Host Configuration Protocol version 6 (DHCPv6) environment, the jdhcpd daemon may crash and restart upon receipt of certain DHCPv6 solicit messages received from a DHCPv6 client. By continuously sending the same crafted packet, an attacker can repeatedly crash the…

  • CVE-2019-0036Apr 10, 2019
    risk 0.00cvss epss 0.01

    When configuring a stateless firewall filter in Junos OS, terms named using the format "internal-n" (e.g. "internal-1", "internal-2", etc.) are silently ignored. No warning is issued during configuration, and the config is committed without error, but the filter criteria will…

  • CVE-2019-0035Apr 10, 2019
    risk 0.00cvss epss 0.00

    When "set system ports console insecure" is enabled, root login is disallowed for Junos OS as expected. However, the root password can be changed using "set system root-authentication plain-text-password" on systems booted from an OAM (Operations, Administration, and…

  • CVE-2019-0033Apr 10, 2019
    risk 0.00cvss epss 0.02

    A firewall bypass vulnerability in the proxy ARP service of Juniper Networks Junos OS allows an attacker to cause a high CPU condition leading to a Denial of Service (DoS). This issue affects only IPv4. Affected releases are Juniper Networks Junos OS: 12.1X46 versions above and…

  • CVE-2019-0031Apr 10, 2019
    risk 0.00cvss epss 0.02

    Specific IPv6 DHCP packets received by the jdhcpd daemon will cause a memory resource consumption issue to occur on a Junos OS device using the jdhcpd daemon configured to respond to IPv6 requests. Once started, memory consumption will eventually impact any IPv4 or IPv6 request…

  • CVE-2019-0028Apr 10, 2019
    risk 0.00cvss epss 0.01

    On Junos devices with the BGP graceful restart helper mode enabled or the BGP graceful restart mechanism enabled, a BGP session restart on a remote peer that has the graceful restart mechanism enabled may cause the local routing protocol daemon (RPD) process to crash and…

  • CVE-2019-0019Apr 10, 2019
    risk 0.00cvss epss 0.01

    When BGP tracing is enabled an incoming BGP message may cause the Junos OS routing protocol daemon (rpd) process to crash and restart. While rpd restarts after a crash, repeated crashes can result in an extended DoS condition. Affected releases are Juniper Networks Junos OS:…

  • CVE-2019-0008Apr 10, 2019
    risk 0.00cvss epss 0.05

    A certain sequence of valid BGP or IPv6 BFD packets may trigger a stack based buffer overflow in the Junos OS Packet Forwarding Engine manager (FXPC) process on QFX5000 series, EX4300, EX4600 devices. This issue can result in a crash of the fxpc daemon or may potentially lead to…

  • CVE-2019-0015Jan 15, 2019
    risk 0.00cvss epss 0.01

    A vulnerability in the SRX Series Service Gateway allows deleted dynamic VPN users to establish dynamic VPN connections until the device is rebooted. A deleted dynamic VPN connection should be immediately disallowed from establishing new VPN connections. Due to an error in token…

  • CVE-2019-0011Jan 15, 2019
    risk 0.00cvss epss 0.01

    The Junos OS kernel crashes after processing a specific incoming packet to the out of band management interface (such as fxp0, me0, em0, vme0) destined for another address. By continuously sending this type of packet, an attacker can repeatedly crash the kernel causing a…

  • CVE-2019-0012Jan 15, 2019
    risk 0.00cvss epss 0.02

    A Denial of Service (DoS) vulnerability in BGP in Juniper Networks Junos OS configured as a VPLS PE allows an attacker to craft a specific BGP message to cause the routing protocol daemon (rpd) process to crash and restart. While rpd restarts after a crash, repeated crashes can…

  • CVE-2019-0007Jan 15, 2019
    risk 0.00cvss epss 0.02

    The vMX Series software uses a predictable IP ID Sequence Number. This leaves the system as well as clients connecting through the device susceptible to a family of attacks which rely on the use of predictable IP ID sequence numbers as their base method of attack. This issue was…

  • CVE-2019-0010Jan 15, 2019
    risk 0.00cvss epss 0.03

    An SRX Series Service Gateway configured for Unified Threat Management (UTM) may experience a system crash with the error message "mbuf exceed" -- an indication of memory buffer exhaustion -- due to the receipt of crafted HTTP traffic. Each crafted HTTP packet inspected by UTM…

  • CVE-2019-0001Jan 15, 2019
    risk 0.00cvss epss 0.03

    Receipt of a malformed packet on MX Series devices with dynamic vlan configuration can trigger an uncontrolled recursion loop in the Broadband Edge subscriber management daemon (bbe-smgd), and lead to high CPU usage and a crash of the bbe-smgd service. Repeated receipt of the…

  • CVE-2019-0013Jan 15, 2019
    risk 0.00cvss epss 0.02

    The routing protocol daemon (RPD) process will crash and restart when a specific invalid IPv4 PIM Join packet is received. While RPD restarts after a crash, repeated crashes can result in an extended Denial of Service (DoS) condition. This issue only affects IPv4 PIM. IPv6 PIM…

Page 34 of 39