VYPR

Vendor CVEs

Juniper Networks

All CVEs

1,081 total · sorted by risk
  • CVE-2020-1668Oct 16, 2020
    risk 0.00cvss epss 0.01

    On Juniper Networks EX2300 Series, receipt of a stream of specific multicast packets by the layer2 interface can cause high CPU load, which could lead to traffic interruption. This issue occurs when multicast packets are received by the layer 2 interface. To check if the device…

  • CVE-2020-1667Oct 16, 2020
    risk 0.00cvss epss 0.01

    When DNS filtering is enabled on Juniper Networks Junos MX Series with one of the following cards MS-PIC, MS-MIC or MS-MPC, an incoming stream of packets processed by the Multiservices PIC Management Daemon (mspmand) process might be bypassed due to a race condition. Due to this…

  • CVE-2020-1666Oct 16, 2020
    risk 0.00cvss epss 0.00

    The system console configuration option 'log-out-on-disconnect' In Juniper Networks Junos OS Evolved fails to log out an active CLI session when the console cable is disconnected. This could allow a malicious attacker with physical access to the console the ability to resume a…

  • CVE-2020-1665Oct 16, 2020
    risk 0.00cvss epss 0.01

    On Juniper Networks MX Series and EX9200 Series, in a certain condition the IPv6 Distributed Denial of Service (DDoS) protection might not take affect when it reaches the threshold condition. The DDoS protection allows the device to continue to function while it is under DDoS…

  • CVE-2020-1664Oct 16, 2020
    risk 0.00cvss epss 0.00

    A stack buffer overflow vulnerability in the device control daemon (DCD) on Juniper Networks Junos OS allows a low privilege local user to create a Denial of Service (DoS) against the daemon or execute arbitrary code in the system with root privilege. This issue affects Juniper…

  • CVE-2020-1662Oct 16, 2020
    risk 0.00cvss epss 0.01

    On Juniper Networks Junos OS and Junos OS Evolved devices, BGP session flapping can lead to a routing process daemon (RPD) crash and restart, limiting the attack surface to configured BGP peers. This issue only affects devices with BGP damping in combination with…

  • CVE-2020-1661Oct 16, 2020
    risk 0.00cvss epss 0.01

    On Juniper Networks Junos OS devices configured as a DHCP forwarder, the Juniper Networks Dynamic Host Configuration Protocol Daemon (jdhcp) process might crash when receiving a malformed DHCP packet. This issue only affects devices configured as DHCP forwarder with forward-only…

  • CVE-2020-1660Oct 16, 2020
    risk 0.00cvss epss 0.01

    When DNS filtering is enabled on Juniper Networks Junos MX Series with one of the following cards MS-PIC, MS-MIC or MS-MPC, an incoming stream of packets processed by the Multiservices PIC Management Daemon (mspmand) process, responsible for managing "URL Filtering service", may…

  • CVE-2020-1657Oct 16, 2020
    risk 0.00cvss epss 0.01

    On SRX Series devices, a vulnerability in the key-management-daemon (kmd) daemon of Juniper Networks Junos OS allows an attacker to spoof packets targeted to IPSec peers before a security association (SA) is established thereby causing a failure to set up the IPSec channel.…

  • CVE-2020-1656Oct 16, 2020
    risk 0.00cvss epss 0.01

    The DHCPv6 Relay-Agent service, part of the Juniper Enhanced jdhcpd daemon shipped with Juniper Networks Junos OS has an Improper Input Validation vulnerability which will result in a Denial of Service (DoS) condition when a DHCPv6 client sends a specific DHPCv6 message allowing…

  • CVE-2020-1655Jul 17, 2020
    risk 0.00cvss epss 0.01

    When a device running Juniper Networks Junos OS with MPC7, MPC8, or MPC9 line cards installed and the system is configured for inline IP reassembly, used by L2TP, MAP-E, GRE, and IPIP, the packet forwarding engine (PFE) will become disabled upon receipt of large packets…

  • CVE-2020-1654Jul 17, 2020
    risk 0.00cvss epss 0.02

    On Juniper Networks SRX Series with ICAP (Internet Content Adaptation Protocol) redirect service enabled, processing a malformed HTTP message can lead to a Denial of Service (DoS) or Remote Code Execution (RCE) Continued processing of this malformed HTTP message may result in an…

  • CVE-2020-1653Jul 17, 2020
    risk 0.00cvss epss 0.02

    On Juniper Networks Junos OS devices, a stream of TCP packets sent to the Routing Engine (RE) may cause mbuf leak which can lead to Flexible PIC Concentrator (FPC) crash or the system to crash and restart (vmcore). This issue can be trigged by IPv4 or IPv6 and it is caused only…

  • CVE-2020-1652Jul 17, 2020
    risk 0.00cvss epss 0.01

    OpenNMS is accessible via port 9443

  • CVE-2020-1651Jul 17, 2020
    risk 0.00cvss epss 0.00

    On Juniper Networks MX series, receipt of a stream of specific Layer 2 frames may cause a memory leak resulting in the packet forwarding engine (PFE) on the line card to crash and restart, causing traffic interruption. By continuously sending this stream of specific layer 2…

  • CVE-2020-1650Jul 17, 2020
    risk 0.00cvss epss 0.01

    On Juniper Networks Junos MX Series with service card configured, receipt of a stream of specific packets may crash the MS-PIC component on MS-MIC or MS-MPC. By continuously sending these specific packets, an attacker can repeatedly bring down MS-PIC on MS-MIC/MS-MPC causing a…

  • CVE-2020-1649Jul 17, 2020
    risk 0.00cvss epss 0.01

    When a device running Juniper Networks Junos OS with MPC7, MPC8, or MPC9 line cards installed and the system is configured for inline IP reassembly, used by L2TP, MAP-E, GRE, and IPIP, the packet forwarding engine (PFE) will become disabled upon receipt of small fragments…

  • CVE-2020-1648Jul 17, 2020
    risk 0.00cvss epss 0.01

    On Juniper Networks Junos OS and Junos OS Evolved devices, processing a specific BGP packet can lead to a routing process daemon (RPD) crash and restart. This issue can occur even before the BGP session with the peer is established. Repeated receipt of this specific BGP packet…

  • CVE-2020-1647Jul 17, 2020
    risk 0.00cvss epss 0.03

    On Juniper Networks SRX Series with ICAP (Internet Content Adaptation Protocol) redirect service enabled, a double free vulnerability can lead to a Denial of Service (DoS) or Remote Code Execution (RCE) due to processing of a specific HTTP message. Continued processing of this…

  • CVE-2020-1646Jul 17, 2020
    risk 0.00cvss epss 0.01

    On Juniper Networks Junos OS and Junos OS Evolved devices, processing a specific UPDATE for an EBGP peer can lead to a routing process daemon (RPD) crash and restart. This issue occurs only when the device is receiving and processing the BGP UPDATE for an EBGP peer. This issue…

  • CVE-2020-1645Jul 17, 2020
    risk 0.00cvss epss 0.01

    When DNS filtering is enabled on Juniper Networks Junos MX Series with one of the following cards MS-PIC, MS-MIC or MS-MPC, an incoming stream of packets processed by the Multiservices PIC Management Daemon (mspmand) process, responsible for managing "URL Filtering service", may…

  • CVE-2020-1644Jul 17, 2020
    risk 0.00cvss epss 0.01

    On Juniper Networks Junos OS and Junos OS Evolved devices, the receipt of a specific BGP UPDATE packet causes an internal counter to be incremented incorrectly, which over time can lead to the routing protocols process (RPD) crash and restart. This issue affects both IBGP and…

  • CVE-2020-1643Jul 17, 2020
    risk 0.00cvss epss 0.00

    Execution of the "show ospf interface extensive" or "show ospf interface detail" CLI commands on a Juniper Networks device running Junos OS may cause the routing protocols process (RPD) to crash and restart if OSPF interface authentication is configured, leading to a Denial of…

  • CVE-2020-1641Jul 17, 2020
    risk 0.00cvss epss 0.00

    A Race Condition vulnerability in Juniper Networks Junos OS LLDP implementation allows an attacker to cause LLDP to crash leading to a Denial of Service (DoS). This issue occurs when crafted LLDP packets are received by the device from an adjacent device. Multiple LACP flaps…

  • CVE-2020-1640Jul 17, 2020
    risk 0.00cvss epss 0.01

    An improper use of a validation framework when processing incoming genuine BGP packets within Juniper Networks RPD (routing protocols process) daemon allows an attacker to crash RPD thereby causing a Denial of Service (DoS) condition. This framework requires these packets to be…

  • CVE-2020-1632Apr 15, 2020
    risk 0.00cvss epss 0.01

    In a certain condition, receipt of a specific BGP UPDATE message might cause Juniper Networks Junos OS and Junos OS Evolved devices to advertise an invalid BGP UPDATE message to other peers, causing the other peers to terminate the established BGP session, creating a Denial of…

  • CVE-2020-1633Apr 9, 2020
    risk 0.00cvss epss 0.01

    Due to a new NDP proxy feature for EVPN leaf nodes introduced in Junos OS 17.4, crafted NDPv6 packets could transit a Junos device configured as a Broadband Network Gateway (BNG) and reach the EVPN leaf node, causing a stale MAC address entry. This could cause legitimate traffic…

  • CVE-2020-1639Apr 8, 2020
    risk 0.00cvss epss 0.01

    When an attacker sends a specific crafted Ethernet Operation, Administration, and Maintenance (Ethernet OAM) packet to a target device, it may improperly handle the incoming malformed data and fail to sanitize this incoming data resulting in an overflow condition. This overflow…

  • CVE-2020-1638Apr 8, 2020
    risk 0.00cvss epss 0.01

    The FPC (Flexible PIC Concentrator) of Juniper Networks Junos OS and Junos OS Evolved may restart after processing a specific IPv4 packet. Only packets destined to the device itself, successfully reaching the RE through existing edge and control plane filtering, will be able to…

  • CVE-2020-1637Apr 8, 2020
    risk 0.00cvss epss 0.01

    A vulnerability in Juniper Networks SRX Series device configured as a Junos OS Enforcer device may allow a user to access network resources that are not permitted by a UAC policy. This issue might occur when the IP address range configured in the Infranet Controller (IC) is…

  • CVE-2020-1634Apr 8, 2020
    risk 0.00cvss epss 0.01

    On High-End SRX Series devices, in specific configurations and when specific networking events or operator actions occur, an SPC receiving genuine multicast traffic may core. Subsequently, all FPCs in a chassis may reset causing a Denial of Service. This issue affects both IPv4…

  • CVE-2020-1630Apr 8, 2020
    risk 0.00cvss epss 0.00

    A privilege escalation vulnerability in Juniper Networks Junos OS devices configured with dual Routing Engines (RE), Virtual Chassis (VC) or high-availability cluster may allow a local authenticated low-privileged user with access to the shell to perform unauthorized…

  • CVE-2020-1629Apr 8, 2020
    risk 0.00cvss epss 0.01

    A race condition vulnerability on Juniper Network Junos OS devices may cause the routing protocol daemon (RPD) process to crash and restart while processing a BGP NOTIFICATION message. This issue affects Juniper Networks Junos OS: 16.1 versions prior to 16.1R7-S6; 16.2 versions…

  • CVE-2020-1628Apr 8, 2020
    risk 0.00cvss epss 0.01

    Juniper Networks Junos OS uses the 128.0.0.0/2 subnet for internal communications between the RE and PFEs. It was discovered that packets utilizing these IP addresses may egress an EX4300 switch, leaking configuration information such as heartbeats, kernel versions, etc. out to…

  • CVE-2020-1627Apr 8, 2020
    risk 0.00cvss epss 0.01

    A vulnerability in Juniper Networks Junos OS on vMX and MX150 devices may allow an attacker to cause a Denial of Service (DoS) by sending specific packets requiring special processing in microcode that the flow cache can't handle, causing the riot forwarding daemon to crash. By…

  • CVE-2020-1626Apr 8, 2020
    risk 0.00cvss epss 0.01

    A vulnerability in Juniper Networks Junos OS Evolved may allow an attacker to cause a Denial of Service (DoS) by sending a high rate of specific packets to the device, resulting in a pfemand process crash. The pfemand process is responsible for packet forwarding on the device.…

  • CVE-2020-1625Apr 8, 2020
    risk 0.00cvss epss 0.01

    The kernel memory usage represented as "temp" via 'show system virtual-memory' may constantly increase when Integrated Routing and Bridging (IRB) is configured with multiple underlay physical interfaces, and one interface flaps. This memory leak can affect running daemons…

  • CVE-2020-1624Apr 8, 2020
    risk 0.00cvss epss 0.00

    A local, authenticated user with shell can obtain the hashed values of login passwords and shared secrets via raw objmon configuration files. This issue affects all versions of Junos OS Evolved prior to 19.1R1.

  • CVE-2020-1623Apr 8, 2020
    risk 0.00cvss epss 0.00

    A local, authenticated user with shell can view sensitive configuration information via the ev.ops configuration file. This issue affects all versions of Junos OS Evolved prior to 19.2R1.

  • CVE-2020-1622Apr 8, 2020
    risk 0.00cvss epss 0.00

    A local, authenticated user with shell can obtain the hashed values of login passwords and shared secrets via the EvoSharedObjStore. This issue affects all versions of Junos OS Evolved prior to 19.1R1.

  • CVE-2020-1621Apr 8, 2020
    risk 0.00cvss epss 0.00

    A local, authenticated user with shell can obtain the hashed values of login passwords via configd traces. This issue affects all versions of Junos OS Evolved prior to 19.3R1.

  • CVE-2020-1620Apr 8, 2020
    risk 0.00cvss epss 0.00

    A local, authenticated user with shell can obtain the hashed values of login passwords via configd streamer log. This issue affects all versions of Junos OS Evolved prior to 19.3R1.

  • CVE-2020-1619Apr 8, 2020
    risk 0.00cvss epss 0.00

    A privilege escalation vulnerability in Juniper Networks QFX10K Series, EX9200 Series, MX Series, and PTX Series with Next-Generation Routing Engine (NG-RE), allows a local authenticated high privileged user to access the underlying WRL host. This issue only affects QFX10K…

  • CVE-2020-1618Apr 8, 2020
    risk 0.00cvss epss 0.00

    On Juniper Networks EX and QFX Series, an authentication bypass vulnerability may allow a user connected to the console port to login as root without any password. This issue might only occur in certain scenarios: • At the first reboot after performing device factory reset…

  • CVE-2020-1617Apr 8, 2020
    risk 0.00cvss epss 0.02

    This issue occurs on Juniper Networks Junos OS devices which do not support Advanced Forwarding Interface (AFI) / Advanced Forwarding Toolkit (AFT). Devices using AFI and AFT are not exploitable to this issue. An improper initialization of memory in the packet forwarding…

  • CVE-2020-1616Apr 8, 2020
    risk 0.00cvss epss 0.01

    Due to insufficient server-side login attempt limit enforcement, a vulnerability in the SSH login service of Juniper Networks Juniper Advanced Threat Prevention (JATP) Series and Virtual JATP (vJATP) devices allows an unauthenticated, remote attacker to perform multiple login…

  • CVE-2020-1615Apr 8, 2020
    risk 0.00cvss epss 0.02

    The factory configuration for vMX installations, as shipped, includes default credentials for the root account. Without proper modification of these default credentials by the administrator, an attacker could exploit these credentials and access the vMX instance without…

  • CVE-2020-1614Apr 8, 2020
    risk 0.00cvss epss 0.01

    A Use of Hard-coded Credentials vulnerability exists in the NFX250 Series for the vSRX Virtual Network Function (VNF) instance, which allows an attacker to take control of the vSRX VNF instance if they have the ability to access an administrative service (e.g. SSH) on the VNF,…

  • CVE-2020-1613Apr 8, 2020
    risk 0.00cvss epss 0.01

    A vulnerability in the BGP FlowSpec implementation may cause a Juniper Networks Junos OS device to terminate an established BGP session upon receiving a specific BGP FlowSpec advertisement. The BGP NOTIFICATION message that terminates an established BGP session is sent toward…

  • CVE-2015-3006Feb 28, 2020
    risk 0.00cvss epss 0.01

    On the QFX3500 and QFX3600 platforms, the number of bytes collected from the RANDOM_INTERRUPT entropy source when the device boots up is insufficient, possibly leading to weak or duplicate SSH keys or self-signed SSL/TLS certificates. Entropy increases after the system has been…

Page 17 of 22