Vulnerabilities in Juniper Networks
893 resultsCVE-2018-0043HIGHJunos OS: RPD daemon crashes upon receipt of specific MPLS packetEPSS 1.2%CVE-2021-0229MEDIUMJunos OS: Receipt of specific packets could lead to Denial of Service in MQTT ServerEPSS 1.2%CVE-2021-0220MEDIUMJunos Space: Shared secrets stored in recoverable format and directly exposed through the UIEPSS 1.2%CVE-2018-0045HIGHJunos OS: RPD daemon crashes due to receipt of specific Draft-Rosen MVPN control packet in Draft-Rosen MVPN configurationEPSS 1.1%CVE-2017-2326—An information disclosure vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allowEPSS 1.1%CVE-2019-0019HIGHBGP packets can trigger rpd crash when BGP tracing is enabled.EPSS 1.1%CVE-2022-22159HIGHJunos OS: An attacker sending crafted packets can cause a traffic and CPU Denial of Service (DoS).EPSS 1.1%CVE-2018-0057MEDIUMJunos OS: authd allows assignment of IP address requested by DHCP subscriber logging in with Option 50 (Requested IP Address)EPSS 1.1%CVE-2017-2305—On Juniper Networks Junos Space versions prior to 16.1R1, due to an insufficient authorization check, readonly users on the Junos Space admiEPSS 1.1%CVE-2022-22241HIGHJunos OS: Vulnerability in J-Web may allow deserialization without authenticationEPSS 1.1%CVE-2019-0022CRITICALJuniper ATP: Two hard coded credentials sharing the same password give an attacker the ability to take control of any installation of the software.EPSS 1.1%CVE-2018-0041CRITICALContrail Service Orchestration: Hardcoded credentials for Keystone service.EPSS 1.1%CVE-2021-31353HIGHJunos OS and Junos OS Evolved: RPD core upon receipt of specific BGP updateEPSS 1.1%CVE-2017-2310—A firewall bypass vulnerability in the host based firewall of Juniper Networks Junos Space versions prior to 16.1R1 may permit certain craftEPSS 1.1%CVE-2021-31384HIGHJunos OS: SRX Series: Under a specific device configuration an attacker can access the devices J-Web management services from any interface, regardless of security settings protecting the serviceEPSS 1.1%CVE-2021-31381MEDIUMSRC Series: A remote attacker sending a specially crafted query may cause the web server to delete filesEPSS 1.1%CVE-2021-0261HIGHJunos OS: Denial of Service vulnerability in J-Web and web based (HTTP/HTTPS) services caused by a high number of specific requestsEPSS 1.1%CVE-2017-2346MEDIUMMS-MPC or MS-MIC crash when passing large fragmented traffic through an ALGEPSS 1.1%CVE-2021-0210MEDIUMJunos OS: Privilege escalation in J-Web due to arbitrary command and code execution via information disclosure from another users active sessionEPSS 1.1%CVE-2021-31380MEDIUMSRC Series: A remote attacker sending a specially crafted query may cause the web server to disclose sensitive informationEPSS 1.1%