Juniper Junos vulnerabilities

CVE-2021-0210 [MEDIUM] CWE-200 CVE-2021-0210: An Information Exposure vulnerability in J-Web of Juniper Networks Junos OS allows an unauthenticate An Information Exposure vulnerability in J-Web of Juniper Networks Junos OS allows an unauthenticated attacker to elevate their privileges over the target system through opportunistic use of an authenticated users session. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S17; 17.3 versions prior to 17.3R3-S10; 17.4 versions

CVE-2021-0215 [MEDIUM] CWE-400 CVE-2021-0215: On Juniper Networks Junos EX series, QFX Series, MX Series and SRX branch series devices, a memory l On Juniper Networks Junos EX series, QFX Series, MX Series and SRX branch series devices, a memory leak occurs every time the 802.1X authenticator port interface flaps which can lead to other processes, such as the pfex process, responsible for packet forwarding, to crash and restart. An administrator can use the following CLI command to monitor the s

CVE-2020-1660 [CRITICAL] CWE-362 CVE-2020-1660: When DNS filtering is enabled on Juniper Networks Junos MX Series with one of the following cards MS When DNS filtering is enabled on Juniper Networks Junos MX Series with one of the following cards MS-PIC, MS-MIC or MS-MPC, an incoming stream of packets processed by the Multiservices PIC Management Daemon (mspmand) process, responsible for managing "URL Filtering service", may crash, causing the Services PIC to restart. While the Services PIC is r

CVE-2020-1667 [HIGH] CWE-362 CVE-2020-1667: When DNS filtering is enabled on Juniper Networks Junos MX Series with one of the following cards MS When DNS filtering is enabled on Juniper Networks Junos MX Series with one of the following cards MS-PIC, MS-MIC or MS-MPC, an incoming stream of packets processed by the Multiservices PIC Management Daemon (mspmand) process might be bypassed due to a race condition. Due to this vulnerability, mspmand process, responsible for managing "URL Filtering ser

CVE-2020-1664 [HIGH] CWE-121 CVE-2020-1664: A stack buffer overflow vulnerability in the device control daemon (DCD) on Juniper Networks Junos O A stack buffer overflow vulnerability in the device control daemon (DCD) on Juniper Networks Junos OS allows a low privilege local user to create a Denial of Service (DoS) against the daemon or execute arbitrary code in the system with root privilege. This issue affects Juniper Networks Junos OS: 17.3 versions prior to 17.3R3-S9; 17.4 versions prior to

CVE-2020-1662 [HIGH] CWE-20 CVE-2020-1662: On Juniper Networks Junos OS and Junos OS Evolved devices, BGP session flapping can lead to a routin On Juniper Networks Junos OS and Junos OS Evolved devices, BGP session flapping can lead to a routing process daemon (RPD) crash and restart, limiting the attack surface to configured BGP peers. This issue only affects devices with BGP damping in combination with accepted-prefix-limit configuration. When the issue occurs the following messages will appea

CVE-2020-1656 [HIGH] CWE-20 CVE-2020-1656: The DHCPv6 Relay-Agent service, part of the Juniper Enhanced jdhcpd daemon shipped with Juniper Netw The DHCPv6 Relay-Agent service, part of the Juniper Enhanced jdhcpd daemon shipped with Juniper Networks Junos OS has an Improper Input Validation vulnerability which will result in a Denial of Service (DoS) condition when a DHCPv6 client sends a specific DHPCv6 message allowing an attacker to potentially perform a Remote Code Execution (RCE) attack on t

CVE-2020-1672 [HIGH] CWE-20 CVE-2020-1672: On Juniper Networks Junos OS devices configured with DHCPv6 relay enabled, receipt of a specific DHC On Juniper Networks Junos OS devices configured with DHCPv6 relay enabled, receipt of a specific DHCPv6 packet might crash the jdhcpd daemon. The jdhcpd daemon automatically restarts without intervention, but continuous receipt of specific crafted DHCP messages will repeatedly crash jdhcpd, leading to an extended Denial of Service (DoS) condition. Only D

CVE-2020-1683 [HIGH] CWE-401 CVE-2020-1683: On Juniper Networks Junos OS devices, a specific SNMP OID poll causes a memory leak which over time On Juniper Networks Junos OS devices, a specific SNMP OID poll causes a memory leak which over time leads to a kernel crash (vmcore). Prior to the kernel crash other processes might be impacted, such as failure to establish SSH connection to the device. The administrator can monitor the output of the following command to check if there is memory leak cau

CVE-2020-1679 [HIGH] CWE-20 CVE-2020-1679: On Juniper Networks PTX and QFX Series devices with packet sampling configured using tunnel-observat On Juniper Networks PTX and QFX Series devices with packet sampling configured using tunnel-observation mpls-over-udp, sampling of a malformed packet can cause the Kernel Routing Table (KRT) queue to become stuck. KRT is the module within the Routing Process Daemon (RPD) that synchronized the routing tables with the forwarding tables in the kernel. This

CVE-2020-1673 [HIGH] CWE-79 CVE-2020-1673: Insufficient Cross-Site Scripting (XSS) protection in Juniper Networks J-Web and web based (HTTP/HTT Insufficient Cross-Site Scripting (XSS) protection in Juniper Networks J-Web and web based (HTTP/HTTPS) services allows an unauthenticated attacker to hijack the target user's HTTP/HTTPS session and perform administrative actions on the Junos device as the targeted user. This issue only affects Juniper Networks Junos OS devices with HTTP/HTTPS services e

CVE-2020-1686 [HIGH] CWE-415 CVE-2020-1686: On Juniper Networks Junos OS devices, receipt of a malformed IPv6 packet may cause the system to cra On Juniper Networks Junos OS devices, receipt of a malformed IPv6 packet may cause the system to crash and restart (vmcore). This issue can be trigged by a malformed IPv6 packet destined to the Routing Engine. An attacker can repeatedly send the offending packet resulting in an extended Denial of Service condition. Only IPv6 packets can trigger this iss

CVE-2020-1684 [HIGH] CWE-400 CVE-2020-1684: On Juniper Networks SRX Series configured with application identification inspection enabled, receip On Juniper Networks SRX Series configured with application identification inspection enabled, receipt of specific HTTP traffic can cause high CPU load utilization, which could lead to traffic interruption. Application identification is enabled by default and is automatically turned on when Intrusion Detection and Prevention (IDP), AppFW, AppQoS, or AppT

CVE-2020-1657 [HIGH] CWE-408 CVE-2020-1657: On SRX Series devices, a vulnerability in the key-management-daemon (kmd) daemon of Juniper Networks On SRX Series devices, a vulnerability in the key-management-daemon (kmd) daemon of Juniper Networks Junos OS allows an attacker to spoof packets targeted to IPSec peers before a security association (SA) is established thereby causing a failure to set up the IPSec channel. Sustained receipt of these spoofed packets can cause a sustained Denial of Servi

CVE-2020-1671 [HIGH] CWE-119 CVE-2020-1671: On Juniper Networks Junos OS platforms configured as DHCPv6 local server or DHCPv6 Relay Agent, Juni On Juniper Networks Junos OS platforms configured as DHCPv6 local server or DHCPv6 Relay Agent, Juniper Networks Dynamic Host Configuration Protocol Daemon (JDHCPD) process might crash with a core dump if a malformed DHCPv6 packet is received, resulting with the restart of the daemon. This issue only affects DHCPv6, it does not affect DHCPv4. This issue

CVE-2020-1661 [MEDIUM] CVE-2020-1661: On Juniper Networks Junos OS devices configured as a DHCP forwarder, the Juniper Networks Dynamic Ho On Juniper Networks Junos OS devices configured as a DHCP forwarder, the Juniper Networks Dynamic Host Configuration Protocol Daemon (jdhcp) process might crash when receiving a malformed DHCP packet. This issue only affects devices configured as DHCP forwarder with forward-only option, that forward specified DHCP client packets, without creating a new subscr

CVE-2020-1680 [MEDIUM] CWE-131 CVE-2020-1680: On Juniper Networks MX Series with MS-MIC or MS-MPC card configured with NAT64 configuration, receip On Juniper Networks MX Series with MS-MIC or MS-MPC card configured with NAT64 configuration, receipt of a malformed IPv6 packet may crash the MS-PIC component on MS-MIC or MS-MPC. This issue occurs when a multiservice card is translating the malformed IPv6 packet to IPv4 packet. An unauthenticated attacker can continuously send crafted IPv6 packets t

CVE-2020-1689 [MEDIUM] CWE-400 CVE-2020-1689: On Juniper Networks EX4300-MP Series, EX4600 Series and QFX5K Series deployed in a Virtual Chassis c On Juniper Networks EX4300-MP Series, EX4600 Series and QFX5K Series deployed in a Virtual Chassis configuration, receipt of a stream of specific layer 2 frames can cause high CPU load, which could lead to traffic interruption. This issue does not occur when the device is deployed in Stand Alone configuration. The offending layer 2 frame packets can o

CVE-2020-1682 [MEDIUM] CWE-20 CVE-2020-1682: An input validation vulnerability exists in Juniper Networks Junos OS, allowing an attacker to crash An input validation vulnerability exists in Juniper Networks Junos OS, allowing an attacker to crash the srxpfe process, causing a Denial of Service (DoS) through the use of specific maintenance commands. The srxpfe process restarts automatically, but continuous execution of the commands could lead to an extended Denial of Service condition. This issue

CVE-2020-1688 [MEDIUM] CWE-320 CVE-2020-1688: On Juniper Networks SRX Series and NFX Series, a local authenticated user with access to the shell m On Juniper Networks SRX Series and NFX Series, a local authenticated user with access to the shell may obtain the Web API service private key that is used to provide encrypted communication between the Juniper device and the authenticator services. Exploitation of this vulnerability may allow an attacker to decrypt the communications between the Junip