Juniper Junos vulnerabilities

CVE-2020-10188 [CRITICAL] CWE-120 CVE-2020-10188: utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions.

CVE-2015-3006 [MEDIUM] CWE-331 CVE-2015-3006: On the QFX3500 and QFX3600 platforms, the number of bytes collected from the RANDOM_INTERRUPT entrop On the QFX3500 and QFX3600 platforms, the number of bytes collected from the RANDOM_INTERRUPT entropy source when the device boots up is insufficient, possibly leading to weak or duplicate SSH keys or self-signed SSL/TLS certificates. Entropy increases after the system has been up and running for some time, but immediately after boot, the entropy is v

CVE-2015-5361 [MEDIUM] CWE-326 CVE-2015-5361: Background For regular, unencrypted FTP traffic, the FTP ALG can inspect the unencrypted control cha Background For regular, unencrypted FTP traffic, the FTP ALG can inspect the unencrypted control channel and open related sessions for the FTP data channel. These related sessions (gates) are specific to source and destination IPs and ports of client and server. The design intent of the ftps-extensions option (which is disabled by default) is to provi

CVE-2014-6447 [HIGH] CWE-79 CVE-2014-6447: Multiple vulnerabilities exist in Juniper Junos J-Web error handling that may lead to cross site scr Multiple vulnerabilities exist in Juniper Junos J-Web error handling that may lead to cross site scripting (XSS) issues or crash the J-Web service (DoS). This affects Juniper Junos OS 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D20, 12.3 before 12.3R8, 12.3X48 before 12.3X48-D10, 13.1 before 13.1R5, 13.2 before 13.2R6,

CVE-2020-1603 [HIGH] CWE-710 CVE-2020-1603: Specific IPv6 packets sent by clients processed by the Routing Engine (RE) are improperly handled. T Specific IPv6 packets sent by clients processed by the Routing Engine (RE) are improperly handled. These IPv6 packets are designed to be blocked by the RE from egressing the RE. Instead, the RE allows these specific IPv6 packets to egress the RE, at which point a mbuf memory leak occurs within the Juniper Networks Junos OS device. This memory leak event

CVE-2020-1608 [HIGH] CVE-2020-1608: Receipt of a specific MPLS or IPv6 packet on the core facing interface of an MX Series device config Receipt of a specific MPLS or IPv6 packet on the core facing interface of an MX Series device configured for Broadband Edge (BBE) service may trigger a kernel crash (vmcore), causing the device to reboot. The issue is specific to the processing of packets destined to BBE clients connected to MX Series subscriber management platforms. This issue affects MX Serie

CVE-2020-1606 [HIGH] CWE-22 CVE-2020-1606: A path traversal vulnerability in the Juniper Networks Junos OS device may allow an authenticated J- A path traversal vulnerability in the Juniper Networks Junos OS device may allow an authenticated J-web user to read files with 'world' readable permission and delete files with 'world' writeable permission. This issue does not affect system files that can be accessed only by root user. This issue affects Juniper Networks Junos OS: 12.3 versions prior to

CVE-2020-1602 [HIGH] CWE-416 CVE-2020-1602: When a device using Juniper Network's Dynamic Host Configuration Protocol Daemon (JDHCPD) process on When a device using Juniper Network's Dynamic Host Configuration Protocol Daemon (JDHCPD) process on Junos OS or Junos OS Evolved which is configured in relay mode it vulnerable to an attacker sending crafted IPv4 packets who may remotely take over the code execution of the JDHDCP process. This issue affect IPv4 JDHCPD services. This issue affects: Juni

CVE-2020-1605 [HIGH] CWE-78 CVE-2020-1605: When a device using Juniper Network's Dynamic Host Configuration Protocol Daemon (JDHCPD) process on When a device using Juniper Network's Dynamic Host Configuration Protocol Daemon (JDHCPD) process on Junos OS or Junos OS Evolved which is configured in relay mode it vulnerable to an attacker sending crafted IPv4 packets who may then arbitrarily execute commands as root on the target device. This issue affects IPv4 JDHCPD services. This issue affects: J

CVE-2020-1609 [HIGH] CWE-78 CVE-2020-1609: When a device using Juniper Network's Dynamic Host Configuration Protocol Daemon (JDHCPD) process on When a device using Juniper Network's Dynamic Host Configuration Protocol Daemon (JDHCPD) process on Junos OS or Junos OS Evolved which is configured in relay mode it vulnerable to an attacker sending crafted IPv6 packets who may then arbitrarily execute commands as root on the target device. This issue affects IPv6 JDHCPD services. This issue affects: J

CVE-2020-1601 [HIGH] CVE-2020-1601: Certain types of malformed Path Computation Element Protocol (PCEP) packets when received and proces Certain types of malformed Path Computation Element Protocol (PCEP) packets when received and processed by a Juniper Networks Junos OS device serving as a Path Computation Client (PCC) in a PCEP environment using Juniper's path computational element protocol daemon (pccd) process allows an attacker to cause the pccd process to crash and generate a core file the

CVE-2014-6448 [HIGH] CWE-269 CVE-2014-6448: Juniper Junos OS 13.2 before 13.2R5, 13.2X51, 13.2X52, and 13.3 before 13.3R3 allow local users to b Juniper Junos OS 13.2 before 13.2R5, 13.2X51, 13.2X52, and 13.3 before 13.3R3 allow local users to bypass intended restrictions and execute arbitrary Python code via vectors involving shell access.

CVE-2020-1604 [MEDIUM] CWE-284 CVE-2020-1604: On EX4300, EX4600, QFX3500, and QFX5100 Series, a vulnerability in the IP firewall filter component On EX4300, EX4600, QFX3500, and QFX5100 Series, a vulnerability in the IP firewall filter component may cause the firewall filter evaluation of certain packets to fail. This issue only affects firewall filter evaluation of certain packets destined to the device Routing Engine (RE). This issue does not affect the Layer 2 firewall filter evaluation nor d

CVE-2020-1607 [MEDIUM] CWE-79 CVE-2020-1607: Insufficient Cross-Site Scripting (XSS) protection in J-Web may potentially allow a remote attacker Insufficient Cross-Site Scripting (XSS) protection in J-Web may potentially allow a remote attacker to inject web script or HTML, hijack the target user's J-Web session and perform administrative actions on the Junos device as the targeted user. This issue affects Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S15; 12.3X48 versions prior to 12

CVE-2020-1600 [MEDIUM] CWE-400 CVE-2020-1600: In a Point-to-Multipoint (P2MP) Label Switched Path (LSP) scenario, an uncontrolled resource consump In a Point-to-Multipoint (P2MP) Label Switched Path (LSP) scenario, an uncontrolled resource consumption vulnerability in the Routing Protocol Daemon (RPD) in Juniper Networks Junos OS allows a specific SNMP request to trigger an infinite loop causing a high CPU usage Denial of Service (DoS) condition. This issue affects both SNMP over IPv4 and IPv6.

CVE-2019-0073 [HIGH] CWE-732 CVE-2019-0073: The PKI keys exported using the command "run request security pki key-pair export" on Junos OS may h The PKI keys exported using the command "run request security pki key-pair export" on Junos OS may have insecure file permissions. This may allow another user on the Junos OS device with shell access to read them. This issue affects: Juniper Networks Junos OS 15.1X49 versions prior to 15.1X49-D180; 17.3 versions prior to 17.3R3-S7; 17.4 versions prior t

CVE-2019-0064 [HIGH] CVE-2019-0064: On SRX5000 Series devices, if 'set security zones security-zone <zone> tcp-rst' is configured, the f On SRX5000 Series devices, if 'set security zones security-zone tcp-rst' is configured, the flowd process may crash when a specific TCP packet is received by the device and triggers a new session. The process restarts automatically. However, receipt of a constant stream of these TCP packets may result in an extended Denial of Service (DoS) condition on the devi

CVE-2019-0057 [HIGH] CVE-2019-0057: An improper authorization weakness in Juniper Networks Junos OS allows a local authenticated attacke An improper authorization weakness in Juniper Networks Junos OS allows a local authenticated attacker to bypass regular security controls to access the Junos Device Manager (JDM) application and take control of the system. This issue affects: Juniper Networks Junos OS versions prior to 18.2R1, 18.2X75-D5.

CVE-2019-0050 [HIGH] CVE-2019-0050: Under certain heavy traffic conditions srxpfe process can crash and result in a denial of service co Under certain heavy traffic conditions srxpfe process can crash and result in a denial of service condition for the SRX1500 device. Repeated crashes of the srxpfe can result in an extended denial of service condition. The SRX device may fail to forward traffic when this condition occurs. Affected releases are Juniper Networks Junos OS: 15.1X49 versions prior to

CVE-2019-0068 [HIGH] CWE-754 CVE-2019-0068: The SRX flowd process, responsible for packet forwarding, may crash and restart when processing spec The SRX flowd process, responsible for packet forwarding, may crash and restart when processing specific multicast packets. By continuously sending the specific multicast packets, an attacker can repeatedly crash the flowd process causing a sustained Denial of Service. This issue affects Juniper Networks Junos OS on SRX Series: 12.3X48 versions prior to