Juniper Junos Os vulnerabilities

CVE-2019-0002 [CRITICAL] CWE-794 CVE-2019-0002: On EX2300 and EX3400 series, stateless firewall filter configuration that uses the action 'policer' in combination with other actions might not take e CVE-2019-0002: On EX2300 and EX3400 series, stateless firewall filter configuration that uses the action 'policer' in combination with other actions might not take effect. When this issue occurs, the output of the command: show pfe filter hw summary will not show the entry for: RACL group Affected re

CVE-2019-0001 [HIGH] CWE-674 CVE-2019-0001: Receipt of a malformed packet on MX Series devices with dynamic vlan configuration can trigger an uncontrolled recursion loop in the Broadband Edge su CVE-2019-0001: Receipt of a malformed packet on MX Series devices with dynamic vlan configuration can trigger an uncontrolled recursion loop in the Broadband Edge subscriber management daemon (bbe-smgd), and lead to high CPU usage and a crash of the bbe-smgd service. Repeated receipt of the same packet c

CVE-2019-0014 [HIGH] CWE-19 CVE-2019-0014: On QFX and PTX Series, receipt of a malformed packet for J-Flow sampling might crash the FPC (Flexible PIC Concentrator) process which causes all inte CVE-2019-0014: On QFX and PTX Series, receipt of a malformed packet for J-Flow sampling might crash the FPC (Flexible PIC Concentrator) process which causes all interfaces to go down. By continuously sending the offending packet, an attacker can repeatedly crash the FPC process causing a sustained Denial

CVE-2019-0012 [HIGH] CVE-2019-0012: A Denial of Service (DoS) vulnerability in BGP in Juniper Networks Junos OS configured as a VPLS PE allows an attacker to craft a specific BGP message CVE-2019-0012: A Denial of Service (DoS) vulnerability in BGP in Juniper Networks Junos OS configured as a VPLS PE allows an attacker to craft a specific BGP message to cause the routing protocol daemon (rpd) process to crash and restart. While rpd restarts after a crash, repeated crashes can result in an extend

CVE-2019-0010 [HIGH] CWE-770 CVE-2019-0010: An SRX Series Service Gateway configured for Unified Threat Management (UTM) may experience a system crash with the error message "mbuf exceed" -- an CVE-2019-0010: An SRX Series Service Gateway configured for Unified Threat Management (UTM) may experience a system crash with the error message "mbuf exceed" -- an indication of memory buffer exhaustion -- due to the receipt of crafted HTTP traffic. Each crafted HTTP packet inspected by UTM consumes mbuf

CVE-2019-0011 [MEDIUM] CVE-2019-0011: The Junos OS kernel crashes after processing a specific incoming packet to the out of band management interface (such as fxp0, me0, em0, vme0) destine CVE-2019-0011: The Junos OS kernel crashes after processing a specific incoming packet to the out of band management interface (such as fxp0, me0, em0, vme0) destined for another address. By continuously sending this type of packet, an attacker can repeatedly crash the kernel causing a sustained Denial of Serv

CVE-2019-0009 [MEDIUM] CVE-2019-0009: On EX2300 and EX3400 series, high disk I/O operations may disrupt the communication between the routing engine (RE) and the packet forwarding engine ( CVE-2019-0009: On EX2300 and EX3400 series, high disk I/O operations may disrupt the communication between the routing engine (RE) and the packet forwarding engine (PFE). In a virtual chassis (VC) deployment, this issue disrupts communication between the VC members. This issue does not affect other Junos platf

CVE-2019-0016 [MEDIUM] CVE-2019-0016: A malicious authenticated user may be able to delete a device from the Junos Space database without the necessary privileges through crafted Ajax inte CVE-2019-0016: A malicious authenticated user may be able to delete a device from the Junos Space database without the necessary privileges through crafted Ajax interactions obtained from another legitimate delete action performed by another administrative user. Affected releases are Juniper Networks Junos Spa

CVE-2019-0013 [MEDIUM] CWE-19 CVE-2019-0013: The routing protocol daemon (RPD) process will crash and restart when a specific invalid IPv4 PIM Join packet is received. While RPD restarts after a CVE-2019-0013: The routing protocol daemon (RPD) process will crash and restart when a specific invalid IPv4 PIM Join packet is received. While RPD restarts after a crash, repeated crashes can result in an extended Denial of Service (DoS) condition. This issue only affects IPv4 PIM. IPv6 PIM is unaffecte

CVE-2019-0005 [MEDIUM] CWE-770 CVE-2019-0005: On EX2300, EX3400, EX4600, QFX3K and QFX5K series, firewall filter configuration cannot perform packet matching on any IPv6 extension headers. This is CVE-2019-0005: On EX2300, EX3400, EX4600, QFX3K and QFX5K series, firewall filter configuration cannot perform packet matching on any IPv6 extension headers. This issue may allow IPv6 packets that should have been blocked to be forwarded. IPv4 packet filtering is unaffected by this vulnerability. Affec

CVE-2019-0015 [MEDIUM] CWE-613 CVE-2019-0015: A vulnerability in the SRX Series Service Gateway allows deleted dynamic VPN users to establish dynamic VPN connections until the device is rebooted. CVE-2019-0015: A vulnerability in the SRX Series Service Gateway allows deleted dynamic VPN users to establish dynamic VPN connections until the device is rebooted. A deleted dynamic VPN connection should be immediately disallowed from establishing new VPN connections. Due to an error in token caching,

CVE-2019-0017 [MEDIUM] CWE-434 CVE-2019-0017: The Junos Space application, which allows Device Image files to be uploaded, has insufficient validity checking which may allow uploading of malicious CVE-2019-0017: The Junos Space application, which allows Device Image files to be uploaded, has insufficient validity checking which may allow uploading of malicious images or scripts, or other content types. Affected releases are Juniper Networks Junos Space versions prior to 18.3R1.

CVE-2019-0003 [MEDIUM] CWE-617 CVE-2019-0003: When a specific BGP flowspec configuration is enabled and upon receipt of a specific matching BGP packet meeting a specific term in the flowspec confi CVE-2019-0003: When a specific BGP flowspec configuration is enabled and upon receipt of a specific matching BGP packet meeting a specific term in the flowspec configuration, a reachable assertion failure occurs, causing the routing protocol daemon (rpd) process to crash with a core file being generate

CVE-2018-0044 [CRITICAL] CWE-287 CVE-2018-0044: An insecure SSHD configuration in Juniper Device Manager (JDM) and host OS on Juniper NFX Series devices may allow remote unauthenticated access if an CVE-2018-0044: An insecure SSHD configuration in Juniper Device Manager (JDM) and host OS on Juniper NFX Series devices may allow remote unauthenticated access if any of the passwords on the system are empty. The affected SSHD configuration has the PermitEmptyPasswords option set to "yes". Affected r

CVE-2018-0051 [HIGH] CWE-20 CVE-2018-0051: A Denial of Service vulnerability in the SIP application layer gateway (ALG) component of Junos OS based platforms allows an attacker to crash MS-PIC, CVE-2018-0051: A Denial of Service vulnerability in the SIP application layer gateway (ALG) component of Junos OS based platforms allows an attacker to crash MS-PIC, MS-MIC, MS-MPC, MS-DPC or SRX flow daemon (flowd) process. This issue affects Junos OS devices with NAT or stateful firewall configuration i

CVE-2018-0046 [HIGH] CWE-79 CVE-2018-0046: A reflected cross-site scripting vulnerability in OpenNMS included with Juniper Networks Junos Space may allow the stealing of sensitive information o CVE-2018-0046: A reflected cross-site scripting vulnerability in OpenNMS included with Juniper Networks Junos Space may allow the stealing of sensitive information or session credentials from Junos Space administrators or perform administrative actions. This issue affects Juniper Networks Junos Space vers

CVE-2018-0048 [HIGH] CWE-400 CVE-2018-0048: A vulnerability in the Routing Protocols Daemon (RPD) with Juniper Extension Toolkit (JET) support can allow a network based unauthenticated attacker CVE-2018-0048: A vulnerability in the Routing Protocols Daemon (RPD) with Juniper Extension Toolkit (JET) support can allow a network based unauthenticated attacker to cause a severe memory exhaustion condition on the device. This can have an adverse impact on the system performance and availability. This

CVE-2018-0047 [HIGH] CWE-79 CVE-2018-0047: A persistent cross-site scripting vulnerability in the UI framework used by Junos Space Security Director may allow authenticated users to inject pers CVE-2018-0047: A persistent cross-site scripting vulnerability in the UI framework used by Junos Space Security Director may allow authenticated users to inject persistent and malicious scripts. This may allow stealing of information or performing actions as a different user when other users access the Se

CVE-2018-0045 [HIGH] CWE-20 CVE-2018-0045: Receipt of a specific Draft-Rosen MVPN control packet may cause the routing protocol daemon (RPD) process to crash and restart or may lead to remote c CVE-2018-0045: Receipt of a specific Draft-Rosen MVPN control packet may cause the routing protocol daemon (RPD) process to crash and restart or may lead to remote code execution. By continuously sending the same specific Draft-Rosen MVPN control packet, an attacker can repeatedly crash the RPD process ca

CVE-2018-0043 [HIGH] CWE-20 CVE-2018-0043: Receipt of a specific MPLS packet may cause the routing protocol daemon (RPD) process to crash and restart or may lead to remote code execution. By co CVE-2018-0043: Receipt of a specific MPLS packet may cause the routing protocol daemon (RPD) process to crash and restart or may lead to remote code execution. By continuously sending specific MPLS packets, an attacker can repeatedly crash the RPD process causing a sustained Denial of Service. This issue