Juniper Junos Os vulnerabilities

CVE-2018-0034 [MEDIUM] CWE-20 CVE-2018-0034: A Denial of Service vulnerability exists in the Juniper Networks Junos OS JDHCPD daemon which allows an attacker to core the JDHCPD daemon by sending CVE-2018-0034: A Denial of Service vulnerability exists in the Juniper Networks Junos OS JDHCPD daemon which allows an attacker to core the JDHCPD daemon by sending a crafted IPv6 packet to the system. This issue is limited to systems which receives IPv6 DHCP packets on a system configured for DHCP proce

CVE-2018-0031 [MEDIUM] CWE-400 CVE-2018-0031: Receipt of specially crafted UDP/IP packets over MPLS may be able to bypass a stateless firewall filter. The crafted UDP packets must be encapsulated CVE-2018-0031: Receipt of specially crafted UDP/IP packets over MPLS may be able to bypass a stateless firewall filter. The crafted UDP packets must be encapsulated and meet a very specific packet format to be classified in a way that bypasses IP firewall filter rules. The packets themselves do not caus

CVE-2018-0026 [MEDIUM] CVE-2018-0026: After Junos OS device reboot or upgrade, the stateless firewall filter configuration may not take effect. This issue can be verified by running the co CVE-2018-0026: After Junos OS device reboot or upgrade, the stateless firewall filter configuration may not take effect. This issue can be verified by running the command: user@re0> show interfaces extensive | match filters" CAM destination filters: 0, CAM source filters: 0 Note: when the issue occurs, it does

CVE-2018-0016 [CRITICAL] CVE-2018-0016: Receipt of a specially crafted Connectionless Network Protocol (CLNP) datagram destined to an interface of a Junos OS device may result in a kernel cr CVE-2018-0016: Receipt of a specially crafted Connectionless Network Protocol (CLNP) datagram destined to an interface of a Junos OS device may result in a kernel crash or lead to remote code execution. Devices are only vulnerable to the specially crafted CLNP datagram if 'clns-routing' or ES-IS is explicitl

CVE-2018-0018 [HIGH] CWE-200 CVE-2018-0018: On SRX Series devices during compilation of IDP policies, an attacker sending specially crafted packets may be able to bypass firewall rules, leading CVE-2018-0018: On SRX Series devices during compilation of IDP policies, an attacker sending specially crafted packets may be able to bypass firewall rules, leading to information disclosure which an attacker may use to gain control of the target device or other internal devices, systems or services prote

CVE-2018-0022 [HIGH] CWE-400 CVE-2018-0022: A Junos device with VPLS routing-instances configured on one or more interfaces may be susceptible to an mbuf leak when processing a specific MPLS pac CVE-2018-0022: A Junos device with VPLS routing-instances configured on one or more interfaces may be susceptible to an mbuf leak when processing a specific MPLS packet. Approximately 1 mbuf is leaked per each packet processed. The number of mbufs is platform dependent. The following command provides the

CVE-2018-0021 [HIGH] CVE-2018-0021: If all 64 digits of the connectivity association name (CKN) key or all 32 digits of the connectivity association key (CAK) key are not configured, all CVE-2018-0021: If all 64 digits of the connectivity association name (CKN) key or all 32 digits of the connectivity association key (CAK) key are not configured, all remaining digits will be auto-configured to 0. Hence, Juniper devices configured with short MacSec keys are at risk to an increased likelihood that

CVE-2018-0020 [HIGH] CWE-20 CVE-2018-0020: Junos OS may be impacted by the receipt of a malformed BGP UPDATE which can lead to a routing process daemon (rpd) crash and restart. Receipt of a rep CVE-2018-0020: Junos OS may be impacted by the receipt of a malformed BGP UPDATE which can lead to a routing process daemon (rpd) crash and restart. Receipt of a repeated malformed BGP UPDATEs can result in an extended denial of service condition for the device. This malformed BGP UPDATE does not propagat

CVE-2018-0017 [HIGH] CWE-20 CVE-2018-0017: A vulnerability in the Network Address Translation - Protocol Translation (NAT-PT) feature of Junos OS on SRX series devices may allow a certain valid CVE-2018-0017: A vulnerability in the Network Address Translation - Protocol Translation (NAT-PT) feature of Junos OS on SRX series devices may allow a certain valid IPv6 packet to crash the flowd daemon. Repeated crashes of the flowd daemon can result in an extended denial of service condition for the SR

CVE-2018-0019 [MEDIUM] CWE-20 CVE-2018-0019: A vulnerability in Junos OS SNMP MIB-II subagent daemon (mib2d) may allow a remote network based attacker to cause the mib2d process to crash resultin CVE-2018-0019: A vulnerability in Junos OS SNMP MIB-II subagent daemon (mib2d) may allow a remote network based attacker to cause the mib2d process to crash resulting in a denial of service condition (DoS) for the SNMP subsystem. While a mib2d process crash can disrupt the network monitoring via SNMP, i

CVE-2018-0023 [MEDIUM] CWE-276 CVE-2018-0023: JSNAPy is an open source python version of Junos Snapshot Administrator developed by Juniper available through github. The default configuration and s CVE-2018-0023: JSNAPy is an open source python version of Junos Snapshot Administrator developed by Juniper available through github. The default configuration and sample files of JSNAPy automation tool versions prior to 1.3.0 are created world writable. This insecure file and directory permission allo

CVE-2014-3413 [CRITICAL] CWE-798 CVE-2014-3413: The MySQL server in Juniper Networks Junos Space before 13.3R1.8 has an unspecified account with a hardcoded password, which allows remote attackers t CVE-2014-3413: The MySQL server in Juniper Networks Junos Space before 13.3R1.8 has an unspecified account with a hardcoded password, which allows remote attackers to obtain sensitive information and consequently obtain administrative control by leveraging database access.

CVE-2018-0007 [CRITICAL] CWE-77 CVE-2018-0007: An unauthenticated network-based attacker able to send a maliciously crafted LLDP packet to the local segment, through a local segment broadcast, may CVE-2018-0007: An unauthenticated network-based attacker able to send a maliciously crafted LLDP packet to the local segment, through a local segment broadcast, may be able to cause a Junos device to enter an improper boundary check condition allowing a memory corruption to occur, leading to a denial o

CVE-2018-0001 [CRITICAL] CWE-416 CVE-2018-0001: A remote, unauthenticated attacker may be able to execute code by exploiting a use-after-free defect found in older versions of PHP through injection CVE-2018-0001: A remote, unauthenticated attacker may be able to execute code by exploiting a use-after-free defect found in older versions of PHP through injection of crafted data via specific PHP URLs within the context of the J-Web process. Affected releases are Juniper Networks Junos OS: 12.1X46 v

CVE-2018-0002 [HIGH] CWE-119 CVE-2018-0002: On SRX Series and MX Series devices with a Service PIC with any ALG enabled, a crafted TCP/IP response packet processed through the device results in CVE-2018-0002: On SRX Series and MX Series devices with a Service PIC with any ALG enabled, a crafted TCP/IP response packet processed through the device results in memory corruption leading to a flowd daemon crash. Sustained crafted response packets lead to repeated crashes of the flowd daemon which resu

CVE-2018-0012 [HIGH] CVE-2018-0012: Junos Space is affected by a privilege escalation vulnerability that may allow a local authenticated attacker to gain root privileges. CVE-2018-0012: Junos Space is affected by a privilege escalation vulnerability that may allow a local authenticated attacker to gain root privileges.

CVE-2018-0005 [HIGH] CWE-754 CVE-2018-0005: QFX and EX Series switches configured to drop traffic when the MAC move limit is exceeded will forward traffic instead of dropping traffic. This can l CVE-2018-0005: QFX and EX Series switches configured to drop traffic when the MAC move limit is exceeded will forward traffic instead of dropping traffic. This can lead to denials of services or other unintended conditions. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X5

CVE-2018-0004 [MEDIUM] CWE-400 CVE-2018-0004: A sustained sequence of different types of normal transit traffic can trigger a high CPU consumption denial of service condition in the Junos OS regis CVE-2018-0004: A sustained sequence of different types of normal transit traffic can trigger a high CPU consumption denial of service condition in the Junos OS register and schedule software interrupt handler subsystem when a specific command is issued to the device. This affects one or more threads an

CVE-2018-0008 [MEDIUM] CWE-287 CVE-2018-0008: An unauthenticated root login may allow upon reboot when a commit script is used. A commit script allows a device administrator to execute certain ins CVE-2018-0008: An unauthenticated root login may allow upon reboot when a commit script is used. A commit script allows a device administrator to execute certain instructions during commit, which is configured under the [system scripts commit] stanza. Certain commit scripts that work without a problem

CVE-2018-0011 [MEDIUM] CWE-79 CVE-2018-0011: A reflected cross site scripting (XSS) vulnerability in Junos Space may potentially allow a remote authenticated user to inject web script or HTML and CVE-2018-0011: A reflected cross site scripting (XSS) vulnerability in Junos Space may potentially allow a remote authenticated user to inject web script or HTML and steal sensitive data and credentials from a session, and to perform administrative actions on the Junos Space network management device.