Juniper Session And Resource Control vulnerabilities

CVE-2021-31381 [MEDIUM] CWE-16 CVE-2021-31381: A configuration weakness in the JBoss Application Server (AppSvr) component of Juniper Networks SRC A configuration weakness in the JBoss Application Server (AppSvr) component of Juniper Networks SRC Series allows a remote attacker to send a specially crafted query to cause the web server to delete files which may allow the attacker to disrupt the integrity and availability of the system.

CVE-2021-31352 [MEDIUM] CWE-200 CVE-2021-31352: An Information Exposure vulnerability in Juniper Networks SRC Series devices configured for NETCONF An Information Exposure vulnerability in Juniper Networks SRC Series devices configured for NETCONF over SSH permits the negotiation of weak ciphers, which could allow a remote attacker to obtain sensitive information. A remote attacker with read and write access to network data could exploit this vulnerability to display plaintext bits from a block

CVE-2021-31380 [MEDIUM] CWE-16 CVE-2021-31380: A configuration weakness in the JBoss Application Server (AppSvr) component of Juniper Networks SRC A configuration weakness in the JBoss Application Server (AppSvr) component of Juniper Networks SRC Series allows a remote attacker to send a specially crafted query to cause the web server to disclose sensitive information in the HTTP response which allows the attacker to obtain sensitive information.

CVE-2008-0960 [CRITICAL] CWE-287 CVE-2008-0960: SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x befor SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nex