Juniper Networks Junos Os vulnerabilities

CVE-2018-0045 [HIGH] CWE-20 CVE-2018-0045: Receipt of a specific Draft-Rosen MVPN control packet may cause the routing protocol daemon (RPD) pr Receipt of a specific Draft-Rosen MVPN control packet may cause the routing protocol daemon (RPD) process to crash and restart or may lead to remote code execution. By continuously sending the same specific Draft-Rosen MVPN control packet, an attacker can repeatedly crash the RPD process causing a prolonged denial of service. This issue may occur when th

CVE-2018-0043 [HIGH] CWE-20 CVE-2018-0043: Receipt of a specific MPLS packet may cause the routing protocol daemon (RPD) process to crash and r Receipt of a specific MPLS packet may cause the routing protocol daemon (RPD) process to crash and restart or may lead to remote code execution. By continuously sending specific MPLS packets, an attacker can repeatedly crash the RPD process causing a sustained Denial of Service. This issue affects both IPv4 and IPv6. This issue can only be exploited from

CVE-2018-0044 [HIGH] CWE-287 CVE-2018-0044: An insecure SSHD configuration in Juniper Device Manager (JDM) and host OS on Juniper NFX Series dev An insecure SSHD configuration in Juniper Device Manager (JDM) and host OS on Juniper NFX Series devices may allow remote unauthenticated access if any of the passwords on the system are empty. The affected SSHD configuration has the PermitEmptyPasswords option set to "yes". Affected releases are Juniper Networks Junos OS: 18.1 versions prior to 18.1R4

CVE-2018-0061 [MEDIUM] CWE-400 CVE-2018-0061: A denial of service vulnerability in the telnetd service on Junos OS allows remote unauthenticated u A denial of service vulnerability in the telnetd service on Junos OS allows remote unauthenticated users to cause high CPU usage which may affect system performance. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D81 on SRX Series; 12.3 versions prior to 12.3R12-S11; 12.3X48 versions prior to 12.3X48-D80 on SRX Seri

CVE-2018-0050 [MEDIUM] CWE-20 CVE-2018-0050: An error handling vulnerability in Routing Protocols Daemon (RPD) of Juniper Networks Junos OS allow An error handling vulnerability in Routing Protocols Daemon (RPD) of Juniper Networks Junos OS allows an attacker to cause RPD to crash. Continued receipt of this malformed MPLS RSVP packet will cause a sustained Denial of Service condition. Affected releases are Juniper Networks Junos OS: 14.1 versions prior to 14.1R8-S5, 14.1R9; 14.1X53 versions prio

CVE-2018-0055 [MEDIUM] CWE-20 CVE-2018-0055: Receipt of a specially crafted DHCPv6 message destined to a Junos OS device configured as a DHCP ser Receipt of a specially crafted DHCPv6 message destined to a Junos OS device configured as a DHCP server in a Broadband Edge (BBE) environment may result in a jdhcpd daemon crash. The daemon automatically restarts without intervention, but a continuous receipt of crafted DHCPv6 packets could leaded to an extended denial of service condition. This issue

CVE-2018-0054 [MEDIUM] CWE-400 CVE-2018-0054: On QFX5000 Series and EX4600 switches, a high rate of Ethernet pause frames or an ARP packet storm r On QFX5000 Series and EX4600 switches, a high rate of Ethernet pause frames or an ARP packet storm received on the management interface (fxp0) can cause egress interface congestion, resulting in routing protocol packet drops, such as BGP, leading to peering flaps. The following log message may also be displayed: fpc0 dcbcm_check_stuck_buffers: Buffers

CVE-2018-0051 [MEDIUM] CWE-20 CVE-2018-0051: A Denial of Service vulnerability in the SIP application layer gateway (ALG) component of Junos OS b A Denial of Service vulnerability in the SIP application layer gateway (ALG) component of Junos OS based platforms allows an attacker to crash MS-PIC, MS-MIC, MS-MPC, MS-DPC or SRX flow daemon (flowd) process. This issue affects Junos OS devices with NAT or stateful firewall configuration in combination with the SIP ALG enabled. SIP ALG is enabled by d

CVE-2018-0056 [MEDIUM] CWE-20 CVE-2018-0056: If a duplicate MAC address is learned by two different interfaces on an MX Series device, the MAC ad If a duplicate MAC address is learned by two different interfaces on an MX Series device, the MAC address learning function correctly flaps between the interfaces. However, the Layer 2 Address Learning Daemon (L2ALD) daemon might crash when attempting to delete the duplicate MAC address when the particular entry is not found in the internal MAC address

CVE-2018-0060 [MEDIUM] CWE-20 CVE-2018-0060: An improper input validation weakness in the device control daemon process (dcd) of Juniper Networks An improper input validation weakness in the device control daemon process (dcd) of Juniper Networks Junos OS allows an attacker to cause a Denial of Service to the dcd process and interfaces and connected clients when the Junos device is requesting an IP address for itself. Junos devices are not vulnerable to this issue when not configured to use DHCP

CVE-2018-0053 [MEDIUM] CWE-287 CVE-2018-0053: An authentication bypass vulnerability in the initial boot sequence of Juniper Networks Junos OS on An authentication bypass vulnerability in the initial boot sequence of Juniper Networks Junos OS on vSRX Series may allow an attacker to gain full control of the system without authentication when the system is initially booted up. Affected releases are Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D30 on vSRX.

CVE-2018-0063 [MEDIUM] CWE-400 CVE-2018-0063: A vulnerability in the IP next-hop index database in Junos OS 17.3R3 may allow a flood of ARP reques A vulnerability in the IP next-hop index database in Junos OS 17.3R3 may allow a flood of ARP requests, sent to the management interface, to exhaust the private Internal routing interfaces (IRIs) next-hop limit. Once the IRI next-hop database is full, no further next hops can be learned and existing entries cannot be cleared, leading to a sustained de

CVE-2018-0037 [CRITICAL] CWE-20 CVE-2018-0037: Junos OS routing protocol daemon (RPD) process may crash and restart or may lead to remote code exec Junos OS routing protocol daemon (RPD) process may crash and restart or may lead to remote code execution while processing specific BGP NOTIFICATION messages. By continuously sending crafted BGP NOTIFICATION messages, an attacker can repeatedly crash the RPD process causing a sustained Denial of Service. Due to design improvements, this issue does no

CVE-2018-0035 [CRITICAL] CVE-2018-0035: QFX5200 and QFX10002 devices that have been shipped with Junos OS 15.1X53-D21, 15.1X53-D30, 15.1X53- QFX5200 and QFX10002 devices that have been shipped with Junos OS 15.1X53-D21, 15.1X53-D30, 15.1X53-D31, 15.1X53-D32, 15.1X53-D33 and 15.1X53-D60 or have been upgraded to these releases using the .bin or .iso images may contain an unintended additional Open Network Install Environment (ONIE) partition. This additional partition allows the superuser to reboo

CVE-2018-0026 [HIGH] CVE-2018-0026: After Junos OS device reboot or upgrade, the stateless firewall filter configuration may not take ef After Junos OS device reboot or upgrade, the stateless firewall filter configuration may not take effect. This issue can be verified by running the command: user@re0> show interfaces extensive | match filters" CAM destination filters: 0, CAM source filters: 0 Note: when the issue occurs, it does not show the applied firewall filter. The correct output should sh

CVE-2018-0025 [HIGH] CWE-300 CVE-2018-0025: When an SRX Series device is configured to use HTTP/HTTPS pass-through authentication services, a cl When an SRX Series device is configured to use HTTP/HTTPS pass-through authentication services, a client sending authentication credentials in the initial HTTP/HTTPS session is at risk that these credentials may be captured during follow-on HTTP/HTTPS requests by a malicious actor through a man-in-the-middle attack or by authentic servers subverted by m

CVE-2018-0030 [HIGH] CWE-400 CVE-2018-0030: Receipt of a specific MPLS packet may cause MPC7/8/9, PTX-FPC3 (FPC-P1, FPC-P2) line cards or PTX1K Receipt of a specific MPLS packet may cause MPC7/8/9, PTX-FPC3 (FPC-P1, FPC-P2) line cards or PTX1K to crash and restart. By continuously sending specific MPLS packets, an attacker can repeatedly crash the line cards or PTX1K causing a sustained Denial of Service. Affected releases are Juniper Networks Junos OS with MPC7/8/9 or PTX-FPC3 (FPC-P1, FPC-P2)

CVE-2018-0024 [HIGH] CWE-269 CVE-2018-0024: An Improper Privilege Management vulnerability in a shell session of Juniper Networks Junos OS allow An Improper Privilege Management vulnerability in a shell session of Juniper Networks Junos OS allows an authenticated unprivileged attacker to gain full control of the system. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D45 on SRX Series; 12.3X48 versions prior to 12.3X48-D20 on SRX Series; 12.3 versions prior to

CVE-2018-0032 [HIGH] CWE-20 CVE-2018-0032: The receipt of a crafted BGP UPDATE can lead to a routing process daemon (RPD) crash and restart. Re The receipt of a crafted BGP UPDATE can lead to a routing process daemon (RPD) crash and restart. Repeated receipt of the same crafted BGP UPDATE can result in an extended denial of service condition for the device. This issue only affects the specific versions of Junos OS listed within this advisory. Earlier releases are unaffected by this vulnerability

CVE-2018-0029 [MEDIUM] CWE-400 CVE-2018-0029: While experiencing a broadcast storm, placing the fxp0 interface into promiscuous mode via the 'moni While experiencing a broadcast storm, placing the fxp0 interface into promiscuous mode via the 'monitor traffic interface fxp0' can cause the system to crash and restart (vmcore). This issue only affects Junos OS 15.1 and later releases, and affects both single core and multi-core REs. Releases prior to Junos OS 15.1 are unaffected by this vulnerabili