CVSS: 7.2EPSS: 0%CPEs: 204EXPL: 0CVE-2018-0008 – Junos OS: commit script may allow unauthenticated root login upon reboot
https://notcve.org/view.php?id=CVE-2018-0008
An unauthenticated root login may allow upon reboot when a commit script is used. A commit script allows a device administrator to execute certain instructions during commit, which is configured under the [system scripts commit] stanza. Certain commit scripts that work without a problem during normal commit may cause unexpected behavior upon reboot which can leave the system in a state where root CLI login is allowed without a password due to the system reverting to a "safe mode" authentication state. Lastly, only logging in physically to the console port as root, with no password, will work. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D71 on SRX; 12.3X48 versions prior to 12.3X48-D55 on SRX; 14.1 versions prior to 14.1R9; 14.1X53 versions prior to 14.1X53-D40 on QFX, EX; 14.2 versions prior to 14.2R7-S9, 14.2R8; 15.1 versions prior to 15.1F5-S7, 15.1F6-S8, 15.1R5-S6, 15.1R6; 15.1X49 versions prior to 15.1X49-D110 on SRX; 15.1X53 versions prior to 15.1X53-D232 on QFX5200/5110; 15.1X53 versions prior to 15.1X53-D49, 15.1X53-D470 on NFX; 15.1X53 versions prior to 15.1X53-D65 on QFX10K; 16.1 versions prior to 16.1R2. • http://www.securitytracker.com/id/1040186 https://kb.juniper.net/JSA10835 https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 0%CPEs: 25EXPL: 0CVE-2017-2304
https://notcve.org/view.php?id=CVE-2017-2304
Juniper Networks QFX3500, QFX3600, QFX5100, QFX5200, EX4300 and EX4600 devices running Junos OS 14.1X53 prior to 14.1X53-D40, 15.1X53 prior to 15.1X53-D40, 15.1 prior to 15.1R2, do not pad Ethernet packets with zeros, and thus some packets can contain fragments of system memory or data from previous packets. This issue is also known as 'Etherleak' Los dispositivos QFX3500, QFX3600, QFX5100, QFX5200, EX4300 y EX4600 de Juniper Networks que ejecutan Junos OS 14.1X53 anteriores a 14.1X53-D40, 15.1X53 anteriores a 15.1X53-D40 y 15.1 anteriores a 15.1R2, no rellenan paquetes Ethernet con ceros por lo que algunos paquetes pueden contener fragmentos de memoria del sistema o datos de paquetes anteriores. Este problema también es conocido como "Etherleak" • http://www.securityfocus.com/bid/95403 http://www.securitytracker.com/id/1037593 https://kb.juniper.net/JSA10773 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.9EPSS: 0%CPEs: 16EXPL: 0CVE-2016-1273
https://notcve.org/view.php?id=CVE-2016-1273
Juniper Junos OS before 13.2X51-D40, 14.x before 14.1X53-D30, and 15.x before 15.1X53-D20 on QFX5100 and QFX10002 switches do not have sufficient entropy, which makes it easier for remote attackers to defeat cryptographic encryption and authentication protection mechanisms via unspecified vectors. Juniper Junos OS en versiones anteriores a 13.2X51-D40, 14.x en versiones anteriores a 14.1X53-D30 y 15.x en versiones anteriores a 15.1X53-D20 en switches QFX5100 y QFX10002 no tienen suficiente entropía, lo que facilita a atacantes remotos romper el cifrado criptográfico y los mecanismos de protección de autenticación a través de vectores no especificados. • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10746 • CWE-310: Cryptographic Issues •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2016-1274
https://notcve.org/view.php?id=CVE-2016-1274
Juniper Junos OS 14.1X53 before 14.1X53-D30 on QFX Series switches allows remote attackers to cause a denial of service (PFE panic) via a high rate of unspecified VXLAN packets. Juniper Junos OS 14.1X53 en versiones anteriores a 14.1X53-D30 en switches QFX Series permite a atacantes remotos provocar una denegación de servicio (pánico de PFE) a través de una tasa alta de paquetes VXLAN no especificados. • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10747 • CWE-19: Data Processing Errors •
CVSS: 5.0EPSS: 0%CPEs: 7EXPL: 0CVE-2015-5357
https://notcve.org/view.php?id=CVE-2015-5357
The Juniper EX4600, QFX3500, QFX3600, and QFX5100 switches with Junos 13.2X51-D15 through 13.2X51-D25, 13.2X51 before 13.2X51-D30, and 14.1X53 before 14.1X53-D10 allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors. Los switches Juniper EX4600, QFX3500, QFX3600 y QFX5100 con Junos 13.2X51-D15 hasta 13.2X51-D25, 13.2X51 anterior a 13.2X51-D30 y 14.1X53 anterior a 14.1X53-D10, permiten a atacantes remotos provocar una denegación de servicio (consumo de CPU) a través de vectores no especificados. • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10684 http://www.securitytracker.com/id/1032847 • CWE-399: Resource Management Errors •