Page 14 of 93 results (0.011 seconds)

CVSS: 7.5EPSS: 0%CPEs: 100EXPL: 0

The flowd process, responsible for forwarding traffic in SRX Series services gateways, may crash and restart when processing specific transit IP packets through an IPSec tunnel. Continued processing of these packets may result in an extended Denial of Service (DoS) condition. This issue only occurs when IPSec tunnels are configured. Systems without IPSec tunnel configurations are not vulnerable to this issue. This issue affects Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D171, 15.1X49-D180 on SRX Series; 18.2 versions 18.2R2-S1 and later, prior to 18.2R3 on SRX Series; 18.4 versions prior to 18.4R2 on SRX Series. • https://kb.juniper.net/JSA10959 https://www.juniper.net/documentation/en_US/junos/topics/topic-map/ipsec-tunnel-traffic-configuration.html • CWE-755: Improper Handling of Exceptional Conditions •

CVSS: 7.8EPSS: 0%CPEs: 39EXPL: 0

A vulnerability in the Veriexec subsystem of Juniper Networks Junos OS allowing an attacker to fully compromise the host system. A local authenticated user can elevate privileges to gain full control of the system even if they are specifically denied access to perform certain actions. This issue affects: Juniper Networks Junos OS: 12.3X48 versions prior to 12.3X48-D80 on SRX Series. Una vulnerabilidad en el subsistema Veriexec de Juniper Networks Junos OS, permite a un atacante comprometer completamente el sistema host. Un usuario autenticado local puede elevar los privilegios para conseguir el control total del sistema, incluso si se le niega específicamente el acceso para realizar determinadas acciones. • https://kb.juniper.net/JSA10956 •

CVSS: 7.5EPSS: 0%CPEs: 135EXPL: 0

A vulnerability in the SIP ALG packet processing service of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the device by sending specific types of valid SIP traffic to the device. In this case, the flowd process crashes and generates a core dump while processing SIP ALG traffic. Continued receipt of these valid SIP packets will result in a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: 12.3X48 versions prior to 12.3X48-D61, 12.3X48-D65 on SRX Series; 15.1X49 versions prior to 15.1X49-D130 on SRX Series; 17.3 versions prior to 17.3R3 on SRX Series; 17.4 versions prior to 17.4R2 on SRX Series. Una vulnerabilidad en el servicio de procesamiento de paquetes ALG SIP de Juniper Networks Junos OS, permite a un atacante causar una Denegación de servicio (DoS) al dispositivo mediante el envío de tipos específicos de tráfico SIP válido hacia el dispositivo. • https://kb.juniper.net/JSA10953 https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-sip-alg.html • CWE-130: Improper Handling of Length Parameter Inconsistency •

CVSS: 7.4EPSS: 0%CPEs: 41EXPL: 0

An Improper Certificate Validation weakness in the SRX Series Application Identification (app-id) signature update client of Juniper Networks Junos OS allows an attacker to perform Man-in-the-Middle (MitM) attacks which may compromise the integrity and confidentiality of the device. This issue affects: Juniper Networks Junos OS 15.1X49 versions prior to 15.1X49-D120 on SRX Series devices. No other versions of Junos OS are affected. Una debilidad de Comprobación de Certificado Inapropiada en el cliente de actualización de firma de SRX Series Application Identification (app-id) de Juniper Networks Junos OS, permite a un atacante realizar ataques de tipo Man-in-the-Middle (MitM) que pueden comprometer la integridad y confidencialidad del dispositivo . Este problema afecta a: Juniper Networks Junos OS versiones 15.1X49 anteriores a 15.1X49-D120 en dispositivos de la Serie SRX. • https://kb.juniper.net/JSA10952 https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-application-identification-overview.html • CWE-295: Improper Certificate Validation CWE-300: Channel Accessible by Non-Endpoint •

CVSS: 7.5EPSS: 0%CPEs: 64EXPL: 0

Under certain heavy traffic conditions srxpfe process can crash and result in a denial of service condition for the SRX1500 device. Repeated crashes of the srxpfe can result in an extended denial of service condition. The SRX device may fail to forward traffic when this condition occurs. Affected releases are Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D170 on SRX1500; 17.3 versions prior to 17.3R3-S7 on SRX1500; 17.4 versions prior to 17.4R2-S8, 17.4R3 on SRX1500; 18.1 versions prior to 18.1R3-S8 on SRX1500; 18.2 versions prior to 18.2R3 on SRX1500; 18.3 versions prior to 18.3R2 on SRX1500; 18.4 versions prior to 18.4R2 on SRX1500. Bajo determinadas condiciones de tráfico pesado, el proceso srxpfe puede bloquearse y provocar una denegación de servicio para el dispositivo SRX1500. • https://kb.juniper.net/JSA10972 •