CVSS: 8.8EPSS: 0%CPEs: 50EXPL: 0CVE-2021-0278 – Junos OS: J-Web allows a locally authenticated attacker to escalate their privileges to root.
https://notcve.org/view.php?id=CVE-2021-0278
15 Jul 2021 — An Improper Input Validation vulnerability in J-Web of Juniper Networks Junos OS allows a locally authenticated attacker to escalate their privileges to root over the target device. junos:18.3R3-S5 junos:18.4R3-S9 junos:19.1R3-S6 junos:19.3R2-S6 junos:19.3R3-S3 junos:19.4R1-S4 junos:19.4R3-S4 junos:20.1R2-S2 junos:20.1R3 junos:20.2R3-S1 junos:20.3X75-D20 junos:20.3X75-D30 junos:20.4R2-S1 junos:20.4R3 junos:21.1R1-S1 junos:21.1R2 junos:21.2R1 junos:21.3R1 This issue affects: Juniper Networks Junos OS 19.3 ve... • https://kb.juniper.net/JSA11182 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 263EXPL: 0CVE-2021-0277 – Junos OS and Junos OS Evolved: LLDP Out-of-Bounds Read vulnerability in l2cpd
https://notcve.org/view.php?id=CVE-2021-0277
15 Jul 2021 — An Out-of-bounds Read vulnerability in the processing of specially crafted LLDP frames by the Layer 2 Control Protocol Daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved may allow an attacker to cause a Denial of Service (DoS), or may lead to remote code execution (RCE). Continued receipt and processing of these frames, sent from the local broadcast domain, will repeatedly crash the l2cpd process and sustain the Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: ... • https://kb.juniper.net/JSA11181 • CWE-125: Out-of-bounds Read •
CVSS: 7.4EPSS: 0%CPEs: 23EXPL: 0CVE-2021-0267 – Junos OS: Receipt of a crafted DHCP packet will cause the jdhcpd DHCP service to core.
https://notcve.org/view.php?id=CVE-2021-0267
22 Apr 2021 — An Improper Input Validation vulnerability in the active-lease query portion in JDHCPD's DHCP Relay Agent of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) by sending a crafted DHCP packet to the device thereby crashing the jdhcpd DHCP service. This is typically configured for Broadband Subscriber Sessions. Continued receipt and processing of this crafted packet will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS: 19.4 vers... • https://kb.juniper.net/JSA11158 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 9EXPL: 0CVE-2021-0266 – cSRX: Use of Hard-coded Cryptographic Keys allows an attacker to take control of the device through device management services.
https://notcve.org/view.php?id=CVE-2021-0266
22 Apr 2021 — The use of multiple hard-coded cryptographic keys in cSRX Series software in Juniper Networks Junos OS allows an attacker to take control of any instance of a cSRX deployment through device management services. This issue affects: Juniper Networks Junos OS on cSRX Series: All versions prior to 20.2R3; 20.3 versions prior to 20.3R2; 20.4 versions prior to 20.4R2. El uso de múltiples claves criptográficas embebidas en el software de la serie cSRX en Juniper Networks Junos OS, permite a un atacante tomar el co... • https://kb.juniper.net/JSA11157 • CWE-321: Use of Hard-coded Cryptographic Key CWE-798: Use of Hard-coded Credentials •
CVSS: 7.5EPSS: 0%CPEs: 67EXPL: 0CVE-2021-0264 – Junos OS and Junos OS Evolved: MX Series with MPC10/MPC11, PTX10003, PTX10008: Line card may crash and restart when traffic is hitting a firewall filter having a term with syslog action configured
https://notcve.org/view.php?id=CVE-2021-0264
22 Apr 2021 — A vulnerability in the processing of traffic matching a firewall filter containing a syslog action in Juniper Networks Junos OS on MX Series with MPC10/MPC11 cards installed, PTX10003 and PTX10008 Series devices, will cause the line card to crash and restart, creating a Denial of Service (DoS). Continued receipt and processing of packets matching the firewall filter can create a sustained Denial of Service (DoS) condition. When traffic hits the firewall filter, configured on lo0 or any physical interface on... • https://kb.juniper.net/JSA11155 • CWE-703: Improper Check or Handling of Exceptional Conditions CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 5.9EPSS: 0%CPEs: 124EXPL: 0CVE-2021-0263 – Junos OS: PTX Series: Denial of Service in packet processing due to heavy route churn when J-Flow sampling is enabled
https://notcve.org/view.php?id=CVE-2021-0263
22 Apr 2021 — A Data Processing vulnerability in the Multi-Service process (multi-svcs) on the FPC of Juniper Networks Junos OS on the PTX Series routers may lead to the process becoming unresponsive, ultimately affecting traffic forwarding, allowing an attacker to cause a Denial of Service (DoS) condition . The Multi-Service Process running on the FPC is responsible for handling sampling-related operations when a J-Flow configuration is activated. This can occur during periods of heavy route churn, causing the Multi-Ser... • https://kb.juniper.net/JSA11154 • CWE-19: Data Processing Errors •
CVSS: 7.4EPSS: 0%CPEs: 204EXPL: 0CVE-2021-0259 – Junos OS and Junos OS Evolved: QFX5K Series: Underlay network traffic might not be processed upon receipt of high rate of specific genuine overlay packets in VXLAN scenario
https://notcve.org/view.php?id=CVE-2021-0259
22 Apr 2021 — Due to a vulnerability in DDoS protection in Juniper Networks Junos OS and Junos OS Evolved on QFX5K Series switches in a VXLAN configuration, instability might be experienced in the underlay network as a consequence of exceeding the default ddos-protection aggregate threshold. If an attacker on a client device on the overlay network sends a high volume of specific, legitimate traffic in the overlay network, due to an improperly detected DDoS violation, the leaf might not process certain L2 traffic, sent by... • https://kb.juniper.net/JSA11150 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 6.5EPSS: 0%CPEs: 149EXPL: 0CVE-2021-0257 – Junos OS: MX Series, EX9200 Series: Trio-based MPCs memory leak in VPLS with integrated routing and bridging (IRB) interface
https://notcve.org/view.php?id=CVE-2021-0257
22 Apr 2021 — On Juniper Networks MX Series and EX9200 Series platforms with Trio-based MPCs (Modular Port Concentrators) where Integrated Routing and Bridging (IRB) interfaces are configured and mapped to a VPLS instance or a Bridge-Domain, certain Layer 2 network events at Customer Edge (CE) devices may cause memory leaks in the MPC of Provider Edge (PE) devices which can cause an out of memory condition and MPC restart. When this issue occurs, there will be temporary traffic interruption until the MPC is restored. An ... • https://kb.juniper.net/JSA11148 • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 183EXPL: 0CVE-2021-0256 – Junos OS: mosquitto Local Privilege Escalation vulnerability in SUID binaries
https://notcve.org/view.php?id=CVE-2021-0256
22 Apr 2021 — A sensitive information disclosure vulnerability in the mosquitto message broker of Juniper Networks Junos OS may allow a locally authenticated user with shell access the ability to read portions of sensitive files, such as the master.passwd file. Since mosquitto is shipped with setuid permissions enabled and is owned by the root user, this vulnerability may allow a local privileged user the ability to run mosquitto with root privileges and access sensitive information stored on the local filesystem. This i... • https://kb.juniper.net/JSA11175 • CWE-250: Execution with Unnecessary Privileges CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 183EXPL: 0CVE-2021-0255 – Junos OS: ethtraceroute Local Privilege Escalation vulnerability in SUID binaries
https://notcve.org/view.php?id=CVE-2021-0255
22 Apr 2021 — A local privilege escalation vulnerability in ethtraceroute of Juniper Networks Junos OS may allow a locally authenticated user with shell access to escalate privileges and write to the local filesystem as root. ethtraceroute is shipped with setuid permissions enabled and is owned by the root user, allowing local users to run ethtraceroute with root privileges. This issue affects Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D240; 17.3 versions prior to 17.3R3-S11, 17.4 versions prior to 17.4... • https://kb.juniper.net/JSA11175 • CWE-250: Execution with Unnecessary Privileges CWE-269: Improper Privilege Management •