CVSS: 7.5EPSS: 0%CPEs: 259EXPL: 0CVE-2019-0065 – Junos OS: MX Series: Denial of Service vulnerability in MS-PIC component on MS-MIC or MS-MPC
https://notcve.org/view.php?id=CVE-2019-0065
09 Oct 2019 — On MX Series, when the SIP ALG is enabled, receipt of a certain malformed SIP packet may crash the MS-PIC component on MS-MIC or MS-MPC. By continuously sending a crafted SIP packet, an attacker can repeatedly bring down MS-PIC on MS-MIC/MS-MPC causing a sustained Denial of Service. This issue affects Juniper Networks Junos OS on MX Series: 16.1 versions prior to 16.1R7-S5; 16.2 versions prior to 16.2R2-S11; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R3-S3; 17.3 versions prior to 17.3R3-S6 ; ... • https://kb.juniper.net/JSA10964 •
CVSS: 7.5EPSS: 0%CPEs: 340EXPL: 0CVE-2019-0063 – Junos OS: MX Series: jdhcpd crash when receiving a specific crafted DHCP response message
https://notcve.org/view.php?id=CVE-2019-0063
09 Oct 2019 — When an MX Series Broadband Remote Access Server (BRAS) is configured as a Broadband Network Gateway (BNG) with DHCPv6 enabled, jdhcpd might crash when receiving a specific crafted DHCP response message on a subscriber interface. The daemon automatically restarts without intervention, but continuous receipt of specific crafted DHCP messages will repeatedly crash jdhcpd, leading to an extended Denial of Service (DoS) condition. This issue only affects systems configured with DHCPv6 enabled. DHCPv4 is unaffec... • https://kb.juniper.net/JSA10962 •
CVSS: 8.8EPSS: 0%CPEs: 263EXPL: 0CVE-2019-0062 – Junos OS: Session fixation vulnerability in J-Web
https://notcve.org/view.php?id=CVE-2019-0062
09 Oct 2019 — A session fixation vulnerability in J-Web on Junos OS may allow an attacker to use social engineering techniques to fix and hijack a J-Web administrators web session and potentially gain administrative access to the device. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S15 on EX Series; 12.3X48 versions prior to 12.3X48-D85 on SRX Series; 14.1X53 versions prior to 14.1X53-D51; 15.1 versions prior to 15.1F6-S13, 15.1R7-S5; 15.1X49 versions prior to 15.1X49-D180 on SRX Series; 1... • https://kb.juniper.net/JSA10961 • CWE-384: Session Fixation •
CVSS: 7.8EPSS: 0%CPEs: 111EXPL: 0CVE-2019-0061 – Junos OS: Insecure management daemon (MGD) configuration may allow local privilege escalation
https://notcve.org/view.php?id=CVE-2019-0061
09 Oct 2019 — The management daemon (MGD) is responsible for all configuration and management operations in Junos OS. The Junos CLI communicates with MGD over an internal unix-domain socket and is granted special permission to open this protected mode socket. Due to a misconfiguration of the internal socket, a local, authenticated user may be able to exploit this vulnerability to gain administrative privileges. This issue only affects Linux-based platforms. FreeBSD-based platforms are unaffected by this vulnerability. • https://kb.juniper.net/JSA10960 • CWE-657: Violation of Secure Design Principles •
CVSS: 7.5EPSS: 0%CPEs: 100EXPL: 0CVE-2019-0060 – Junos OS: SRX Series: flowd process crash due to processing of specific transit IP packets
https://notcve.org/view.php?id=CVE-2019-0060
09 Oct 2019 — The flowd process, responsible for forwarding traffic in SRX Series services gateways, may crash and restart when processing specific transit IP packets through an IPSec tunnel. Continued processing of these packets may result in an extended Denial of Service (DoS) condition. This issue only occurs when IPSec tunnels are configured. Systems without IPSec tunnel configurations are not vulnerable to this issue. This issue affects Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D171, 15.1X49-D180 ... • https://kb.juniper.net/JSA10959 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2019-0057 – NFX Series: An attacker may be able to take control of the JDM application and subsequently the entire system.
https://notcve.org/view.php?id=CVE-2019-0057
09 Oct 2019 — An improper authorization weakness in Juniper Networks Junos OS allows a local authenticated attacker to bypass regular security controls to access the Junos Device Manager (JDM) application and take control of the system. This issue affects: Juniper Networks Junos OS versions prior to 18.2R1, 18.2X75-D5. Una debilidad de autorización inapropiada en Juniper Networks Junos OS, permite a un atacante autenticado local omitir los controles de seguridad regulares para acceder a la aplicación Junos Device Manager... • https://kb.juniper.net/JSA10955 •
CVSS: 7.5EPSS: 0%CPEs: 119EXPL: 0CVE-2019-0051 – SRX5000 Series: Denial of Service vulnerability in SSL-Proxy feature.
https://notcve.org/view.php?id=CVE-2019-0051
09 Oct 2019 — SSL-Proxy feature on SRX devices fails to handle a hardware resource limitation which can be exploited by remote SSL/TLS servers to crash the flowd daemon. Repeated crashes of the flowd daemon can result in an extended denial of service condition. For this issue to occur, clients protected by the SRX device must initiate a connection to the malicious server. This issue affects: Juniper Networks Junos OS on SRX5000 Series: 12.3X48 versions prior to 12.3X48-D85; 15.1X49 versions prior to 15.1X49-D180; 17.3 ve... • https://kb.juniper.net/JSA10973 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.5EPSS: 0%CPEs: 64EXPL: 0CVE-2019-0050 – Junos OS: SRX1500: Denial of service due to crash of srxpfe process under heavy traffic conditions.
https://notcve.org/view.php?id=CVE-2019-0050
09 Oct 2019 — Under certain heavy traffic conditions srxpfe process can crash and result in a denial of service condition for the SRX1500 device. Repeated crashes of the srxpfe can result in an extended denial of service condition. The SRX device may fail to forward traffic when this condition occurs. Affected releases are Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D170 on SRX1500; 17.3 versions prior to 17.3R3-S7 on SRX1500; 17.4 versions prior to 17.4R2-S8, 17.4R3 on SRX1500; 18.1 versions prior to 18... • https://kb.juniper.net/JSA10972 •
CVSS: 8.8EPSS: 0%CPEs: 197EXPL: 0CVE-2019-0047 – Junos OS: Persistent XSS vulnerability in J-Web
https://notcve.org/view.php?id=CVE-2019-0047
09 Oct 2019 — A persistent Cross-Site Scripting (XSS) vulnerability in Junos OS J-Web interface may allow remote unauthenticated attackers to perform administrative actions on the Junos device. Successful exploitation requires a Junos administrator to first perform certain diagnostic actions on J-Web. This issue affects: Juniper Networks Junos OS 12.1X46 versions prior to 12.1X46-D86; 12.3 versions prior to 12.3R12-S13; 12.3X48 versions prior to 12.3X48-D80; 14.1X53 versions prior to 14.1X53-D51; 15.1 versions prior to 1... • https://kb.juniper.net/JSA10970 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 193EXPL: 2CVE-2019-0053 – Junos OS: Insufficient validation of environment variables in telnet client may lead to stack-based buffer overflow
https://notcve.org/view.php?id=CVE-2019-0053
11 Jul 2019 — Insufficient validation of environment variables in the telnet client supplied in Junos OS can lead to stack-based buffer overflows, which can be exploited to bypass veriexec restrictions on Junos OS. A stack-based overflow is present in the handling of environment variables when connecting via the telnet client to remote telnet servers. This issue only affects the telnet client — accessible from the CLI or shell — in Junos OS. Inbound telnet services are not affected by this issue. This issue affects: Juni... • https://github.com/dreamsmasher/inetutils-CVE-2019-0053-Patched-PKGBUILD • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •