CVSS: 5.3EPSS: 0%CPEs: 198EXPL: 0CVE-2019-0005
https://notcve.org/view.php?id=CVE-2019-0005
15 Jan 2019 — On EX2300, EX3400, EX4600, QFX3K and QFX5K series, firewall filter configuration cannot perform packet matching on any IPv6 extension headers. This issue may allow IPv6 packets that should have been blocked to be forwarded. IPv4 packet filtering is unaffected by this vulnerability. Affected releases are Juniper Networks Junos OS on EX and QFX series;: 14.1X53 versions prior to 14.1X53-D47; 15.1 versions prior to 15.1R7; 15.1X53 versions prior to 15.1X53-D234 on QFX5200/QFX5110 series; 15.1X53 versions prior... • http://www.securityfocus.com/bid/106665 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 9.8EPSS: 1%CPEs: 86EXPL: 0CVE-2019-0006 – Junos OS: EX, QFX and MX series: Packet Forwarding Engine manager (FXPC) process crashes due to a crafted HTTP packet in a Virtual Chassis configuration
https://notcve.org/view.php?id=CVE-2019-0006
15 Jan 2019 — A certain crafted HTTP packet can trigger an uninitialized function pointer deference vulnerability in the Packet Forwarding Engine manager (fxpc) on all EX, QFX and MX Series devices in a Virtual Chassis configuration. This issue can result in a crash of the fxpc daemon or may potentially lead to remote code execution. This issue only occurs when the crafted packet it destined to the device. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D47 on EX and QFX Virtual Chassis... • http://www.securityfocus.com/bid/106666 • CWE-908: Use of Uninitialized Resource •
CVSS: 7.5EPSS: 0%CPEs: 23EXPL: 0CVE-2019-0014 – Junos OS: QFX and PTX Series: FPC process crashes after J-Flow processes a malformed packet
https://notcve.org/view.php?id=CVE-2019-0014
15 Jan 2019 — On QFX and PTX Series, receipt of a malformed packet for J-Flow sampling might crash the FPC (Flexible PIC Concentrator) process which causes all interfaces to go down. By continuously sending the offending packet, an attacker can repeatedly crash the FPC process causing a sustained Denial of Service (DoS). This issue affects both IPv4 and IPv6 packet processing. Affected releases are Juniper Networks Junos OS on QFX and PTX Series: 17.4 versions prior to 17.4R2-S1, 17.4R3; 18.1 versions prior to 18.1R3-S1;... • http://www.securityfocus.com/bid/106556 • CWE-19: Data Processing Errors •
CVSS: 8.8EPSS: 0%CPEs: 295EXPL: 0CVE-2018-0043 – Junos OS: RPD daemon crashes upon receipt of specific MPLS packet
https://notcve.org/view.php?id=CVE-2018-0043
10 Oct 2018 — Receipt of a specific MPLS packet may cause the routing protocol daemon (RPD) process to crash and restart or may lead to remote code execution. By continuously sending specific MPLS packets, an attacker can repeatedly crash the RPD process causing a sustained Denial of Service. This issue affects both IPv4 and IPv6. This issue can only be exploited from within the MPLS domain. End-users connected to the CE device cannot cause this crash. • http://www.securitytracker.com/id/1041847 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 131EXPL: 0CVE-2018-0054 – QFX5000/EX4600 Series: Routing protocol flap upon receipt of high rate of Ethernet frames
https://notcve.org/view.php?id=CVE-2018-0054
10 Oct 2018 — On QFX5000 Series and EX4600 switches, a high rate of Ethernet pause frames or an ARP packet storm received on the management interface (fxp0) can cause egress interface congestion, resulting in routing protocol packet drops, such as BGP, leading to peering flaps. The following log message may also be displayed: fpc0 dcbcm_check_stuck_buffers: Buffers are stuck on queue 7 of port 45 This issue only affects the QFX5000 Series products (QFX5100, QFX5110, QFX5200, QFX5210) and the EX4600 switch. No other platf... • http://www.securitytracker.com/id/1041855 • CWE-400: Uncontrolled Resource Consumption •