CVSS: 5.3EPSS: 0%CPEs: 128EXPL: 0CVE-2018-0061 – Junos OS: Denial of service in telnetd
https://notcve.org/view.php?id=CVE-2018-0061
10 Oct 2018 — A denial of service vulnerability in the telnetd service on Junos OS allows remote unauthenticated users to cause high CPU usage which may affect system performance. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D81 on SRX Series; 12.3 versions prior to 12.3R12-S11; 12.3X48 versions prior to 12.3X48-D80 on SRX Series; 15.1 versions prior to 15.1R7; 15.1X49 versions prior to 15.1X49-D150, 15.1X49-D160 on SRX Series; 15.1X53 versions prior to 15.1X53-D59 on EX2300/EX3400 S... • http://www.securitytracker.com/id/1041859 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.8EPSS: 0%CPEs: 205EXPL: 0CVE-2018-0045 – Junos OS: RPD daemon crashes due to receipt of specific Draft-Rosen MVPN control packet in Draft-Rosen MVPN configuration
https://notcve.org/view.php?id=CVE-2018-0045
10 Oct 2018 — Receipt of a specific Draft-Rosen MVPN control packet may cause the routing protocol daemon (RPD) process to crash and restart or may lead to remote code execution. By continuously sending the same specific Draft-Rosen MVPN control packet, an attacker can repeatedly crash the RPD process causing a prolonged denial of service. This issue may occur when the Junos OS device is configured for Draft-Rosen multicast virtual private network (MVPN). The VPN is multicast-enabled and configured to use Protocol Indepe... • http://www.securitytracker.com/id/1041848 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 152EXPL: 0CVE-2018-0049 – Junos OS: Receipt of a specifically crafted malicious MPLS packet leads to a Junos kernel crash.
https://notcve.org/view.php?id=CVE-2018-0049
10 Oct 2018 — A NULL Pointer Dereference vulnerability in Juniper Networks Junos OS allows an attacker to cause the Junos OS kernel to crash. Continued receipt of this specifically crafted malicious MPLS packet will cause a sustained Denial of Service condition. This issue require it to be received on an interface configured to receive this type of traffic. Affected releases are Juniper Networks Junos OS: 12.1X46 versions above and including 12.1X46-D76 prior to 12.1X46-D81 on SRX100, SRX110, SRX210, SRX220, SRX240m, SRX... • http://www.securityfocus.com/bid/105701 • CWE-476: NULL Pointer Dereference •
CVSS: 9.6EPSS: 0%CPEs: 27EXPL: 0CVE-2018-0057 – Junos OS: authd allows assignment of IP address requested by DHCP subscriber logging in with Option 50 (Requested IP Address)
https://notcve.org/view.php?id=CVE-2018-0057
10 Oct 2018 — On MX Series and M120/M320 platforms configured in a Broadband Edge (BBE) environment, subscribers logging in with DHCP Option 50 to request a specific IP address will be assigned the requested IP address, even if there is a static MAC to IP address binding in the access profile. In the problem scenario, with a hardware-address and IP address configured under address-assignment pool, if a subscriber logging in with DHCP Option 50, the subscriber will not be assigned an available address from the matched poo... • https://kb.juniper.net/JSA10892 •
CVSS: 5.9EPSS: 0%CPEs: 83EXPL: 0CVE-2018-0060 – Junos OS: Invalid IP/mask learned from DHCP server might cause device control daemon (dcd) process crash
https://notcve.org/view.php?id=CVE-2018-0060
10 Oct 2018 — An improper input validation weakness in the device control daemon process (dcd) of Juniper Networks Junos OS allows an attacker to cause a Denial of Service to the dcd process and interfaces and connected clients when the Junos device is requesting an IP address for itself. Junos devices are not vulnerable to this issue when not configured to use DHCP. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D40 on SRX Series; 12.3X48 versions prior to 12.3X48-D20 on SRX Series; 1... • http://www.securitytracker.com/id/1041858 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 122EXPL: 0CVE-2018-0062 – Junos OS: Denial of Service in J-Web
https://notcve.org/view.php?id=CVE-2018-0062
10 Oct 2018 — A Denial of Service vulnerability in J-Web service may allow a remote unauthenticated user to cause Denial of Service which may prevent other users to authenticate or to perform J-Web operations. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D77 on SRX Series; 12.3 versions prior to 12.3R12-S10; 12.3X48 versions prior to 12.3X48-D60 on SRX Series; 15.1 versions prior to 15.1R7; 15.1F6; 15.1X49 versions prior to 15.1X49-D120 on SRX Series; 15.1X53 versions prior to 15.1X5... • http://www.securitytracker.com/id/1041860 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-0063 – Junos OS: Nexthop index allocation failed: private index space exhausted after incoming ARP requests to management interface
https://notcve.org/view.php?id=CVE-2018-0063
10 Oct 2018 — A vulnerability in the IP next-hop index database in Junos OS 17.3R3 may allow a flood of ARP requests, sent to the management interface, to exhaust the private Internal routing interfaces (IRIs) next-hop limit. Once the IRI next-hop database is full, no further next hops can be learned and existing entries cannot be cleared, leading to a sustained denial of service (DoS) condition. An indicator of compromise for this issue is the report of the following error message: %KERN-4: Nexthop index allocation fail... • http://www.securitytracker.com/id/1041861 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2018-0053 – vSRX Series: A local authentication vulnerability may lead to full control of a vSRX instance while the system is booting.
https://notcve.org/view.php?id=CVE-2018-0053
10 Oct 2018 — An authentication bypass vulnerability in the initial boot sequence of Juniper Networks Junos OS on vSRX Series may allow an attacker to gain full control of the system without authentication when the system is initially booted up. Affected releases are Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D30 on vSRX. Una vulnerabilidad de omisión de autenticación en la secuencia de arranque inicial en Juniper Networks Junos OS en vSRX Series podría permitir que un atacante obtenga el control total ... • http://www.securitytracker.com/id/1041854 • CWE-287: Improper Authentication •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2018-0044 – NFX Series: Insecure sshd configuration in Juniper Device Manager (JDM) and host OS
https://notcve.org/view.php?id=CVE-2018-0044
10 Oct 2018 — An insecure SSHD configuration in Juniper Device Manager (JDM) and host OS on Juniper NFX Series devices may allow remote unauthenticated access if any of the passwords on the system are empty. The affected SSHD configuration has the PermitEmptyPasswords option set to "yes". Affected releases are Juniper Networks Junos OS: 18.1 versions prior to 18.1R4 on NFX Series. Una configuración SSHD insegura en Juniper Device Manager (JDM) y el sistema operativo del host en dispositivos Juniper NFX Series podría perm... • http://www.securityfocus.com/bid/105565 • CWE-287: Improper Authentication •
CVSS: 9.3EPSS: 0%CPEs: 143EXPL: 0CVE-2018-0052 – Junos OS: Unauthenticated remote root access possible when RSH service is enabled
https://notcve.org/view.php?id=CVE-2018-0052
10 Oct 2018 — If RSH service is enabled on Junos OS and if the PAM authentication is disabled, a remote unauthenticated attacker can obtain root access to the device. RSH service is disabled by default on Junos. There is no documented CLI command to enable this service. However, an undocumented CLI command allows a privileged Junos user to enable RSH service and disable PAM, and hence expose the system to unauthenticated root access. When RSH is enabled, the device is listing to RSH connections on port 514. • http://www.securitytracker.com/id/1041853 • CWE-287: Improper Authentication •