CVSS: 6.9EPSS: 0%CPEs: 218EXPL: 0CVE-2020-1618 – Junos OS: EX and QFX Series: Console port authentication bypass vulnerability
https://notcve.org/view.php?id=CVE-2020-1618
On Juniper Networks EX and QFX Series, an authentication bypass vulnerability may allow a user connected to the console port to login as root without any password. This issue might only occur in certain scenarios: • At the first reboot after performing device factory reset using the command “request system zeroize”; or • A temporary moment during the first reboot after the software upgrade when the device configured in Virtual Chassis mode. This issue affects Juniper Networks Junos OS on EX and QFX Series: 14.1X53 versions prior to 14.1X53-D53; 15.1 versions prior to 15.1R7-S4; 15.1X53 versions prior to 15.1X53-D593; 16.1 versions prior to 16.1R7-S4; 17.1 versions prior to 17.1R2-S11, 17.1R3-S1; 17.2 versions prior to 17.2R3-S3; 17.3 versions prior to 17.3R2-S5, 17.3R3-S6; 17.4 versions prior to 17.4R2-S9, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R2; 18.3 versions prior to 18.3R1-S7, 18.3R2. This issue does not affect Juniper Networks Junos OS 12.3. En Juniper Networks EX y QFX Series, una vulnerabilidad de omisión de autenticación puede permitir a un usuario conectado al puerto de la consola iniciar sesión como root sin ninguna contraseña. • https://kb.juniper.net/JSA11001 • CWE-287: Improper Authentication CWE-288: Authentication Bypass Using an Alternate Path or Channel •
CVSS: 8.6EPSS: 0%CPEs: 344EXPL: 0CVE-2020-1613 – Junos OS: BGP session termination upon receipt of specific BGP FlowSpec advertisement.
https://notcve.org/view.php?id=CVE-2020-1613
A vulnerability in the BGP FlowSpec implementation may cause a Juniper Networks Junos OS device to terminate an established BGP session upon receiving a specific BGP FlowSpec advertisement. The BGP NOTIFICATION message that terminates an established BGP session is sent toward the peer device that originally sent the specific BGP FlowSpec advertisement. This specific BGP FlowSpec advertisement received from a BGP peer might get propagated from a Junos OS device running the fixed release to another device that is vulnerable causing BGP session termination downstream. This issue affects IPv4 and IPv6 BGP FlowSpec deployment. This issue affects Juniper Networks Junos OS: 12.3; 12.3X48 on SRX Series; 14.1X53 on EX and QFX Series; 15.1 versions prior to 15.1R7-S5; 15.1F versions prior to 15.1F6-S13; 15.1X49 versions prior to 15.1X49-D180 on SRX Series; 15.1X53 versions prior to 15.1X53-D238 on QFX5200/QFX5110; 15.1X53 versions prior to 15.1X53-D497 on NFX Series; 15.1X53 versions prior to 15.1X53-D592 on EX2300/EX3400; 16.1 versions prior to 16.1R7-S7; 17.1 versions prior to 17.1R2-S12, 17.1R3; 17.2 versions prior to 17.2R2-S7, 17.2R3; 17.2X75 versions prior to 17.2X75-D102, 17.2X75-D110, 17.2X75-D44; 17.3 versions prior to 17.3R2-S5, 17.3R3-S5; 17.4 versions prior to 17.4R1-S8, 17.4R2; 18.1 versions prior to 18.1R2-S4, 18.1R3; 18.2X75 versions prior to 18.2X75-D20. • https://kb.juniper.net/JSA10996 • CWE-710: Improper Adherence to Coding Standards •
CVSS: 7.5EPSS: 0%CPEs: 278EXPL: 0CVE-2020-1607 – Junos OS: Cross-Site Scripting (XSS) in J-Web
https://notcve.org/view.php?id=CVE-2020-1607
Insufficient Cross-Site Scripting (XSS) protection in J-Web may potentially allow a remote attacker to inject web script or HTML, hijack the target user's J-Web session and perform administrative actions on the Junos device as the targeted user. This issue affects Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S15; 12.3X48 versions prior to 12.3X48-D86, 12.3X48-D90 on SRX Series; 14.1X53 versions prior to 14.1X53-D51 on EX and QFX Series; 15.1F6 versions prior to 15.1F6-S13; 15.1 versions prior to 15.1R7-S5; 15.1X49 versions prior to 15.1X49-D181, 15.1X49-D190 on SRX Series; 15.1X53 versions prior to 15.1X53-D238 on QFX5200/QFX5110 Series; 15.1X53 versions prior to 15.1X53-D592 on EX2300/EX3400 Series; 16.1 versions prior to 16.1R4-S13, 16.1R7-S5; 16.2 versions prior to 16.2R2-S10; 17.1 versions prior to 17.1R2-S11, 17.1R3-S1; 17.2 versions prior to 17.2R1-S9, 17.2R3-S2; 17.3 versions prior to 17.3R2-S5, 17.3R3-S5; 17.4 versions prior to 17.4R2-S6, 17.4R3; 18.1 versions prior to 18.1R3-S7; 18.2 versions prior to 18.2R2-S5, 18.2R3; 18.3 versions prior to 18.3R1-S6, 18.3R2-S1, 18.3R3; 18.4 versions prior to 18.4R1-S5, 18.4R2; 19.1 versions prior to 19.1R1-S2, 19.1R2. Una protección insuficiente contra ataques de tipo Cross-Site Scripting (XSS) en J-Web puede permitir potencialmente a un atacante remoto inyectar script web o HTML, secuestrar la sesión J-Web del usuario objetivo y llevar a cabo acciones administrativas en el dispositivo Junos como el usuario objetivo. Este problema afecta a las versiones de Juniper Networks Junos OS 12.3 anteriores a 12.3R12-S15; versiones 12.3X48 anteriores a 12.3X48-D86, 12.3X48-D90 en SRX Series; versiones 14.1X53 anteriores a 14.1X53-D51 en EX y QFX Series; versiones 15.1F6 anteriores a 15.1F6-S13; versiones 15.1 anteriores a 15.1R7-S5; versiones 15.1X49 anteriores a 15.1X49-D181, 15.1X49-D190 en SRX Series; versiones 15.1X53 anteriores a 15.1X53-D238 en QFX5200/QFX5110 Series; versiones 15.1X53 anteriores a 15.1X53-D592 en EX2300/EX3400 Series; versiones 16.1 anteriores a 16.1R4-S13, 16.1R7-S5; versiones 16.2 anteriores a 16.2R2-S10; versiones 17.1 anteriores a 17.1R2-S11, 17.1R3-S1; versiones 17.2 anteriores a 17.2R1-S9, 17.2R3-S2; versiones 17.3 anteriores a 17.3R2-S5, 17.3R3-S5; versiones 17.4 anteriores a 17.4R2-S6, 17.4R3; versiones 18.1 anteriores a 18.1R3-S7; versiones 18.2 anteriores a 18.2R2-S5, 18.2R3; versiones 18.3 anteriores a 18.3R1-S6, 18.3R2-S1, 18.3R3; versiones 18.4 anteriores a 18.4R1-S5, 18.4R2; versiones 19.1 anteriores a 19.1R1-S2, 19.1R2. • https://kb.juniper.net/JSA10986 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 115EXPL: 0CVE-2019-0074 – Junos OS: NFX150 Series, QFX10K Series, EX9200 Series, MX Series, PTX Series: Path traversal vulnerability in NFX150 and NG-RE leads to information disclosure.
https://notcve.org/view.php?id=CVE-2019-0074
A path traversal vulnerability in NFX150 Series and QFX10K Series, EX9200 Series, MX Series and PTX Series devices with Next-Generation Routing Engine (NG-RE) allows a local authenticated user to read sensitive system files. This issue only affects NFX150 Series and QFX10K Series, EX9200 Series, MX Series and PTX Series with Next-Generation Routing Engine (NG-RE) which uses vmhost. This issue affects Juniper Networks Junos OS on NFX150 Series and QFX10K, EX9200 Series, MX Series and PTX Series with NG-RE and vmhost: 15.1F versions prior to 15.1F6-S12 16.1 versions starting from 16.1R6 and later releases, including the Service Releases, prior to 16.1R6-S6, 16.1R7-S3; 17.1 versions prior to 17.1R3; 17.2 versions starting from 17.2R1-S3, 17.2R3 and later releases, including the Service Releases, prior to 17.2R3-S1; 17.3 versions starting from 17.3R1-S1, 17.3R2 and later releases, including the Service Releases, prior to 17.3R3-S3; 17.4 versions starting from 17.4R1 and later releases, including the Service Releases, prior to 17.4R1-S6, 17.4R2-S2, 17.4R3; 18.1 versions prior to 18.1R2-S4, 18.1R3-S3; 18.2 versions prior to 18.2R2; 18.2X75 versions prior to 18.2X75-D40; 18.3 versions prior to 18.3R1-S2, 18.3R2; 18.4 versions prior to 18.4R1-S1, 18.4R2. This issue does not affect: Juniper Networks Junos OS 15.1 and 16.2. Una vulnerabilidad de salto de ruta en los dispositivos de las series NFX150 y QFX10K, EX9200, MX y PTX con el Next-Generation Routing Engine (NG-RE), permite a un usuario autenticado local leer archivos confidenciales del sistema. • https://kb.juniper.net/JSA10975 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-23: Relative Path Traversal •
CVSS: 7.5EPSS: 0%CPEs: 344EXPL: 0CVE-2019-0043 – Junos OS: RPD process crashes upon receipt of a specific SNMP packet
https://notcve.org/view.php?id=CVE-2019-0043
In MPLS environments, receipt of a specific SNMP packet may cause the routing protocol daemon (RPD) process to crash and restart. By continuously sending a specially crafted SNMP packet, an attacker can repetitively crash the RPD process causing prolonged denial of service. No other Juniper Networks products or platforms are affected by this issue. Affected releases are Juniper Networks Junos OS : 12.1X46 versions prior to 12.1X46-D77 on SRX Series; 12.3 versions prior to 12.3R12-S10; 12.3X48 versions prior to 12.3X48-D75 on SRX Series; 14.1X53 versions prior to 14.1X53-D48 on EX/QFX series; 15.1 versions prior to 15.1R4-S9, 15.1R7-S2; 15.1F6 versions prior to 15.1F6-S11; 15.1X49 versions prior to 15.1X49-D141, 15.1X49-D144, 15.1X49-D150 on SRX Series; 15.1X53 versions prior to 15.1X53-D234 on QFX5200/QFX5110 Series; 15.1X53 versions prior to 15.1X53-D68 on QFX10K Series; 15.1X53 versions prior to 15.1X53-D471, 15.1X53-D490 on NFX Series; 15.1X53 versions prior to 15.1X53-D590 on EX2300/EX3400 Series; 15.1X54 on ACX Series; 16.1 versions prior to 16.1R3-S10, 16.1R4-S11, 16.1R6-S5, 16.1R7; 16.1X65 versions prior to 16.1X65-D48; 16.2 versions prior to 16.2R2-S6; 17.1 versions prior to 17.1R2-S8, 17.1R3; 17.2 versions prior to 17.2R1-S7, 17.2R3; 17.2X75 versions prior to 17.2X75-D92, 17.2X75-D102, 17.2X75-D110; 17.3 versions prior to 17.3R3; 17.4 versions prior to 17.4R1-S4, 17.4R2; 18.1 versions prior to 18.1R1-S1, 18.1R2-S1, 18.1R3; 18.2X75 versions prior to 18.2X75-D10. En entornos MPLS, la recepción de un paquete SNMP específico puede provocar que el proceso rpd (Routing Protocol Daemon) se cierre inesperadamente y se reinicie. • https://kb.juniper.net/JSA10935 • CWE-404: Improper Resource Shutdown or Release •