CVSS: 7.5EPSS: 0%CPEs: 135EXPL: 0CVE-2019-0055 – Junos OS: SRX Series: An attacker may cause flowd to crash by sending certain valid SIP traffic to a device with SIP ALG enabled.
https://notcve.org/view.php?id=CVE-2019-0055
09 Oct 2019 — A vulnerability in the SIP ALG packet processing service of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the device by sending specific types of valid SIP traffic to the device. In this case, the flowd process crashes and generates a core dump while processing SIP ALG traffic. Continued receipt of these valid SIP packets will result in a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: 12.3X48 versions prior to 12.3X48-D61, 12.... • https://kb.juniper.net/JSA10953 • CWE-130: Improper Handling of Length Parameter Inconsistency •
CVSS: 7.4EPSS: 0%CPEs: 41EXPL: 0CVE-2019-0054 – Junos OS: SRX Series: An attacker may be able to perform Man-in-the-Middle (MitM) attacks during app-id signature updates.
https://notcve.org/view.php?id=CVE-2019-0054
09 Oct 2019 — An Improper Certificate Validation weakness in the SRX Series Application Identification (app-id) signature update client of Juniper Networks Junos OS allows an attacker to perform Man-in-the-Middle (MitM) attacks which may compromise the integrity and confidentiality of the device. This issue affects: Juniper Networks Junos OS 15.1X49 versions prior to 15.1X49-D120 on SRX Series devices. No other versions of Junos OS are affected. Una debilidad de Comprobación de Certificado Inapropiada en el cliente de ac... • https://kb.juniper.net/JSA10952 • CWE-295: Improper Certificate Validation CWE-300: Channel Accessible by Non-Endpoint •
CVSS: 6.5EPSS: 0%CPEs: 33EXPL: 0CVE-2019-0038 – SRX Series: Crafted packets destined to fxp0 management interface on SRX340/SRX345 devices can lead to DoS
https://notcve.org/view.php?id=CVE-2019-0038
10 Apr 2019 — Crafted packets destined to the management interface (fxp0) of an SRX340 or SRX345 services gateway may create a denial of service (DoS) condition due to buffer space exhaustion. This issue only affects the SRX340 and SRX345 services gateways. No other products or platforms are affected by this vulnerability. Affected releases are Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D160 on SRX340/SRX345; 17.3 on SRX340/SRX345; 17.4 versions prior to 17.4R2-S3, 17.4R3 on SRX340/SRX345; 18.1 versions... • http://www.securityfocus.com/bid/107873 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 0%CPEs: 164EXPL: 0CVE-2019-0003 – Junos OS: A flowspec BGP update with a specific term-order causes routing protocol daemon (rpd) process to crash with a core.
https://notcve.org/view.php?id=CVE-2019-0003
15 Jan 2019 — When a specific BGP flowspec configuration is enabled and upon receipt of a specific matching BGP packet meeting a specific term in the flowspec configuration, a reachable assertion failure occurs, causing the routing protocol daemon (rpd) process to crash with a core file being generated. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D77 on SRX Series; 12.3 versions prior to 12.3R12-S10; 12.3X48 versions prior to 12.3X48-D70 on SRX Series; 14.1X53 versions prior to 14.1... • http://www.securityfocus.com/bid/106544 • CWE-617: Reachable Assertion •
CVSS: 5.5EPSS: 0%CPEs: 95EXPL: 0CVE-2019-0015 – Junos OS: SRX Series: Deleted dynamic VPN users are allowed to establish VPN connections until reboot
https://notcve.org/view.php?id=CVE-2019-0015
15 Jan 2019 — A vulnerability in the SRX Series Service Gateway allows deleted dynamic VPN users to establish dynamic VPN connections until the device is rebooted. A deleted dynamic VPN connection should be immediately disallowed from establishing new VPN connections. Due to an error in token caching, deleted users are allowed to connect once a previously successful dynamic VPN connection has been established. A reboot is required to clear the cached authentication token. Affected releases are Junos OS on SRX Series: 12.... • http://www.securityfocus.com/bid/106668 • CWE-613: Insufficient Session Expiration •
CVSS: 8.8EPSS: 0%CPEs: 295EXPL: 0CVE-2018-0043 – Junos OS: RPD daemon crashes upon receipt of specific MPLS packet
https://notcve.org/view.php?id=CVE-2018-0043
10 Oct 2018 — Receipt of a specific MPLS packet may cause the routing protocol daemon (RPD) process to crash and restart or may lead to remote code execution. By continuously sending specific MPLS packets, an attacker can repeatedly crash the RPD process causing a sustained Denial of Service. This issue affects both IPv4 and IPv6. This issue can only be exploited from within the MPLS domain. End-users connected to the CE device cannot cause this crash. • http://www.securitytracker.com/id/1041847 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 152EXPL: 0CVE-2018-0049 – Junos OS: Receipt of a specifically crafted malicious MPLS packet leads to a Junos kernel crash.
https://notcve.org/view.php?id=CVE-2018-0049
10 Oct 2018 — A NULL Pointer Dereference vulnerability in Juniper Networks Junos OS allows an attacker to cause the Junos OS kernel to crash. Continued receipt of this specifically crafted malicious MPLS packet will cause a sustained Denial of Service condition. This issue require it to be received on an interface configured to receive this type of traffic. Affected releases are Juniper Networks Junos OS: 12.1X46 versions above and including 12.1X46-D76 prior to 12.1X46-D81 on SRX100, SRX110, SRX210, SRX220, SRX240m, SRX... • http://www.securityfocus.com/bid/105701 • CWE-476: NULL Pointer Dereference •
CVSS: 8.8EPSS: 0%CPEs: 205EXPL: 0CVE-2018-0045 – Junos OS: RPD daemon crashes due to receipt of specific Draft-Rosen MVPN control packet in Draft-Rosen MVPN configuration
https://notcve.org/view.php?id=CVE-2018-0045
10 Oct 2018 — Receipt of a specific Draft-Rosen MVPN control packet may cause the routing protocol daemon (RPD) process to crash and restart or may lead to remote code execution. By continuously sending the same specific Draft-Rosen MVPN control packet, an attacker can repeatedly crash the RPD process causing a prolonged denial of service. This issue may occur when the Junos OS device is configured for Draft-Rosen multicast virtual private network (MVPN). The VPN is multicast-enabled and configured to use Protocol Indepe... • http://www.securitytracker.com/id/1041848 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 459EXPL: 2CVE-2018-15504
https://notcve.org/view.php?id=CVE-2018-15504
18 Aug 2018 — An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. The server mishandles some HTTP request fields associated with time, which results in a NULL pointer dereference, as demonstrated by If-Modified-Since or If-Unmodified-Since with a month greater than 11. Se ha descubierto un problema en Embedthis GoAhead en versiones anteriores a la 4.0.1 y Appweb anteriores a la 7.0.2. El servidor maneja incorrectamente algunos campos request HTTP asociados con time, lo que resulta en una de... • https://github.com/embedthis/appweb/commit/66067ae6d1fa08b37a270e7dc1821df52ed2daef • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 115EXPL: 0CVE-2018-0024 – Junos OS: A privilege escalation vulnerability exists where authenticated users with shell access can become root
https://notcve.org/view.php?id=CVE-2018-0024
11 Jul 2018 — An Improper Privilege Management vulnerability in a shell session of Juniper Networks Junos OS allows an authenticated unprivileged attacker to gain full control of the system. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D45 on SRX Series; 12.3X48 versions prior to 12.3X48-D20 on SRX Series; 12.3 versions prior to 12.3R11 on EX Series; 14.1X53 versions prior to 14.1X53-D30 on EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3... • http://www.securityfocus.com/bid/104718 • CWE-269: Improper Privilege Management •