CVSS: 7.5EPSS: 0%CPEs: 119EXPL: 0CVE-2019-0051 – SRX5000 Series: Denial of Service vulnerability in SSL-Proxy feature.
https://notcve.org/view.php?id=CVE-2019-0051
09 Oct 2019 — SSL-Proxy feature on SRX devices fails to handle a hardware resource limitation which can be exploited by remote SSL/TLS servers to crash the flowd daemon. Repeated crashes of the flowd daemon can result in an extended denial of service condition. For this issue to occur, clients protected by the SRX device must initiate a connection to the malicious server. This issue affects: Juniper Networks Junos OS on SRX5000 Series: 12.3X48 versions prior to 12.3X48-D85; 15.1X49 versions prior to 15.1X49-D180; 17.3 ve... • https://kb.juniper.net/JSA10973 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.8EPSS: 0%CPEs: 146EXPL: 0CVE-2019-0052 – SRX Series: srxpfe process crash while JSF/UTM module parses specific HTTP packets
https://notcve.org/view.php?id=CVE-2019-0052
11 Jul 2019 — The srxpfe process may crash on SRX Series services gateways when the UTM module processes a specific fragmented HTTP packet. The packet is misinterpreted as a regular TCP packet which causes the processor to crash. This issue affects all SRX Series platforms that support URL-Filtering and have web-filtering enabled. Affected releases are Juniper Networks Junos OS: 12.3X48 versions prior to 12.3X48-D85 on SRX Series; 15.1X49 versions prior to 15.1X49-D181, 15.1X49-D190 on SRX Series; 17.3 versions on SRX Se... • http://www.securityfocus.com/bid/109145 • CWE-404: Improper Resource Shutdown or Release CWE-436: Interpretation Conflict •
CVSS: 7.5EPSS: 0%CPEs: 62EXPL: 0CVE-2019-0044 – Junos OS: SRX5000 series: Kernel crash (vmcore) upon receipt of a specific packet on fxp0 interface
https://notcve.org/view.php?id=CVE-2019-0044
10 Apr 2019 — Receipt of a specific packet on the out-of-band management interface fxp0 may cause the system to crash and restart (vmcore). By continuously sending a specially crafted packet to the fxp0 interface, an attacker can repetitively crash the rpd process causing prolonged Denial of Service (DoS). Affected releases are Juniper Networks SRX5000 Series: 12.1X46 versions prior to 12.1X46-D82; 12.3X48 versions prior to 12.3X48-D80; 15.1X49 versions prior to 15.1X49-D160. La recepción de un paquete específico en la i... • http://www.securityfocus.com/bid/107872 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 7.5EPSS: 0%CPEs: 344EXPL: 0CVE-2019-0043 – Junos OS: RPD process crashes upon receipt of a specific SNMP packet
https://notcve.org/view.php?id=CVE-2019-0043
10 Apr 2019 — In MPLS environments, receipt of a specific SNMP packet may cause the routing protocol daemon (RPD) process to crash and restart. By continuously sending a specially crafted SNMP packet, an attacker can repetitively crash the RPD process causing prolonged denial of service. No other Juniper Networks products or platforms are affected by this issue. Affected releases are Juniper Networks Junos OS : 12.1X46 versions prior to 12.1X46-D77 on SRX Series; 12.3 versions prior to 12.3R12-S10; 12.3X48 versions prior... • https://kb.juniper.net/JSA10935 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 7.5EPSS: 0%CPEs: 17EXPL: 0CVE-2019-0033 – SRX Series: A remote attacker may cause a high CPU Denial of Service to the device when proxy ARP is configured.
https://notcve.org/view.php?id=CVE-2019-0033
10 Apr 2019 — A firewall bypass vulnerability in the proxy ARP service of Juniper Networks Junos OS allows an attacker to cause a high CPU condition leading to a Denial of Service (DoS). This issue affects only IPv4. Affected releases are Juniper Networks Junos OS: 12.1X46 versions above and including 12.1X46-D25 prior to 12.1X46-D71, 12.1X46-D73 on SRX Series; 12.3X48 versions prior to 12.3X48-D50 on SRX Series; 15.1X49 versions prior to 15.1X49-D75 on SRX Series. Una vulnerabilidad de omisión del firewall en el servici... • http://www.securityfocus.com/bid/107882 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 164EXPL: 0CVE-2019-0003 – Junos OS: A flowspec BGP update with a specific term-order causes routing protocol daemon (rpd) process to crash with a core.
https://notcve.org/view.php?id=CVE-2019-0003
15 Jan 2019 — When a specific BGP flowspec configuration is enabled and upon receipt of a specific matching BGP packet meeting a specific term in the flowspec configuration, a reachable assertion failure occurs, causing the routing protocol daemon (rpd) process to crash with a core file being generated. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D77 on SRX Series; 12.3 versions prior to 12.3R12-S10; 12.3X48 versions prior to 12.3X48-D70 on SRX Series; 14.1X53 versions prior to 14.1... • http://www.securityfocus.com/bid/106544 • CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 1%CPEs: 78EXPL: 0CVE-2019-0010 – Junos OS: SRX Series: Crafted HTTP traffic may cause UTM to consume all mbufs, leading to Denial of Service
https://notcve.org/view.php?id=CVE-2019-0010
15 Jan 2019 — An SRX Series Service Gateway configured for Unified Threat Management (UTM) may experience a system crash with the error message "mbuf exceed" -- an indication of memory buffer exhaustion -- due to the receipt of crafted HTTP traffic. Each crafted HTTP packet inspected by UTM consumes mbufs which can be identified through the following log messages: all_logs.0:Jun 8 03:25:03 srx1 node0.fpc4 : SPU3 jmpi mbuf stall 50%. all_logs.0:Jun 8 03:25:13 srx1 node0.fpc4 : SPU3 jmpi mbuf stall 51%. all_logs.0:Jun 8 03... • http://www.securityfocus.com/bid/106535 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.5EPSS: 0%CPEs: 95EXPL: 0CVE-2019-0015 – Junos OS: SRX Series: Deleted dynamic VPN users are allowed to establish VPN connections until reboot
https://notcve.org/view.php?id=CVE-2019-0015
15 Jan 2019 — A vulnerability in the SRX Series Service Gateway allows deleted dynamic VPN users to establish dynamic VPN connections until the device is rebooted. A deleted dynamic VPN connection should be immediately disallowed from establishing new VPN connections. Due to an error in token caching, deleted users are allowed to connect once a previously successful dynamic VPN connection has been established. A reboot is required to clear the cached authentication token. Affected releases are Junos OS on SRX Series: 12.... • http://www.securityfocus.com/bid/106668 • CWE-613: Insufficient Session Expiration •
CVSS: 8.8EPSS: 0%CPEs: 295EXPL: 0CVE-2018-0043 – Junos OS: RPD daemon crashes upon receipt of specific MPLS packet
https://notcve.org/view.php?id=CVE-2018-0043
10 Oct 2018 — Receipt of a specific MPLS packet may cause the routing protocol daemon (RPD) process to crash and restart or may lead to remote code execution. By continuously sending specific MPLS packets, an attacker can repeatedly crash the RPD process causing a sustained Denial of Service. This issue affects both IPv4 and IPv6. This issue can only be exploited from within the MPLS domain. End-users connected to the CE device cannot cause this crash. • http://www.securitytracker.com/id/1041847 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 152EXPL: 0CVE-2018-0049 – Junos OS: Receipt of a specifically crafted malicious MPLS packet leads to a Junos kernel crash.
https://notcve.org/view.php?id=CVE-2018-0049
10 Oct 2018 — A NULL Pointer Dereference vulnerability in Juniper Networks Junos OS allows an attacker to cause the Junos OS kernel to crash. Continued receipt of this specifically crafted malicious MPLS packet will cause a sustained Denial of Service condition. This issue require it to be received on an interface configured to receive this type of traffic. Affected releases are Juniper Networks Junos OS: 12.1X46 versions above and including 12.1X46-D76 prior to 12.1X46-D81 on SRX100, SRX110, SRX210, SRX220, SRX240m, SRX... • http://www.securityfocus.com/bid/105701 • CWE-476: NULL Pointer Dereference •