CVSS: 7.2EPSS: 0%CPEs: 152EXPL: 0CVE-2023-28972 – Junos OS: NFX Series: 'set system ports console insecure' allows root password recovery
https://notcve.org/view.php?id=CVE-2023-28972
17 Apr 2023 — An Improper Link Resolution Before File Access vulnerability in console port access of Juniper Networks Junos OS on NFX Series allows an attacker to bypass console access controls. When "set system ports console insecure" is enabled, root login is disallowed for Junos OS as expected. However, the root password can be changed using "set system root-authentication plain-text-password" on NFX Series systems, leading to a possible administrative bypass with physical access to the console. Password recovery, cha... • https://supportportal.juniper.net/JSA70596 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 6.5EPSS: 0%CPEs: 359EXPL: 0CVE-2021-0289 – Junos OS: User-defined ARP Policer isn't applied on Aggregated Ethernet (AE) interface until firewall process is restarted
https://notcve.org/view.php?id=CVE-2021-0289
15 Jul 2021 — When user-defined ARP Policer is configured and applied on one or more Aggregated Ethernet (AE) interface units, a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability between the Device Control Daemon (DCD) and firewall process (dfwd) daemons of Juniper Networks Junos OS allows an attacker to bypass the user-defined ARP Policer. In this particular case the User ARP policer is replaced with default ARP policer. To review the desired ARP Policers and actual state one can run the command "show inte... • https://kb.juniper.net/JSA11191 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.8EPSS: 0%CPEs: 169EXPL: 1CVE-2021-0253 – Junos OS: NFX Series: Local Command Execution Vulnerability in JDMD Leads to Privilege Escalation
https://notcve.org/view.php?id=CVE-2021-0253
22 Apr 2021 — NFX Series devices using Juniper Networks Junos OS are susceptible to a local command execution vulnerability thereby allowing an attacker to elevate their privileges via the Junos Device Management Daemon (JDMD) process. This issue affects Juniper Networks Junos OS on NFX Series 17.2 version 17.2R1 and later versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R2-S5, 18.4R3-S5; 19.1 versions prior to 19.1R1-S3; 19.2 version 19.1R2 and later versions prior to 19.2R3; 19.3 versions prior to 19.3R3; 19.4 v... • https://github.com/orangecertcc/security-research/security/advisories/GHSA-vrf9-cjcp-rwcr • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 83EXPL: 1CVE-2021-0252 – Junos OS: NFX Series: Local Code Execution Vulnerability in JDMD Leads to Privilege Escalation
https://notcve.org/view.php?id=CVE-2021-0252
22 Apr 2021 — NFX Series devices using Juniper Networks Junos OS are susceptible to a local code execution vulnerability thereby allowing an attacker to elevate their privileges via the Junos Device Management Daemon (JDMD) process. This issue affects Juniper Networks Junos OS on NFX Series: 18.1 version 18.1R1 and later versions prior to 18.2R3-S5; 18.3 versions prior to 18.3R2-S4, 18.3R3-S3; 18.4 versions prior to 18.4R2-S5, 18.4R3-S4; 19.1 versions prior to 19.1R1-S3, 19.1R2; 19.2 versions prior to 19.2R1-S5, 19.2R2. ... • https://github.com/orangecertcc/security-research/security/advisories/GHSA-gr7j-26pv-5v57 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2021-0248 – NFX Series: Hard-coded credentials allow an attacker to take control of any instance through administrative interfaces.
https://notcve.org/view.php?id=CVE-2021-0248
22 Apr 2021 — This issue is not applicable to NFX NextGen Software. On NFX Series devices the use of Hard-coded Credentials in Juniper Networks Junos OS allows an attacker to take over any instance of an NFX deployment. This issue is only exploitable through administrative interfaces. This issue affects: Juniper Networks Junos OS versions prior to 19.1R1 on NFX Series. No other platforms besides NFX Series devices are affected. • https://kb.juniper.net/JSA11141 • CWE-798: Use of Hard-coded Credentials •
CVSS: 7.5EPSS: 0%CPEs: 155EXPL: 0CVE-2021-0207 – NFX250, NFX350, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series: Certain genuine traffic received by the Junos OS device will be discarded instead of forwarded.
https://notcve.org/view.php?id=CVE-2021-0207
15 Jan 2021 — An improper interpretation conflict of certain data between certain software components within the Juniper Networks Junos OS devices does not allow certain traffic to pass through the device upon receipt from an ingress interface filtering certain specific types of traffic which is then being redirected to an egress interface on a different VLAN. This causes a Denial of Service (DoS) to those clients sending these particular types of traffic. Such traffic being sent by a client may appear genuine, but is no... • https://kb.juniper.net/JSA11097 • CWE-115: Misinterpretation of Input CWE-436: Interpretation Conflict •
CVSS: 7.5EPSS: 0%CPEs: 59EXPL: 0CVE-2021-0206 – Junos OS: NFX Series, SRX Series: PFE may crash upon receipt of specific packet when SSL Proxy is configured.
https://notcve.org/view.php?id=CVE-2021-0206
15 Jan 2021 — A NULL Pointer Dereference vulnerability in Juniper Networks Junos OS allows an attacker to send a specific packet causing the packet forwarding engine (PFE) to crash and restart, resulting in a Denial of Service (DoS). By continuously sending these specific packets, an attacker can repeatedly disable the PFE causing a sustained Denial of Service (DoS). This issue only affects Juniper Networks NFX Series, SRX Series platforms when SSL Proxy is configured. This issue affects Juniper Networks Junos OS on NFX ... • https://kb.juniper.net/JSA11096 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 187EXPL: 0CVE-2020-1688 – Junos OS: SRX and NFX Series: Insufficient Web API private key protection
https://notcve.org/view.php?id=CVE-2020-1688
16 Oct 2020 — On Juniper Networks SRX Series and NFX Series, a local authenticated user with access to the shell may obtain the Web API service private key that is used to provide encrypted communication between the Juniper device and the authenticator services. Exploitation of this vulnerability may allow an attacker to decrypt the communications between the Juniper device and the authenticator service. This Web API service is used for authentication services such as the Juniper Identity Management Service, used to obta... • https://kb.juniper.net/InfoCenter/index?page=content&id=KB30911 • CWE-320: Key Management Errors CWE-359: Exposure of Private Personal Information to an Unauthorized Actor CWE-522: Insufficiently Protected Credentials •
CVSS: 5.5EPSS: 0%CPEs: 146EXPL: 0CVE-2020-1682 – Junos OS: SRX1500, vSRX, SRX4K, NFX150, NFX250: Denial of service vulnerability executing local CLI command
https://notcve.org/view.php?id=CVE-2020-1682
16 Oct 2020 — An input validation vulnerability exists in Juniper Networks Junos OS, allowing an attacker to crash the srxpfe process, causing a Denial of Service (DoS) through the use of specific maintenance commands. The srxpfe process restarts automatically, but continuous execution of the commands could lead to an extended Denial of Service condition. This issue only affects the SRX1500, SRX4100, SRX4200, NFX150, NFX250, and vSRX-based platforms. No other products or platforms are affected by this vulnerability. This... • https://kb.juniper.net/JSA11079 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2020-1614 – NFX250 Series: Hardcoded credentials in the vSRX VNF instance.
https://notcve.org/view.php?id=CVE-2020-1614
08 Apr 2020 — A Use of Hard-coded Credentials vulnerability exists in the NFX250 Series for the vSRX Virtual Network Function (VNF) instance, which allows an attacker to take control of the vSRX VNF instance if they have the ability to access an administrative service (e.g. SSH) on the VNF, either locally, or through the network. This issue only affects the NFX250 Series vSRX VNF. No other products or platforms are affected. This issue is only applicable to environments where the vSRX VNF root password has not been confi... • https://kb.juniper.net/JSA10997 • CWE-798: Use of Hard-coded Credentials •