Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
juniper junos 12.3x48 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2016-1262
Juniper Junos OS prior to 12.1X46-D45, 12.1X47 prior to 12.1X47-D30, 12.1X48 prior to 12.3X48-D20, and 15.1X49 prior to 15.1X49-D30 on SRX series devices, when the Real Time Streaming Protocol Application Layer Gateway (RTSP ALG) is enabled, allow remote malicious users to cause ...
Juniper Junos 12.3x48
Juniper Junos 12.1x47
Juniper Junos 15.1x49
Juniper Junos
5
CVSSv2
CVE-2019-0010
An SRX Series Service Gateway configured for Unified Threat Management (UTM) may experience a system crash with the error message "mbuf exceed" -- an indication of memory buffer exhaustion -- due to the receipt of crafted HTTP traffic. Each crafted HTTP packet inspected...
Juniper Junos 12.1x46
Juniper Junos 12.3x48
Juniper Junos 15.1x49
1 Article
5
CVSSv2
CVE-2017-10604
When the device is configured to perform account lockout with a defined period of time, any unauthenticated user attempting to log in as root with an incorrect password can trigger a lockout of the root account. When an SRX Series device is in cluster mode, and a cluster sync or ...
Juniper Junos 12.1x46
Juniper Junos 12.3x48
Juniper Junos 15.1x49
5
CVSSv2
CVE-2017-10605
On all vSRX and SRX Series devices, when the DHCP or DHCP relay is configured, specially crafted packet might cause the flowd process to crash, halting or interrupting traffic from flowing through the device(s). Repeated crashes of the flowd process may constitute an extended den...
Juniper Junos 15.1x49
Juniper Junos 12.1x46
Juniper Junos 12.3x48
5.8
CVSSv2
CVE-2017-10620
Juniper Networks Junos OS on SRX series devices do not verify the HTTPS server certificate before downloading anti-virus updates. This may allow a man-in-the-middle malicious user to inject bogus signatures to cause service disruptions or make the device not detect certain types ...
Juniper Junos 12.1x46
Juniper Junos 12.3x48
Juniper Junos 15.1x49
4.3
CVSSv2
CVE-2018-0009
On Juniper Networks SRX series devices, firewall rules configured to match custom application UUIDs starting with zeros can match all TCP traffic. Due to this issue, traffic that should have been blocked by other rules is permitted to flow through the device resulting in a firewa...
Juniper Junos 12.1x46
Juniper Junos 12.3x48
Juniper Junos 15.1x49
7.2
CVSSv2
CVE-2015-3007
The Juniper SRX Series services gateways with Junos OS 12.1X46 prior to 12.1X46-D35, 12.1X47 prior to 12.1X47-D25, and 12.3X48 prior to 12.3X48-D15 do not properly implement the "set system ports console insecure" feature, which allows physically proximate malicious use...
Juniper Junos 12.1x46
Juniper Junos 12.1x47
Juniper Junos 12.3x48
4.3
CVSSv2
CVE-2017-10610
On SRX Series devices, a crafted ICMP packet embedded within a NAT64 IPv6 to IPv4 tunnel may cause the flowd process to crash. Repeated crashes of the flowd process constitutes an extended denial of service condition for the SRX Series device. This issue only occurs if NAT64 is c...
Juniper Junos 12.1x46
Juniper Junos 12.3x48
Juniper Junos 15.1x49
5
CVSSv2
CVE-2021-0261
A vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN (DVPN), Firewall Authentication Pass-Through with Web-Redirect, and Captive Portal allows an unauthenticated malicious user to cause an extended Denial of Service (DoS) for these services by ...
Juniper Junos 12.3
Juniper Junos 12.3x48
Juniper Junos 15.1x49
5
CVSSv2
CVE-2019-0044
Receipt of a specific packet on the out-of-band management interface fxp0 may cause the system to crash and restart (vmcore). By continuously sending a specially crafted packet to the fxp0 interface, an attacker can repetitively crash the rpd process causing prolonged Denial of S...
Juniper Junos 12.3x48
Juniper Junos 12.1x46
Juniper Junos 15.1x49
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »