Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
juniper junos 12.3x48 vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2016-1262
Juniper Junos OS prior to 12.1X46-D45, 12.1X47 prior to 12.1X47-D30, 12.1X48 prior to 12.3X48-D20, and 15.1X49 prior to 15.1X49-D30 on SRX series devices, when the Real Time Streaming Protocol Application Layer Gateway (RTSP ALG) is enabled, allow remote malicious users to cause ...
Juniper Junos 12.3x48
Juniper Junos 12.1x47
Juniper Junos 15.1x49
Juniper Junos
5.9
CVSSv3
CVE-2018-0018
On SRX Series devices during compilation of IDP policies, an attacker sending specially crafted packets may be able to bypass firewall rules, leading to information disclosure which an attacker may use to gain control of the target device or other internal devices, systems or ser...
Juniper Junos 12.1x46
Juniper Junos 12.3x48
Juniper Junos 15.1x49
8.1
CVSSv3
CVE-2018-0025
When an SRX Series device is configured to use HTTP/HTTPS pass-through authentication services, a client sending authentication credentials in the initial HTTP/HTTPS session is at risk that these credentials may be captured during follow-on HTTP/HTTPS requests by a malicious acto...
Juniper Junos 12.1x46
Juniper Junos 12.3x48
Juniper Junos 15.1x49
7.5
CVSSv3
CVE-2019-0010
An SRX Series Service Gateway configured for Unified Threat Management (UTM) may experience a system crash with the error message "mbuf exceed" -- an indication of memory buffer exhaustion -- due to the receipt of crafted HTTP traffic. Each crafted HTTP packet inspected...
Juniper Junos 12.1x46
Juniper Junos 12.3x48
Juniper Junos 15.1x49
1 Article
NA
CVE-2015-3007
The Juniper SRX Series services gateways with Junos OS 12.1X46 prior to 12.1X46-D35, 12.1X47 prior to 12.1X47-D25, and 12.3X48 prior to 12.3X48-D15 do not properly implement the "set system ports console insecure" feature, which allows physically proximate malicious use...
Juniper Junos 12.1x46
Juniper Junos 12.1x47
Juniper Junos 12.3x48
7.5
CVSSv3
CVE-2021-0261
A vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN (DVPN), Firewall Authentication Pass-Through with Web-Redirect, and Captive Portal allows an unauthenticated malicious user to cause an extended Denial of Service (DoS) for these services by ...
Juniper Junos 12.3
Juniper Junos 12.3x48
Juniper Junos 15.1x49
5.3
CVSSv3
CVE-2017-10604
When the device is configured to perform account lockout with a defined period of time, any unauthenticated user attempting to log in as root with an incorrect password can trigger a lockout of the root account. When an SRX Series device is in cluster mode, and a cluster sync or ...
Juniper Junos 12.1x46
Juniper Junos 12.3x48
Juniper Junos 15.1x49
7.5
CVSSv3
CVE-2017-10605
On all vSRX and SRX Series devices, when the DHCP or DHCP relay is configured, specially crafted packet might cause the flowd process to crash, halting or interrupting traffic from flowing through the device(s). Repeated crashes of the flowd process may constitute an extended den...
Juniper Junos 15.1x49
Juniper Junos 12.1x46
Juniper Junos 12.3x48
5.9
CVSSv3
CVE-2017-10610
On SRX Series devices, a crafted ICMP packet embedded within a NAT64 IPv6 to IPv4 tunnel may cause the flowd process to crash. Repeated crashes of the flowd process constitutes an extended denial of service condition for the SRX Series device. This issue only occurs if NAT64 is c...
Juniper Junos 12.1x46
Juniper Junos 12.3x48
Juniper Junos 15.1x49
7.4
CVSSv3
CVE-2017-10620
Juniper Networks Junos OS on SRX series devices do not verify the HTTPS server certificate before downloading anti-virus updates. This may allow a man-in-the-middle malicious user to inject bogus signatures to cause service disruptions or make the device not detect certain types ...
Juniper Junos 12.1x46
Juniper Junos 12.3x48
Juniper Junos 15.1x49
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »