Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
juniper junos 12.3x48 vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2016-1262
Juniper Junos OS prior to 12.1X46-D45, 12.1X47 prior to 12.1X47-D30, 12.1X48 prior to 12.3X48-D20, and 15.1X49 prior to 15.1X49-D30 on SRX series devices, when the Real Time Streaming Protocol Application Layer Gateway (RTSP ALG) is enabled, allow remote malicious users to cause ...
Juniper Junos 12.3x48
Juniper Junos 12.1x47
Juniper Junos 15.1x49
Juniper Junos
7.5
CVSSv3
CVE-2019-0010
An SRX Series Service Gateway configured for Unified Threat Management (UTM) may experience a system crash with the error message "mbuf exceed" -- an indication of memory buffer exhaustion -- due to the receipt of crafted HTTP traffic. Each crafted HTTP packet inspected...
Juniper Junos 12.1x46
Juniper Junos 12.3x48
Juniper Junos 15.1x49
1 Article
7.5
CVSSv3
CVE-2019-0044
Receipt of a specific packet on the out-of-band management interface fxp0 may cause the system to crash and restart (vmcore). By continuously sending a specially crafted packet to the fxp0 interface, an attacker can repetitively crash the rpd process causing prolonged Denial of S...
Juniper Junos 12.3x48
Juniper Junos 12.1x46
Juniper Junos 15.1x49
7.5
CVSSv3
CVE-2017-10605
On all vSRX and SRX Series devices, when the DHCP or DHCP relay is configured, specially crafted packet might cause the flowd process to crash, halting or interrupting traffic from flowing through the device(s). Repeated crashes of the flowd process may constitute an extended den...
Juniper Junos 15.1x49
Juniper Junos 12.1x46
Juniper Junos 12.3x48
5.9
CVSSv3
CVE-2017-10610
On SRX Series devices, a crafted ICMP packet embedded within a NAT64 IPv6 to IPv4 tunnel may cause the flowd process to crash. Repeated crashes of the flowd process constitutes an extended denial of service condition for the SRX Series device. This issue only occurs if NAT64 is c...
Juniper Junos 12.1x46
Juniper Junos 12.3x48
Juniper Junos 15.1x49
5.3
CVSSv3
CVE-2017-10604
When the device is configured to perform account lockout with a defined period of time, any unauthenticated user attempting to log in as root with an incorrect password can trigger a lockout of the root account. When an SRX Series device is in cluster mode, and a cluster sync or ...
Juniper Junos 12.1x46
Juniper Junos 12.3x48
Juniper Junos 15.1x49
7.4
CVSSv3
CVE-2017-10620
Juniper Networks Junos OS on SRX series devices do not verify the HTTPS server certificate before downloading anti-virus updates. This may allow a man-in-the-middle malicious user to inject bogus signatures to cause service disruptions or make the device not detect certain types ...
Juniper Junos 12.1x46
Juniper Junos 12.3x48
Juniper Junos 15.1x49
7.5
CVSSv3
CVE-2021-0261
A vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN (DVPN), Firewall Authentication Pass-Through with Web-Redirect, and Captive Portal allows an unauthenticated malicious user to cause an extended Denial of Service (DoS) for these services by ...
Juniper Junos 12.3
Juniper Junos 12.3x48
Juniper Junos 15.1x49
8.1
CVSSv3
CVE-2018-0025
When an SRX Series device is configured to use HTTP/HTTPS pass-through authentication services, a client sending authentication credentials in the initial HTTP/HTTPS session is at risk that these credentials may be captured during follow-on HTTP/HTTPS requests by a malicious acto...
Juniper Junos 12.1x46
Juniper Junos 12.3x48
Juniper Junos 15.1x49
5.9
CVSSv3
CVE-2018-0009
On Juniper Networks SRX series devices, firewall rules configured to match custom application UUIDs starting with zeros can match all TCP traffic. Due to this issue, traffic that should have been blocked by other rules is permitted to flow through the device resulting in a firewa...
Juniper Junos 12.1x46
Juniper Junos 12.3x48
Juniper Junos 15.1x49
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »