Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
juniper junos j vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-22246
A PHP Local File Inclusion (LFI) vulnerability in the J-Web component of Juniper Networks Junos OS may allow a low-privileged authenticated malicious user to execute an untrusted PHP file. By chaining this vulnerability with other unspecified vulnerabilities, and by circumventing...
Juniper Junos 19.1
Juniper Junos 19.2
Juniper Junos 19.3
Juniper Junos 19.4
Juniper Junos 20.1
Juniper Junos 20.2
Juniper Junos 20.3
Juniper Junos
Juniper Junos 20.4
Juniper Junos 21.1
Juniper Junos 21.2
Juniper Junos 21.3
Juniper Junos 21.4
Juniper Junos 22.1
8.8
CVSSv3
CVE-2021-31372
An Improper Input Validation vulnerability in J-Web of Juniper Networks Junos OS allows a locally authenticated J-Web malicious user to escalate their privileges to root over the target device. This issue affects: Juniper Networks Junos OS All versions before 18.3R3-S5; 18.4 vers...
Juniper Junos 18.3
Juniper Junos 18.4
Juniper Junos 19.1
Juniper Junos 19.2
Juniper Junos 19.3
Juniper Junos 19.4
Juniper Junos 20.1
Juniper Junos 20.2
Juniper Junos 20.3
Juniper Junos 20.4
Juniper Junos 21.1
Juniper Junos 21.2
Juniper Junos
8.8
CVSSv3
CVE-2021-31385
An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in J-Web of Juniper Networks Junos OS allows any low-privileged authenticated malicious user to elevate their privileges to root. This issue affects: Juniper Networks Junos O...
Juniper Junos 15.1
Juniper Junos 12.3
Juniper Junos 18.3
Juniper Junos 18.4
Juniper Junos 19.1
Juniper Junos 19.2
Juniper Junos 19.3
Juniper Junos 19.4
Juniper Junos 20.1
Juniper Junos 20.2
Juniper Junos 20.3
Juniper Junos 20.4
Juniper Junos 21.1
8.8
CVSSv3
CVE-2021-0269
The improper handling of client-side parameters in J-Web of Juniper Networks Junos OS allows an malicious user to perform a number of different malicious actions against a target device when a user is authenticated to J-Web. An attacker may be able to supersede existing parameter...
Juniper Junos 17.4
Juniper Junos 18.1
Juniper Junos 18.2
Juniper Junos 18.3
Juniper Junos 18.4
Juniper Junos 19.1
Juniper Junos 19.2
Juniper Junos 19.3
Juniper Junos 19.4
Juniper Junos 20.1
Juniper Junos 20.2
8.8
CVSSv3
CVE-2021-0275
A Cross-site Scripting (XSS) vulnerability in J-Web on Juniper Networks Junos OS allows an malicious user to target another user's session thereby gaining access to the users session. The other user session must be active for the attack to succeed. Once successful, the attac...
Juniper Junos 12.3
Juniper Junos 15.1
Juniper Junos 12.3x48
Juniper Junos 15.1x49
Juniper Junos 17.1
Juniper Junos 16.1
Juniper Junos 16.2
Juniper Junos 17.2
Juniper Junos 17.3
Juniper Junos 17.4
Juniper Junos 18.1
Juniper Junos 18.2
Juniper Junos 18.3
Juniper Junos 18.4
Juniper Junos 19.1
Juniper Junos 19.2
Juniper Junos 19.3
8.8
CVSSv3
CVE-2020-1673
Insufficient Cross-Site Scripting (XSS) protection in Juniper Networks J-Web and web based (HTTP/HTTPS) services allows an unauthenticated malicious user to hijack the target user's HTTP/HTTPS session and perform administrative actions on the Junos device as the targeted use...
Juniper Junos 18.1
Juniper Junos 18.2
Juniper Junos 18.3
Juniper Junos 18.4
Juniper Junos 19.1
Juniper Junos 19.2
Juniper Junos 19.3
Juniper Junos 19.4
Juniper Junos 20.1
8.8
CVSSv3
CVE-2019-0047
A persistent Cross-Site Scripting (XSS) vulnerability in Junos OS J-Web interface may allow remote unauthenticated malicious users to perform administrative actions on the Junos device. Successful exploitation requires a Junos administrator to first perform certain diagnostic act...
Juniper Junos 12.1x46
Juniper Junos 12.3
Juniper Junos 12.3x48
Juniper Junos 14.1x53
Juniper Junos 15.1
Juniper Junos 15.1x49
Juniper Junos 15.1x53
Juniper Junos 16.1
Juniper Junos 16.2
Juniper Junos 17.2
Juniper Junos 17.1
Juniper Junos 17.3
Juniper Junos 17.4
Juniper Junos 18.1
Juniper Junos 18.2
Juniper Junos 18.3
Juniper Junos 18.4
8.8
CVSSv3
CVE-2019-0062
A session fixation vulnerability in J-Web on Junos OS may allow an malicious user to use social engineering techniques to fix and hijack a J-Web administrators web session and potentially gain administrative access to the device. This issue affects: Juniper Networks Junos OS 12.3...
Juniper Junos 12.3
Juniper Junos 12.3x48
Juniper Junos 14.1x53
Juniper Junos 15.1
Juniper Junos 15.1x49
Juniper Junos 15.1x53
Juniper Junos 16.1
Juniper Junos 16.2
Juniper Junos 17.1
Juniper Junos 17.2
Juniper Junos 17.3
Juniper Junos 17.4
Juniper Junos 18.1
Juniper Junos 18.2
Juniper Junos 18.3
Juniper Junos 18.4
Juniper Junos 19.1
8.8
CVSSv3
CVE-2016-1261
J-Web does not validate certain input that may lead to cross-site request forgery (CSRF) issues or cause a denial of J-Web service (DoS).
Juniper Junos 14.1
Juniper Junos 13.3
Juniper Junos 12.1x44
Juniper Junos 14.2
Juniper Junos 12.3
Juniper Junos 13.2x51
Juniper Junos 14.1x53
Juniper Junos 12.3x48
Juniper Junos 12.1x47
Juniper Junos 12.1x46
Juniper Junos 15.1
Juniper Junos 15.1x49
8.1
CVSSv3
CVE-2020-1606
A path traversal vulnerability in the Juniper Networks Junos OS device may allow an authenticated J-web user to read files with 'world' readable permission and delete files with 'world' writeable permission. This issue does not affect system files that can be ...
Juniper Junos 17.1
Juniper Junos 12.3
Juniper Junos 14.1x53
Juniper Junos 16.1
Juniper Junos 16.2
Juniper Junos 15.1
Juniper Junos 17.2
Juniper Junos 17.4
Juniper Junos 18.1
Juniper Junos 18.2
Juniper Junos 18.3
Juniper Junos 18.4
Juniper Junos 19.1
Juniper Junos 12.3x48
Juniper Junos 15.1x49
Juniper Junos 15.1x53
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »