|
209041
|
9.8 |
CRITICAL
Network
|
juniper
|
junos
|
The factory configuration for vMX installations, as shipped, includes default credentials for the root account. Without proper modification of these default credentials by the administrator, an attac…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-1615
|
2024-11-21 14:10 |
2020-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209042
|
10.0 |
CRITICAL
Network
|
juniper
|
junos
|
A Use of Hard-coded Credentials vulnerability exists in the NFX250 Series for the vSRX Virtual Network Function (VNF) instance, which allows an attacker to take control of the vSRX VNF instance if th…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-1614
|
2024-11-21 14:10 |
2020-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209043
|
7.5 |
HIGH
Network
|
juniper
|
junos
|
A vulnerability in the BGP FlowSpec implementation may cause a Juniper Networks Junos OS device to terminate an established BGP session upon receiving a specific BGP FlowSpec advertisement. The BGP N…
|
NVD-CWE-noinfo
|
CVE-2020-1613
|
2024-11-21 14:10 |
2020-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209044
|
6.5 |
MEDIUM
Network
|
juniper
|
junos_space
|
A Local File Inclusion vulnerability in Juniper Networks Junos Space allows an attacker to view all files on the target when the device receives malicious HTTP packets. This issue affects: Juniper Ne…
|
NVD-CWE-noinfo
|
CVE-2020-1611
|
2024-11-21 14:10 |
2020-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209045
|
8.8 |
HIGH
Adjacent
|
juniper
|
junos
|
When a device using Juniper Network's Dynamic Host Configuration Protocol Daemon (JDHCPD) process on Junos OS or Junos OS Evolved which is configured in relay mode it vulnerable to an attacker sendin…
|
CWE-78
OS Command
|
CVE-2020-1609
|
2024-11-21 14:10 |
2020-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209046
|
7.5 |
HIGH
Network
|
juniper
|
junos
|
Receipt of a specific MPLS or IPv6 packet on the core facing interface of an MX Series device configured for Broadband Edge (BBE) service may trigger a kernel crash (vmcore), causing the device to re…
|
NVD-CWE-noinfo
|
CVE-2020-1608
|
2024-11-21 14:10 |
2020-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209047
|
6.1 |
MEDIUM
Network
|
juniper
|
junos
|
Insufficient Cross-Site Scripting (XSS) protection in J-Web may potentially allow a remote attacker to inject web script or HTML, hijack the target user's J-Web session and perform administrative act…
|
CWE-79
Cross-site Scripting
|
CVE-2020-1607
|
2024-11-21 14:10 |
2020-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209048
|
8.1 |
HIGH
Network
|
juniper
|
junos
|
A path traversal vulnerability in the Juniper Networks Junos OS device may allow an authenticated J-web user to read files with 'world' readable permission and delete files with 'world' writeable per…
|
CWE-22
Path Traversal
|
CVE-2020-1606
|
2024-11-21 14:10 |
2020-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209049
|
8.8 |
HIGH
Adjacent
|
juniper
|
junos
|
When a device using Juniper Network's Dynamic Host Configuration Protocol Daemon (JDHCPD) process on Junos OS or Junos OS Evolved which is configured in relay mode it vulnerable to an attacker sendin…
|
CWE-78
OS Command
|
CVE-2020-1605
|
2024-11-21 14:10 |
2020-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209050
|
5.3 |
MEDIUM
Network
|
juniper
|
junos
|
On EX4300, EX4600, QFX3500, and QFX5100 Series, a vulnerability in the IP firewall filter component may cause the firewall filter evaluation of certain packets to fail. This issue only affects firewa…
|
NVD-CWE-noinfo
|
CVE-2020-1604
|
2024-11-21 14:10 |
2020-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
