Latest juniper ex4300 Vulnerabilities

CVE-2024-21620
Junos OS: SRX Series and EX Series: J-Web doesn't sufficiently sanitize input to prevent XSS
Juniper Networks Junos OS
Juniper Networks SRX Series
Juniper Networks EX Series
Juniper JUNOS<20.4
Juniper JUNOS=20.4
Juniper JUNOS=20.4-r1
and 190 more
CVE-2024-21619
Junos OS: SRX Series and EX Series: J-Web - unauthenticated access to temporary files containing sensitive information
Juniper Networks Junos OS
Juniper Networks SRX Series
Juniper Networks EX Series
Juniper JUNOS<20.4
Juniper JUNOS=20.4
Juniper JUNOS=20.4-r1
and 197 more
CVE-2023-44191
An Allocation of Resources Without Limits or Throttling vulnerability in Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service (DoS). On all Junos OS...
Juniper JUNOS=21.1
Juniper JUNOS=21.1-r1
Juniper JUNOS=21.1-r1-s1
Juniper JUNOS=21.1-r2
Juniper JUNOS=21.1-r2-s1
Juniper JUNOS=21.1-r2-s2
and 86 more
CVE-2023-36851
Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability
Juniper JUNOS<20.4
Juniper JUNOS=20.4
Juniper JUNOS=20.4-r1
Juniper JUNOS=20.4-r1-s1
Juniper JUNOS=20.4-r2
Juniper JUNOS=20.4-r2-s1
and 366 more
CVE-2023-36846
Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability
Juniper JUNOS<20.4
Juniper JUNOS=20.4
Juniper JUNOS=20.4-r1
Juniper JUNOS=20.4-r1-s1
Juniper JUNOS=20.4-r2
Juniper JUNOS=20.4-r2-s1
and 178 more
CVE-2023-36847
Juniper Junos OS EX Series Missing Authentication for Critical Function Vulnerability
Juniper Networks SRX Series firewall
Juniper Networks EX Series switch
Juniper Junos OS
Juniper JUNOS<20.4
Juniper JUNOS=20.4
Juniper JUNOS=20.4-r1
and 177 more
CVE-2023-36844
Juniper Junos OS EX Series PHP External Variable Modification Vulnerability
Juniper Networks SRX Series firewall
Juniper Networks EX Series switch
Juniper Junos OS
Juniper JUNOS<20.4
Juniper JUNOS=20.4
Juniper JUNOS=20.4-r1
and 177 more
CVE-2023-36845
Juniper Junos OS EX Series and SRX Series PHP External Variable Modification Vulnerability
Juniper JUNOS<20.4
Juniper JUNOS=20.4
Juniper JUNOS=20.4-r1
Juniper JUNOS=20.4-r1-s1
Juniper JUNOS=20.4-r2
Juniper JUNOS=20.4-r2-s1
and 446 more
CVE-2022-22226
In VxLAN scenarios on EX4300-MP, EX4600, QFX5000 Series devices an Uncontrolled Memory Allocation vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthentic...
Juniper JUNOS=17.1-r1
Juniper JUNOS=17.1-r1-s7
Juniper JUNOS=17.1-r2
Juniper JUNOS=17.1-r2-s1
Juniper JUNOS=17.1-r2-s10
Juniper JUNOS=17.1-r2-s11
and 268 more
CVE-2022-22221
An Improper Neutralization of Special Elements vulnerability in the download manager of Juniper Networks Junos OS on SRX Series and EX Series allows a locally authenticated attacker with low privilege...
Juniper JUNOS<19.2
Juniper JUNOS=19.2
Juniper JUNOS=19.2-r1
Juniper JUNOS=19.2-r1-s1
Juniper JUNOS=19.2-r1-s2
Juniper JUNOS=19.2-r1-s3
and 194 more
CVE-2022-22191
A Denial of Service (DoS) vulnerability in the processing of a flood of specific ARP traffic in Juniper Networks Junos OS on the EX4300 switch, sent from the local broadcast domain, may allow an unaut...
Juniper JUNOS<15.1
Juniper JUNOS=15.1
Juniper JUNOS=15.1-a1
Juniper JUNOS=15.1-f
Juniper JUNOS=15.1-f1
Juniper JUNOS=15.1-f2
and 203 more
CVE-2021-31365
An Uncontrolled Resource Consumption vulnerability in Juniper Networks Junos OS on EX2300, EX3400 and EX4300 Series platforms allows an adjacent attacker sending a stream of layer 2 frames will trigge...
Juniper JUNOS<18.1
Juniper JUNOS=18.1
Juniper JUNOS=18.1-r
Juniper JUNOS=18.1-r1
Juniper JUNOS=18.1-r2
Juniper JUNOS=18.1-r2-s1
and 334 more
CVE-2021-0289
When user-defined ARP Policer is configured and applied on one or more Aggregated Ethernet (AE) interface units, a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability between the Device Co...
Juniper JUNOS>=5.7<15.1
Juniper JUNOS>=15.2<18.4
Juniper JUNOS=5.6-r1
Juniper JUNOS=18.4
Juniper JUNOS=18.4-r1
Juniper JUNOS=18.4-r1-s1
and 296 more
CVE-2021-0285
An uncontrolled resource consumption vulnerability in Juniper Networks Junos OS on QFX5000 Series and EX4600 Series switches allows an attacker sending large amounts of legitimate traffic destined to ...
Juniper JUNOS=15.1
Juniper JUNOS=15.1-a1
Juniper JUNOS=15.1-f
Juniper JUNOS=15.1-f1
Juniper JUNOS=15.1-f2
Juniper JUNOS=15.1-f2-s1
and 249 more
CVE-2021-0275
A Cross-site Scripting (XSS) vulnerability in J-Web on Juniper Networks Junos OS allows an attacker to target another user's session thereby gaining access to the users session. The other user session...
Juniper JUNOS=12.3
Juniper JUNOS=12.3-r1
Juniper JUNOS=12.3-r10
Juniper JUNOS=12.3-r10-s1
Juniper JUNOS=12.3-r10-s2
Juniper JUNOS=12.3-r11
and 313 more
CVE-2021-0261
A vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN (DVPN), Firewall Authentication Pass-Through with Web-Redirect, and Captive Portal allows an unauthenticated at...
Juniper JUNOS=12.3
Juniper JUNOS=12.3-r1
Juniper JUNOS=12.3-r10
Juniper JUNOS=12.3-r10-s1
Juniper JUNOS=12.3-r10-s2
Juniper JUNOS=12.3-r11
and 318 more
CVE-2021-0243
Improper Handling of Unexpected Data in the firewall policer of Juniper Networks Junos OS on EX4300 switches allows matching traffic to exceed set policer limits, possibly leading to a limited Denial ...
Juniper JUNOS=17.3
Juniper JUNOS=17.3-r1
Juniper JUNOS=17.3-r1-s1
Juniper JUNOS=17.3-r1-s4
Juniper JUNOS=17.3-r2
Juniper JUNOS=17.3-r2-s1
and 166 more
CVE-2021-0244
A signal handler race condition exists in the Layer 2 Address Learning Daemon (L2ALD) of Juniper Networks Junos OS due to the absence of a specific protection mechanism to avoid a race condition which...
Juniper JUNOS=14.1x53
Juniper JUNOS=14.1x53-d10
Juniper JUNOS=14.1x53-d15
Juniper JUNOS=14.1x53-d16
Juniper JUNOS=14.1x53-d20
Juniper JUNOS=14.1x53-d25
and 262 more
CVE-2021-0242
A vulnerability due to the improper handling of direct memory access (DMA) buffers on EX4300 switches on Juniper Networks Junos OS allows an attacker sending specific unicast frames to trigger a Denia...
Juniper JUNOS=17.3
Juniper JUNOS=17.3-r1
Juniper JUNOS=17.3-r1-s1
Juniper JUNOS=17.3-r1-s4
Juniper JUNOS=17.3-r2
Juniper JUNOS=17.3-r2-s1
and 175 more
CVE-2021-0211
An improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved Routing Protocol Daemon (RPD) service allows an attacker to send a valid BGP FlowSpec message ...
Juniper JUNOS=17.3
Juniper JUNOS=17.3-r1-s1
Juniper JUNOS=17.3-r2
Juniper JUNOS=17.3-r2-s1
Juniper JUNOS=17.3-r2-s2
Juniper JUNOS=17.3-r2-s3
and 330 more
CVE-2021-0217
A vulnerability in processing of certain DHCP packets from adjacent clients on EX Series and QFX Series switches running Juniper Networks Junos OS with DHCP local/relay server configured may lead to e...
Juniper JUNOS=17.4-r3
Juniper JUNOS=17.4-r3-s1
Juniper JUNOS=17.4-r3-s2
Juniper JUNOS=18.1-r3-s10
Juniper JUNOS=18.1-r3-s7
Juniper JUNOS=18.1-r3-s8
and 67 more
CVE-2021-0222
A vulnerability in Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the device by sending certain crafted protocol packets from an adjacent device with invalid payloa...
Juniper JUNOS=14.1x53
Juniper JUNOS=14.1x53-d10
Juniper JUNOS=14.1x53-d15
Juniper JUNOS=14.1x53-d16
Juniper JUNOS=14.1x53-d25
Juniper JUNOS=14.1x53-d26
and 215 more
CVE-2021-0207
An improper interpretation conflict of certain data between certain software components within the Juniper Networks Junos OS devices does not allow certain traffic to pass through the device upon rece...
Juniper JUNOS=17.3
Juniper JUNOS=17.3-r1-s1
Juniper JUNOS=17.3-r2
Juniper JUNOS=17.3-r2-s1
Juniper JUNOS=17.3-r2-s2
Juniper JUNOS=17.3-r2-s3
and 117 more
CVE-2020-1670
On Juniper Networks EX4300 Series, receipt of a stream of specific IPv4 packets can cause Routing Engine (RE) high CPU load, which could lead to network protocol operation issue and traffic interrupti...
Juniper JUNOS=17.3
Juniper JUNOS=17.3-r1-s1
Juniper JUNOS=17.3-r2
Juniper JUNOS=17.3-r2-s1
Juniper JUNOS=17.3-r2-s2
Juniper JUNOS=17.3-r2-s3
and 115 more
CVE-2020-1628
Juniper Networks Junos OS uses the 128.0.0.0/2 subnet for internal communications between the RE and PFEs. It was discovered that packets utilizing these IP addresses may egress an EX4300 switch, leak...
Juniper JUNOS=14.1x53
Juniper JUNOS=14.1x53-d10
Juniper JUNOS=14.1x53-d15
Juniper JUNOS=14.1x53-d16
Juniper JUNOS=14.1x53-d25
Juniper JUNOS=14.1x53-d26
and 216 more
CVE-2020-1618
On Juniper Networks EX and QFX Series, an authentication bypass vulnerability may allow a user connected to the console port to login as root without any password. This issue might only occur in certa...
Juniper JUNOS=14.1x53
Juniper JUNOS=14.1x53-d10
Juniper JUNOS=14.1x53-d15
Juniper JUNOS=14.1x53-d16
Juniper JUNOS=14.1x53-d25
Juniper JUNOS=14.1x53-d26
and 212 more
CVE-2020-1613
A vulnerability in the BGP FlowSpec implementation may cause a Juniper Networks Junos OS device to terminate an established BGP session upon receiving a specific BGP FlowSpec advertisement. The BGP NO...
Juniper JUNOS=12.3
Juniper JUNOS=15.1
Juniper JUNOS=15.1-f
Juniper JUNOS=15.1-f1
Juniper JUNOS=15.1-f2
Juniper JUNOS=15.1-f2-s1
and 241 more
CVE-2020-1604
On EX4300, EX4600, QFX3500, and QFX5100 Series, a vulnerability in the IP firewall filter component may cause the firewall filter evaluation of certain packets to fail. This issue only affects firewal...
Juniper JUNOS=14.1x53
Juniper JUNOS=14.1x53-d10
Juniper EX4600
Juniper Qfx5100
Juniper Qfx5110
Juniper Qfx5120
and 85 more
CVE-2020-1607
Insufficient Cross-Site Scripting (XSS) protection in J-Web may potentially allow a remote attacker to inject web script or HTML, hijack the target user's J-Web session and perform administrative acti...
Juniper JUNOS=12.3
Juniper JUNOS=12.3-r1
Juniper JUNOS=12.3-r11
Juniper JUNOS=12.3-r12
Juniper JUNOS=12.3-r12-s1
Juniper JUNOS=12.3-r12-s10
and 242 more
CVE-2019-0062
A session fixation vulnerability in J-Web on Junos OS may allow an attacker to use social engineering techniques to fix and hijack a J-Web administrators web session and potentially gain administrativ...
Juniper JUNOS=12.3
Juniper JUNOS=12.3-r1
Juniper JUNOS=12.3-r11
Juniper JUNOS=12.3-r12
Juniper JUNOS=12.3-r12-s13
Juniper JUNOS=12.3-r12-s14
and 233 more
CVE-2019-0043
In MPLS environments, receipt of a specific SNMP packet may cause the routing protocol daemon (RPD) process to crash and restart. By continuously sending a specially crafted SNMP packet, an attacker c...
Juniper JUNOS=12.1x46
Juniper JUNOS=12.1x46-d10
Juniper JUNOS=12.1x46-d15
Juniper JUNOS=12.1x46-d20
Juniper JUNOS=12.1x46-d25
Juniper JUNOS=12.1x46-d30
and 215 more
CVE-2019-0008
A certain sequence of valid BGP or IPv6 BFD packets may trigger a stack based buffer overflow in the Junos OS Packet Forwarding Engine manager (FXPC) process on QFX5000 series, EX4300, EX4600 devices....
Juniper JUNOS>=15.1x53<15.1x53-d235
Juniper JUNOS>=17.1<17.1r3
Juniper JUNOS>=17.2<17.2r3
Juniper JUNOS>=17.3<17.3r3-s2
Juniper JUNOS>=17.4<17.4r2-s1
Juniper JUNOS>=18.1<18.1r3-s1
and 17 more
CVE-2019-0006
A certain crafted HTTP packet can trigger an uninitialized function pointer deference vulnerability in the Packet Forwarding Engine manager (fxpc) on all EX, QFX and MX Series devices in a Virtual Cha...
Juniper JUNOS=14.1x53
Juniper JUNOS=14.1x53-d10
Juniper JUNOS=14.1x53-d15
Juniper JUNOS=14.1x53-d16
Juniper JUNOS=14.1x53-d25
Juniper JUNOS=14.1x53-d26
and 50 more
CVE-2019-0003
When a specific BGP flowspec configuration is enabled and upon receipt of a specific matching BGP packet meeting a specific term in the flowspec configuration, a reachable assertion failure occurs, ca...
Juniper JUNOS=12.1x46
Juniper JUNOS=12.1x46-d10
Juniper JUNOS=12.1x46-d15
Juniper JUNOS=12.1x46-d20
Juniper JUNOS=12.1x46-d25
Juniper JUNOS=12.1x46-d30
and 118 more
CVE-2018-0060
An improper input validation weakness in the device control daemon process (dcd) of Juniper Networks Junos OS allows an attacker to cause a Denial of Service to the dcd process and interfaces and conn...
Juniper JUNOS=12.1x46
Juniper JUNOS=12.1x46-d10
Juniper JUNOS=12.1x46-d15
Juniper JUNOS=12.1x46-d20
Juniper JUNOS=12.1x46-d25
Juniper JUNOS=12.1x46-d30
and 72 more
CVE-2018-0049
A NULL Pointer Dereference vulnerability in Juniper Networks Junos OS allows an attacker to cause the Junos OS kernel to crash. Continued receipt of this specifically crafted malicious MPLS packet wil...
Juniper JUNOS=12.1x46-d76
Juniper JUNOS=12.1x46-d77
Juniper JUNOS=12.3x48-d66
Juniper JUNOS=12.3x48-d70
Juniper Srx100
Juniper Srx110
and 132 more
CVE-2018-0043
Receipt of a specific MPLS packet may cause the routing protocol daemon (RPD) process to crash and restart or may lead to remote code execution. By continuously sending specific MPLS packets, an attac...
Juniper JUNOS=12.1x46
Juniper JUNOS=12.1x46-d10
Juniper JUNOS=12.1x46-d15
Juniper JUNOS=12.1x46-d20
Juniper JUNOS=12.1x46-d25
Juniper JUNOS=12.1x46-d30
and 164 more
CVE-2018-15504
An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. The server mishandles some HTTP request fields associated with time, which results in a NULL pointer dereference, as ...
Embedthis Appweb<7.0.2
Embedthis GoAhead<4.0.1
Juniper JUNOS=12.1x46
Juniper JUNOS=12.1x46-d10
Juniper JUNOS=12.1x46-d15
Juniper JUNOS=12.1x46-d20
and 426 more
CVE-2018-0024
An Improper Privilege Management vulnerability in a shell session of Juniper Networks Junos OS allows an authenticated unprivileged attacker to gain full control of the system. Affected releases are J...
Juniper JUNOS=12.1x46
Juniper JUNOS=12.1x46-d10
Juniper JUNOS=12.1x46-d15
Juniper JUNOS=12.1x46-d20
Juniper JUNOS=12.1x46-d25
Juniper JUNOS=12.1x46-d30
and 66 more
CVE-2018-0034
A Denial of Service vulnerability exists in the Juniper Networks Junos OS JDHCPD daemon which allows an attacker to core the JDHCPD daemon by sending a crafted IPv6 packet to the system. This issue is...
Juniper JUNOS=12.3
Juniper JUNOS=12.3-r1
Juniper JUNOS=12.3-r10
Juniper JUNOS=12.3-r11
Juniper JUNOS=12.3-r12
Juniper JUNOS=12.3-r2
and 179 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203