|
255431
|
5.0 |
MEDIUM
Network
|
juniper
|
contrail
|
The ifmap service that comes bundled with Contrail has an XML External Entity (XXE) vulnerability that may allow an attacker to retrieve sensitive system files. Affected releases are Juniper Networks…
|
CWE-611
XXE
|
CVE-2017-10617
|
2024-11-21 12:06 |
2017-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255432
|
5.3 |
MEDIUM
Network
|
juniper
|
contrail
|
The ifmap service that comes bundled with Juniper Networks Contrail releases uses hard coded credentials. Affected releases are Contrail releases 2.2 prior to 2.21.4; 3.0 prior to 3.0.3.4; 3.1 prior …
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2017-10616
|
2024-11-21 12:06 |
2017-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255433
|
7.5 |
HIGH
Network
|
juniper
|
junos
|
A vulnerability in telnetd service on Junos OS allows a remote attacker to cause a limited memory and/or CPU consumption denial of service attack. This issue was found during internal product securit…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-10614
|
2024-11-21 12:06 |
2017-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255434
|
8.0 |
HIGH
Network
|
juniper
|
junos_space
|
A persistent site scripting vulnerability in Juniper Networks Junos Space allows users who can change certain configuration to implant malicious Javascript or HTML which may be used to steal informat…
|
CWE-79
Cross-site Scripting
|
CVE-2017-10612
|
2024-11-21 12:06 |
2017-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255435
|
5.3 |
MEDIUM
Network
|
juniper
|
junos
|
A denial of service vulnerability in telnetd service on Juniper Networks Junos OS allows remote unauthenticated attackers to cause a denial of service. Affected Junos OS releases are: 12.1X46 prior t…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-10621
|
2024-11-21 12:06 |
2017-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255436
|
7.5 |
HIGH
Network
|
juniper
|
junos
|
When Express Path (formerly known as service offloading) is configured on Juniper Networks SRX1400, SRX3400, SRX3600, SRX5400, SRX5600, SRX5800 in high availability cluster configuration mode, certai…
|
NVD-CWE-noinfo
|
CVE-2017-10619
|
2024-11-21 12:06 |
2017-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255437
|
5.9 |
MEDIUM
Network
|
juniper
|
junos
|
When the 'bgp-error-tolerance' feature â€" designed to help mitigate remote session resets from malformed path attributes â€" is enabled, a BGP UPDATE containing a specifically cr…
|
NVD-CWE-noinfo
|
CVE-2017-10618
|
2024-11-21 12:06 |
2017-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255438
|
9.8 |
CRITICAL
Network
|
juniper
|
junos
|
A vulnerability in the pluggable authentication module (PAM) of Juniper Networks Junos OS may allow an unauthenticated network based attacker to potentially execute arbitrary code or crash daemons su…
|
CWE-20
Improper Input Validation
|
CVE-2017-10615
|
2024-11-21 12:06 |
2017-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255439
|
5.5 |
MEDIUM
Local
|
juniper
|
junos
|
A vulnerability in a specific loopback filter action command, processed in a specific logical order of operation, in a running configuration of Juniper Networks Junos OS, allows an attacker with CLI …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-10613
|
2024-11-21 12:06 |
2017-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255440
|
5.9 |
MEDIUM
Network
|
juniper
|
junos
|
If extended statistics are enabled via 'set chassis extended-statistics', when executing any operation that fetches interface statistics, including but not limited to SNMP GET requests, the pfem proc…
|
NVD-CWE-noinfo
|
CVE-2017-10611
|
2024-11-21 12:06 |
2017-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
