|
258931
|
7.5 |
HIGH
Network
|
juniper
|
junos_space
|
Insufficient verification of node certificates in Juniper Networks Junos Space may allow a man-in-the-middle type of attacker to make unauthorized modifications to Space database or add nodes. Affect…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2017-10624
|
2024-11-21 12:06 |
2017-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258932
|
8.1 |
HIGH
Network
|
juniper
|
junos_space
|
Lack of authentication and authorization of cluster messages in Juniper Networks Junos Space may allow a man-in-the-middle type of attacker to intercept, inject or disrupt Junos Space cluster operati…
|
CWE-287
Improper Authentication
|
CVE-2017-10623
|
2024-11-21 12:06 |
2017-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258933
|
9.8 |
CRITICAL
Network
|
juniper
|
junos_space
|
An authentication bypass vulnerability in Juniper Networks Junos Space Network Management Platform may allow a remote unauthenticated network based attacker to login as any privileged user. This issu…
|
CWE-287
Improper Authentication
|
CVE-2017-10622
|
2024-11-21 12:06 |
2017-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258934
|
7.4 |
HIGH
Network
|
juniper
|
junos
|
Juniper Networks Junos OS on SRX series devices do not verify the HTTPS server certificate before downloading anti-virus updates. This may allow a man-in-the-middle attacker to inject bogus signature…
|
CWE-295
Improper Certificate Validation
|
CVE-2017-10620
|
2024-11-21 12:06 |
2017-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258935
|
5.0 |
MEDIUM
Network
|
juniper
|
contrail
|
The ifmap service that comes bundled with Contrail has an XML External Entity (XXE) vulnerability that may allow an attacker to retrieve sensitive system files. Affected releases are Juniper Networks…
|
CWE-611
XXE
|
CVE-2017-10617
|
2024-11-21 12:06 |
2017-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258936
|
5.3 |
MEDIUM
Network
|
juniper
|
contrail
|
The ifmap service that comes bundled with Juniper Networks Contrail releases uses hard coded credentials. Affected releases are Contrail releases 2.2 prior to 2.21.4; 3.0 prior to 3.0.3.4; 3.1 prior …
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2017-10616
|
2024-11-21 12:06 |
2017-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258937
|
7.5 |
HIGH
Network
|
juniper
|
junos
|
A vulnerability in telnetd service on Junos OS allows a remote attacker to cause a limited memory and/or CPU consumption denial of service attack. This issue was found during internal product securit…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-10614
|
2024-11-21 12:06 |
2017-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258938
|
8.0 |
HIGH
Network
|
juniper
|
junos_space
|
A persistent site scripting vulnerability in Juniper Networks Junos Space allows users who can change certain configuration to implant malicious Javascript or HTML which may be used to steal informat…
|
CWE-79
Cross-site Scripting
|
CVE-2017-10612
|
2024-11-21 12:06 |
2017-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258939
|
5.3 |
MEDIUM
Network
|
juniper
|
junos
|
A denial of service vulnerability in telnetd service on Juniper Networks Junos OS allows remote unauthenticated attackers to cause a denial of service. Affected Junos OS releases are: 12.1X46 prior t…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-10621
|
2024-11-21 12:06 |
2017-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258940
|
7.5 |
HIGH
Network
|
juniper
|
junos
|
When Express Path (formerly known as service offloading) is configured on Juniper Networks SRX1400, SRX3400, SRX3600, SRX5400, SRX5600, SRX5800 in high availability cluster configuration mode, certai…
|
NVD-CWE-noinfo
|
CVE-2017-10619
|
2024-11-21 12:06 |
2017-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
