|
246741
|
6.5 |
MEDIUM
Network
|
juniper
|
junos_space
|
A vulnerability in the Juniper Networks Junos Space Security Director allows a user who does not have SSH access to a device to reuse the URL that was created for another user to perform SSH access. …
|
CWE-269
Improper Privilege Management
|
CVE-2018-0010
|
2024-11-21 12:37 |
2018-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246742
|
8.8 |
HIGH
Adjacent
|
juniper
|
junos
|
QFX and EX Series switches configured to drop traffic when the MAC move limit is exceeded will forward traffic instead of dropping traffic. This can lead to denials of services or other unintended co…
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2018-0005
|
2024-11-21 12:37 |
2018-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246743
|
6.1 |
MEDIUM
Network
|
cisco
|
unified_communications_manager
|
A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to perform a cross-site scripting (XSS) attack against a …
|
CWE-79
Cross-site Scripting
|
CVE-2018-0118
|
2024-11-21 12:37 |
2018-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246744
|
5.9 |
MEDIUM
Network
|
juniper
|
junos
|
On Juniper Networks SRX series devices, firewall rules configured to match custom application UUIDs starting with zeros can match all TCP traffic. Due to this issue, traffic that should have been blo…
|
NVD-CWE-noinfo
|
CVE-2018-0009
|
2024-11-21 12:37 |
2018-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246745
|
6.2 |
MEDIUM
Physics
|
juniper
|
junos
|
An unauthenticated root login may allow upon reboot when a commit script is used. A commit script allows a device administrator to execute certain instructions during commit, which is configured unde…
|
CWE-287
Improper Authentication
|
CVE-2018-0008
|
2024-11-21 12:37 |
2018-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246746
|
9.8 |
CRITICAL
Network
|
juniper
|
junos
|
An unauthenticated network-based attacker able to send a maliciously crafted LLDP packet to the local segment, through a local segment broadcast, may be able to cause a Junos device to enter an impro…
|
CWE-119
CWE-94
CWE-77
Incorrect Access of Indexable Resource ('Range Error')
Code Injection
Command Injection
|
CVE-2018-0007
|
2024-11-21 12:37 |
2018-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246747
|
5.3 |
MEDIUM
Adjacent
|
juniper
|
junos
|
A high rate of VLAN authentication attempts sent from an adjacent host on the local broadcast domain can trigger high memory utilization by the BBE subscriber management daemon (bbe-smgd), and lead t…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2018-0006
|
2024-11-21 12:37 |
2018-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246748
|
6.5 |
MEDIUM
Network
|
juniper
|
junos
|
A sustained sequence of different types of normal transit traffic can trigger a high CPU consumption denial of service condition in the Junos OS register and schedule software interrupt handler subsy…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2018-0004
|
2024-11-21 12:37 |
2018-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246749
|
6.5 |
MEDIUM
Adjacent
|
juniper
|
junos
|
A specially crafted MPLS packet received or processed by the system, on an interface configured with MPLS, will store information in the system memory. Subsequently, if this stored information is acc…
|
NVD-CWE-noinfo
|
CVE-2018-0003
|
2024-11-21 12:37 |
2018-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246750
|
5.9 |
MEDIUM
Network
|
juniper
|
junos
|
On SRX Series and MX Series devices with a Service PIC with any ALG enabled, a crafted TCP/IP response packet processed through the device results in memory corruption leading to a flowd daemon crash…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-0002
|
2024-11-21 12:37 |
2018-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
