|
249851
|
7.8 |
HIGH
Local
|
juniper
|
junos_space
|
Junos Space is affected by a privilege escalation vulnerability that may allow a local authenticated attacker to gain root privileges.
|
NVD-CWE-noinfo
|
CVE-2018-0012
|
2024-11-21 12:37 |
2018-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249852
|
5.4 |
MEDIUM
Network
|
juniper
|
junos_space
|
A reflected cross site scripting (XSS) vulnerability in Junos Space may potentially allow a remote authenticated user to inject web script or HTML and steal sensitive data and credentials from a sess…
|
CWE-79
Cross-site Scripting
|
CVE-2018-0011
|
2024-11-21 12:37 |
2018-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249853
|
6.5 |
MEDIUM
Network
|
juniper
|
junos_space
|
A vulnerability in the Juniper Networks Junos Space Security Director allows a user who does not have SSH access to a device to reuse the URL that was created for another user to perform SSH access. …
|
CWE-269
Improper Privilege Management
|
CVE-2018-0010
|
2024-11-21 12:37 |
2018-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249854
|
8.8 |
HIGH
Adjacent
|
juniper
|
junos
|
QFX and EX Series switches configured to drop traffic when the MAC move limit is exceeded will forward traffic instead of dropping traffic. This can lead to denials of services or other unintended co…
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2018-0005
|
2024-11-21 12:37 |
2018-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249855
|
6.1 |
MEDIUM
Network
|
cisco
|
unified_communications_manager
|
A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to perform a cross-site scripting (XSS) attack against a …
|
CWE-79
Cross-site Scripting
|
CVE-2018-0118
|
2024-11-21 12:37 |
2018-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249856
|
5.9 |
MEDIUM
Network
|
juniper
|
junos
|
On Juniper Networks SRX series devices, firewall rules configured to match custom application UUIDs starting with zeros can match all TCP traffic. Due to this issue, traffic that should have been blo…
|
NVD-CWE-noinfo
|
CVE-2018-0009
|
2024-11-21 12:37 |
2018-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249857
|
6.2 |
MEDIUM
Physics
|
juniper
|
junos
|
An unauthenticated root login may allow upon reboot when a commit script is used. A commit script allows a device administrator to execute certain instructions during commit, which is configured unde…
|
CWE-287
Improper Authentication
|
CVE-2018-0008
|
2024-11-21 12:37 |
2018-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249858
|
9.8 |
CRITICAL
Network
|
juniper
|
junos
|
An unauthenticated network-based attacker able to send a maliciously crafted LLDP packet to the local segment, through a local segment broadcast, may be able to cause a Junos device to enter an impro…
|
CWE-119
CWE-94
CWE-77
Incorrect Access of Indexable Resource ('Range Error')
Code Injection
Command Injection
|
CVE-2018-0007
|
2024-11-21 12:37 |
2018-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249859
|
5.3 |
MEDIUM
Adjacent
|
juniper
|
junos
|
A high rate of VLAN authentication attempts sent from an adjacent host on the local broadcast domain can trigger high memory utilization by the BBE subscriber management daemon (bbe-smgd), and lead t…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2018-0006
|
2024-11-21 12:37 |
2018-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249860
|
6.5 |
MEDIUM
Network
|
juniper
|
junos
|
A sustained sequence of different types of normal transit traffic can trigger a high CPU consumption denial of service condition in the Junos OS register and schedule software interrupt handler subsy…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2018-0004
|
2024-11-21 12:37 |
2018-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
