Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Juniper Networks — Vulnerabilities & Security Advisories 893

Browse all 893 CVE security advisories affecting Juniper Networks. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Juniper Networks operates as a global provider of networking hardware, software, and services, primarily focusing on enterprise and service provider infrastructure. With 893 recorded Common Vulnerabilities and Exposures, the company’s attack surface reflects the complexity of its extensive product portfolio. Historically, vulnerabilities in its systems have frequently involved remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from input validation errors or improper access controls in management interfaces. Notable incidents include critical flaws in ScreenOS and Junos OS that allowed attackers to bypass authentication or execute arbitrary commands, highlighting risks in legacy and core routing platforms. These issues underscore the necessity for rigorous patch management and secure configuration practices. As a foundational element of global internet infrastructure, the security posture of Juniper Networks directly impacts the stability and integrity of connected networks worldwide, necessitating continuous monitoring and proactive defense strategies.

Top products by Juniper Networks: Junos OS Junos OS Evolved Junos Space NorthStar Controller Application Juniper ATP ScreenOS Paragon Active Assurance Contrail Service Orchestration SRC Series MIST Cloud UI Junos Space Security Director Contrail JSI LWC Session Smart Router SBR Carrier Contrail Insights Apstra CTP OS JunosE Paragon Automation (Pathfinder, Planner, Insights) Security Director Policy Enforcer Juniper Security Director Junos OS on SRX Series Services Gateways chassis cluster Junos Paragon Active Assurance (Formerly Netrounds) Juniper Identity Management Service (JIMS) Junos OS with DHCPv6 enabled 128 Technology Session Smart Router CTPView Contrail Cloud
CVE IDTitleCVSSSeverityPublished
CVE-2019-0019 BGP packets can trigger rpd crash when BGP tracing is enabled. — Junos OSCWE-404 7.5 -2019-04-10
CVE-2019-0028 Junos OS: RPD process crashes due to specific BGP peer restarts condition. — Junos OSCWE-404 7.5 -2019-04-10
CVE-2019-0031 Junos OS: jdhcpd daemon memory consumption Denial of Service when receiving specific IPv6 DHCP packets. — Junos OSCWE-400 6.5 -2019-04-10
CVE-2019-0032 Junos Space Service Now and Service Insight: Organization username and password stored in plaintext in log files. — Service InsightCWE-256 7.8 -2019-04-10
CVE-2019-0033 SRX Series: A remote attacker may cause a high CPU Denial of Service to the device when proxy ARP is configured. — Junos OSCWE-400 7.5 -2019-04-10
CVE-2019-0035 Junos OS: 'set system ports console insecure' allows root password recovery on OAM volumes — Junos OSCWE-501 6.8 -2019-04-10
CVE-2019-0036 Junos OS: Firewall filter terms named "internal-1" and "internal-2" being ignored — Junos OSCWE-284 9.8 -2019-04-10
CVE-2019-0037 Junos OS: jdhcpd crash upon receipt of crafted DHCPv6 solicit message — Junos OS 7.5 -2019-04-10
CVE-2019-0038 SRX Series: Crafted packets destined to fxp0 management interface on SRX340/SRX345 devices can lead to DoS — Junos OSCWE-400 7.5 -2019-04-10
CVE-2019-0039 Junos OS: Login credentials are vulnerable to brute force attacks through the REST API — Junos OSCWE-307 8.1 -2019-04-10
CVE-2019-0040 Junos OS: Specially crafted packets sent to port 111 on any interface triggers responses from the management interface — Junos OSCWE-200 8.2 -2019-04-10
CVE-2019-0001 Junos OS: MX Series: uncontrolled recursion and crash in Broadband Edge subscriber management daemon (bbe-smgd). — Junos OSCWE-674 7.5 -2019-01-15
CVE-2019-0002 Junos OS: EX2300 and EX3400 series: Certain stateless firewall filter rules might not take effect — Junos OSCWE-794 9.8 -2019-01-15
CVE-2019-0003 Junos OS: A flowspec BGP update with a specific term-order causes routing protocol daemon (rpd) process to crash with a core. — Junos OSCWE-617 5.9 -2019-01-15
CVE-2019-0004 Juniper ATP: API and device keys are logged in a world-readable permissions file — Juniper ATPCWE-532 5.5 -2019-01-15
CVE-2019-0006 Junos OS: EX, QFX and MX series: Packet Forwarding Engine manager (FXPC) process crashes due to a crafted HTTP packet in a Virtual Chassis configuration — Junos OSCWE-908 9.8 -2019-01-15
CVE-2019-0007 Junos OS: vMX series: Predictable IP ID sequence numbers vulnerability — Junos OS 10.0 -2019-01-15
CVE-2019-0009 Junos OS: EX2300 and EX3400: High disk I/O operations may disrupt the communication between RE and PFE — Junos OS 5.5 -2019-01-15
CVE-2019-0010 Junos OS: SRX Series: Crafted HTTP traffic may cause UTM to consume all mbufs, leading to Denial of Service — Junos OS 7.5 -2019-01-15
CVE-2019-0011 Junos OS: Kernel crash after processing specific incoming packet to the out of band management interface (CVE-2019-0011) — Junos OS 6.5 -2019-01-15
CVE-2019-0012 Junos OS: rpd crash on VPLS PE upon receipt of specific BGP message — Junos OS 7.5 -2019-01-15
CVE-2019-0013 Junos OS: RPD crash upon receipt of malformed PIM packet — Junos OS 7.5 -2019-01-15
CVE-2019-0014 Junos OS: QFX and PTX Series: FPC process crashes after J-Flow processes a malformed packet — Junos OS 7.5 -2019-01-15
CVE-2019-0015 Junos OS: SRX Series: Deleted dynamic VPN users are allowed to establish VPN connections until reboot — Junos OS 8.2 -2019-01-15
CVE-2019-0016 Junos Space: Authenticated user able to delete devices without delete device privileges — Junos Space 8.1 -2019-01-15
CVE-2019-0017 Junos Space: Unrestricted file upload vulnerability — Junos Space 8.8 -2019-01-15
CVE-2019-0018 Juniper ATP: Persistent Cross-Site Scripting (XSS) vulnerability in file upload menu — Juniper ATP 5.4 -2019-01-15
CVE-2019-0020 Juniper ATP: Hard coded credentials used in Web Collector — Juniper ATPCWE-798 9.8 -2019-01-15
CVE-2019-0021 Juniper ATP: secret CLI inputs are logged to /var/log/syslog in clear text — Juniper ATPCWE-532 5.5 -2019-01-15
CVE-2019-0022 Juniper ATP: Two hard coded credentials sharing the same password give an attacker the ability to take control of any installation of the software. — Juniper ATPCWE-798 9.8 -2019-01-15

This page lists every published CVE security advisory associated with Juniper Networks. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.