Lista CVE 2019/0xxx

CVE nel gruppo: 0xxx

CVE-2019-0021 (N/A)

CVE-2019-0022 (Juniper ATP: secret CLI inputs are logged to /var/log/syslog in clear text)

CVE-2019-0023 (Juniper ATP: Two hard coded credentials sharing the same password give an attacker the ability to take control of any installation of the software.)

CVE-2019-0024 (Juniper ATP: Persistent Cross-Site Scripting vulnerability in the Golden VM menu)

CVE-2019-0025 (Juniper ATP: Persistent Cross-Site Scripting vulnerability in the Email Collectors menu)

CVE-2019-0026 (Juniper ATP: Persistent Cross-Site Scripting vulnerability in RADIUS configuration menu)

CVE-2019-0027 (Juniper ATP: Persistent Cross-Site Scripting vulnerability in Zone configuration)

CVE-2019-0028 (Juniper ATP: Persistent Cross-Site Scripting vulnerability in Snort Rules configuration)

CVE-2019-0029 (Junos OS: RPD process crashes due to specific BGP peer restarts condition.)

CVE-2019-0030 (Juniper ATP: Splunk credentials are in logged in clear text)

CVE-2019-0031 (Juniper ATP: Password hashing uses DES and a hardcoded salt)

CVE-2019-0032 (Junos OS: jdhcpd daemon memory consumption Denial of Service when receiving specific IPv6 DHCP packets.)

CVE-2019-0033 (Junos Space Service Now and Service Insight: Organization username and password stored in plaintext in log files.)

CVE-2019-0034 (SRX Series: A remote attacker may cause a high CPU Denial of Service to the device when proxy ARP is configured.)

CVE-2019-0035 (N/A)

CVE-2019-0036 (Junos OS: ‘set system ports console insecure’ allows root password recovery on OAM volumes)

CVE-2019-0037 (Junos OS: Firewall filter terms named “internal-1” and “internal-2” being ignored)

CVE-2019-0038 (Junos OS: jdhcpd crash upon receipt of crafted DHCPv6 solicit message)

CVE-2019-0039 (SRX Series: Crafted packets destined to fxp0 management interface on SRX340/SRX345 devices can lead to DoS)

CVE-2019-0040 (Junos OS: Login credentials are vulnerable to brute force attacks through the REST API)

CVE-2019-0041 (Junos OS: Specially crafted packets sent to port 111 on any interface triggers responses from the management interface)

CVE-2019-0042 (Junos OS: EX4300-MP Series: IP transit traffic can reach the control plane via loopback interface.)

CVE-2019-0043 (Incorrect messages from Juniper Identity Management Service (JIMS) can trigger Denial of Service or firewall bypass conditions for SRX series devices)

CVE-2019-0044 (Junos OS: RPD process crashes upon receipt of a specific SNMP packet)

CVE-2019-0046 (Junos OS: SRX5000 series: Kernel crash (vmcore) upon receipt of a specific packet on fxp0 interface)

CVE-2019-0047 (Junos OS: EX4300 Series: Denial of Service upon receipt of large number of specific valid packets on management interface.)

CVE-2019-0048 (Junos OS: Persistent XSS vulnerability in J-Web)

CVE-2019-0049 (EX4300 Series: When a firewall filter is applied to a loopback interface, other firewall filters for multicast traffic may fail)

CVE-2019-0050 (Junos OS: RPD process crashes when BGP peer restarts)

CVE-2019-0051 (Junos OS: SRX1500: Denial of service due to crash of srxpfe process under heavy traffic conditions.)

CVE-2019-0052 (SRX5000 Series: Denial of Service vulnerability in SSL-Proxy feature.)

CVE-2019-0053 (SRX Series: srxpfe process crash while JSF/UTM module parses specific HTTP packets)

CVE-2019-0054 (Junos OS: Insufficient validation of environment variables in telnet client may lead to stack-based buffer overflow)

CVE-2019-0055 (Junos OS: SRX Series: An attacker may be able to perform Man-in-the-Middle (MitM) attacks during app-id signature updates.)

CVE-2019-0056 (Junos OS: SRX Series: An attacker may cause flowd to crash by sending certain valid SIP traffic to a device with SIP ALG enabled.)

CVE-2019-0057 (Junos OS: MX Series: An MPC10 Denial of Service (DoS) due to OSPF states transitioning to Down, causes traffic to stop forwarding through the device.)

CVE-2019-0058 (NFX Series: An attacker may be able to take control of the JDM application and subsequently the entire system.)

CVE-2019-0059 (Junos OS: SRX Series: A weakness in the Veriexec subsystem may allow privilege escalation.)

CVE-2019-0060 (Junos OS: The routing protocol process (rpd) may crash and generate core files upon receipt of specific valid BGP states from a peered host.)

CVE-2019-0061 (Junos OS: SRX Series: flowd process crash due to processing of specific transit IP packets)