Juniper Srx300
7 CVEs affecting Juniper Srx300. Latest disclosed: 2017-10-13. Critical: 0, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2016-1286 | High | 8.6 | 2016-03-09 | named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via… |
CVE-2017-2342 | High | 8.1 | 2017-07-17 | MACsec feature on Juniper Networks Junos OS 15.1X49 prior to 15.1X49-D100 on SRX300 series does not report errors when a secure link can not be established. It… |
CVE-2017-10608 | High | 7.5 | 2017-10-13 | Any Juniper Networks SRX series device with one or more ALGs enabled may experience a flowd crash when traffic is processed by the Sun/MS-RPC ALGs. This vulner… |
CVE-2017-10620 | High | 7.4 | 2017-10-13 | Juniper Networks Junos OS on SRX series devices do not verify the HTTPS server certificate before downloading anti-virus updates. This may allow a man-in-the-m… |
CVE-2016-1285 | Medium | 6.8 | 2016-03-09 | named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote… |
CVE-2017-10606 | Medium | 4.4 | 2017-10-13 | Version 4.40 of the TPM (Trusted Platform Module) firmware on Juniper Networks SRX300 Series has a weakness in generating cryptographic keys that may allow an… |
CVE-2014-9708 | | 2015-03-31 | Embedthis Appweb before 4.6.6 and 5.x before 5.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a Range header with an e… |