CVE-2022-22220 Junos OS and Junos OS Evolved: Due to a race condition the rpd process can crash upon receipt of a BGP update message containing flow spec route

A Time-of-check Time-of-use TOCTOU Race Condition vulnerability in Routing Protocol Daemon rpd of Juniper Networks Junos OS, Junos OS Evolved allows a network-based unauthenticated attacker to cause a Denial of Service DoS. When a BGP flow route with redirect IP extended community is received, an...

CVE-2022-22194

An Improper Check for Unusual or Exceptional Conditions vulnerability in the packetIO daemon of Juniper Networks Junos OS Evolved on PTX10003, PTX10004, and PTX10008 allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. Continued receipt of these crafted packets will...

CVE-2021-0297 Junos OS Evolved: BGP and LDP sessions with TCP MD5 authentication established with peers not configured for authentication

A vulnerability in the processing of TCP MD5 authentication in Juniper Networks Junos OS Evolved may allow a BGP or LDP session configured with MD5 authentication to succeed, even if the peer does not have TCP MD5 authentication enabled. This could lead to untrusted or unauthorized sessions being...

CVE-2021-0286 Junos OS Evolved: Specially crafted packets may cause the AFT manager process to crash and restart

A vulnerability in the handling of exceptional conditions in Juniper Networks Junos OS Evolved EVO allows an attacker to send specially crafted packets to the device, causing the Advanced Forwarding Toolkit manager evo-aftmand-bt or evo-aftmand-zx process to crash and restart, impacting all traff...