CVE-2024-39544 Junos OS Evolved: Low privileged local user able to view NETCONF traceoptions files

An Incorrect Default Permissions vulnerability in the command line interface CLI of Juniper Networks Junos OS Evolved allows a low privileged local attacker to view NETCONF traceoptions files, representing an exposure of sensitive information. On all Junos OS Evolved platforms, when NETCONF...

CVE-2024-39523 Junos OS Evolved: CLI parameter processing issue allows privilege escalation

An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved commands allows a local, authenticated attacker with low privileges to escalate their privileges to 'root' leading to a full compromise of the system. The Junos OS Evolved CLI doesn't properly handle...

CVE-2024-39523

CVE-2024-39523 is a local, authenticated-then-privilege-escalation issue in Juniper Networks Junos OS Evolved CLI handling of command options. A crafted parameter set can escalate to root on the shell, resulting in full compromise. Affected: Junos OS Evolved versions before 20.4R3-S7-EVO; 21.2-EV...

CVE-2024-39520 Junos OS Evolved: CLI parameter processing issue allows privilege escalation

An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved commands allows a local, authenticated attacker with low privileges to escalate their privileges to 'root' leading to a full compromise of the system. The Junos OS Evolved CLI doesn't properly handle...

Juniper Networks Junos OS Evolved Security Vulnerability

Juniper Networks Junos OS Evolved is an upgraded version of Juniper Networks' Junos OS. A security vulnerability exists in Juniper Networks Junos OS Evolved that stems from a specific element neutralization issue that allows a local authenticated attacker with low privileges to escalate their...

CVE-2024-30384

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on EX4300 Series allows a locally authenticated attacker with low privileges to cause a Denial-of-Service Dos. If a specific CLI command is issued, a PFE crash wi...

CVE-2024-30397 Junos OS: An invalid certificate causes a Denial of Service in the Internet Key Exchange (IKE) process

An Improper Check for Unusual or Exceptional Conditions vulnerability in the the Public Key Infrastructure daemon pkid of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause Denial of Service DoS. The pkid is responsible for the certificate verification. Upon a failed...

CVE-2024-30384 Junos OS: EX4300 Series: If a specific CLI command is issued PFE crashes will occur

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on EX4300 Series allows a locally authenticated attacker with low privileges to cause a Denial-of-Service Dos. If a specific CLI command is issued, a PFE crash wi...

CVE-2024-30384

CVE-2024-30384 concerns Juniper Networks Junos OS on the EX4300 Series. The issue is an improper check for unusual or exceptional conditions in the Packet Forwarding Engine (PFE) that lets a locally authenticated user with low privileges trigger a PFE crash by issuing a specific CLI command. The ...

CVE-2024-30410

An Incorrect Behavior Order in the routing engine RE of Juniper Networks Junos OS on EX4300 Series allows traffic intended to the device to reach the RE instead of being discarded when the discard term is set in loopback lo0 interface. The intended function is that the lo0 firewall filter takes...

CVE-2024-30388 Junos OS: QFX5000 Series and EX Series: Specific malformed LACP packets will cause flaps

An Improper Isolation or Compartmentalization vulnerability in the Packet Forwarding Engine pfe of Juniper Networks Junos OS on QFX5000 Series and EX Series allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. If a specific malformed LACP packet is received by a QFX5000...

CVE-2024-21610

Summary (CVE-2024-21610) : A vulnerability in Juniper Networks Junos OS cosd (Class of Service daemon) on MX Series allows an authenticated, low-privileged attacker to cause a limited DoS by handling specific low-privileged commands (via NETCONF, SSH, or Telnet) on behalf of mgd; mgd processes ca...

Juniper Networks Junos OS 安全漏洞

Juniper Networks Junos OS is a Juniper Networks USA network operating system dedicated to the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. Juniper Networks Junos OS contains a security vulnerability that originates from a security fla...

Juniper Networks Junos OS Cross-Site Scripting Vulnerability

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS that originates from a vulnerability that could...

CVE-2024-21603

An Improper Check for Unusual or Exceptional Conditions vulnerability in the kernel of Juniper Network Junos OS on MX Series allows a network based attacker with low privileges to cause a denial of service. If a scaled configuration for Source class usage SCU / destination class usage DCU more th...

CVE-2024-21604 Junos OS Evolved: A high rate of specific traffic will cause a complete system outage

An Allocation of Resources Without Limits or Throttling vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. If a high rate of specific valid packets are processed by the routing engine RE this will le...

CVE-2024-21600 Junos OS: PTX Series: In an FTI scenario MPLS packets hitting reject next-hop will cause a host path wedge condition

An Improper Neutralization of Equivalent Special Elements vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on PTX Series allows a unauthenticated, adjacent attacker to cause a Denial of Service DoS. When MPLS packets are meant to be sent to a flexible tunnel interfac...

CVE-2024-21587 Junos OS: MX Series: Memory leak in bbe-smgd process if BFD liveness detection for DHCP subscribers is enabled

An Improper Handling of Exceptional Conditions vulnerability in the broadband edge subscriber management daemon bbe-smgd of Juniper Networks Junos OS on MX Series allows an attacker directly connected to the vulnerable system who repeatedly flaps DHCP subscriber sessions to cause a slow memory...

CVE-2023-44194 Junos OS: An unauthenticated attacker with local access to the device can create a backdoor with root privileges

An Incorrect Default Permissions vulnerability in Juniper Networks Junos OS allows an unauthenticated attacker with local access to the device to create a backdoor with root privileges. The issue is caused by improper directory permissions on a certain system directory, allowing an attacker with...

CVE-2023-28966

An Incorrect Default Permissions vulnerability in Juniper Networks Junos OS Evolved allows a low-privileged local attacker with shell access to modify existing files or execute commands as root. The issue is caused by improper file and directory permissions on certain system files, allowing an...