Juniper Networks Junos OS 访问控制错误漏洞

Juniper Networks Junos OS is a Juniper Networks, Inc. network operating system dedicated to the company's hardware devices. The OS provides a secure programming interface and the Junos SDK. An Access Control Error vulnerability exists in Juniper Networks Junos OS on EX4600 Series and QFX5000 Seri...

CVE-2024-47493 Junos OS: MX Series: Trio-based FPCs: Continuous physical Interface flaps causes local FPC to crash

A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine PFE of the Juniper Networks Junos OS on the MX Series platforms with Trio-based FPCs allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. In case of channelized Modular...

CVE-2024-39544 Junos OS Evolved: Low privileged local user able to view NETCONF traceoptions files

An Incorrect Default Permissions vulnerability in the command line interface CLI of Juniper Networks Junos OS Evolved allows a low privileged local attacker to view NETCONF traceoptions files, representing an exposure of sensitive information. On all Junos OS Evolved platforms, when NETCONF...

CVE-2024-39550

A Missing Release of Memory after Effective Lifetime vulnerability in the rtlogd process of Juniper Networks Junos OS on MX Series with SPC3 allows an unauthenticated, adjacent attacker to trigger internal events cause which can be done by repeated port flaps to cause a slow memory leak, ultimate...

CVE-2024-39546 Junos OS Evolved: Local low-privilege user can gain root permissions leading to privilege escalation

A Missing Authorization vulnerability in the Socket Intercept SI command file interface of Juniper Networks Junos OS Evolved allows an authenticated, low-privilege local attacker to modify certain files, allowing the attacker to cause any command to execute with root privileges leading to privile...

CVE-2024-39529 Junos OS: SRX Series: If DNS traceoptions are configured in a DGA or tunnel detection scenario specific DNS traffic leads to a PFE crash

A Use of Externally-Controlled Format String vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. If DNS Domain Generation Algorithm DGA detection or tunnel detection, and...

PT-2024-28521 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Junos OS on MX Series versions prior to 21.2R3-S6 Junos OS on MX Series version 21.4 prior to 21.4R3-S6 Junos OS on MX Series version 22.1 prior to 22.1R3-S5 Junos OS on MX Series version 22.2 prior to 22.2R3-S3 Junos OS on MX Series version...

CVE-2024-30397 Junos OS: An invalid certificate causes a Denial of Service in the Internet Key Exchange (IKE) process

An Improper Check for Unusual or Exceptional Conditions vulnerability in the the Public Key Infrastructure daemon pkid of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause Denial of Service DoS. The pkid is responsible for the certificate verification. Upon a failed...

CVE-2024-21610

Summary (CVE-2024-21610) : A vulnerability in Juniper Networks Junos OS cosd (Class of Service daemon) on MX Series allows an authenticated, low-privileged attacker to cause a limited DoS by handling specific low-privileged commands (via NETCONF, SSH, or Telnet) on behalf of mgd; mgd processes ca...

CVE-2024-21587 Junos OS: MX Series: Memory leak in bbe-smgd process if BFD liveness detection for DHCP subscribers is enabled

An Improper Handling of Exceptional Conditions vulnerability in the broadband edge subscriber management daemon bbe-smgd of Juniper Networks Junos OS on MX Series allows an attacker directly connected to the vulnerable system who repeatedly flaps DHCP subscriber sessions to cause a slow memory...