CVE-2024-39548 Junos OS Evolved: Receipt of specific packets in the aftmand process will lead to a memory leak

An Uncontrolled Resource Consumption vulnerability in the aftmand process of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to consume memory resources, resulting in a Denial of Service DoS condition. The processes do not recover on their own and must be...

CVE-2024-39535

CVE-2024-39535 affects Juniper Networks Junos OS Evolved on ACX 7000 Series. The vulnerability is an improper check in the PFE that allows an unauthenticated, adjacent attacker to trigger a DoS by sending specific traffic when a Layer 3 or IRB interface is in a VPLS instance. Affected releases: J...

CVE-2024-39523 Junos OS Evolved: CLI parameter processing issue allows privilege escalation

An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved commands allows a local, authenticated attacker with low privileges to escalate their privileges to 'root' leading to a full compromise of the system. The Junos OS Evolved CLI doesn't properly handle...

CVE-2024-39523

CVE-2024-39523 is a local, authenticated-then-privilege-escalation issue in Juniper Networks Junos OS Evolved CLI handling of command options. A crafted parameter set can escalate to root on the shell, resulting in full compromise. Affected: Junos OS Evolved versions before 20.4R3-S7-EVO; 21.2-EV...

CVE-2024-30392

A Stack-based Buffer Overflow vulnerability in Flow Processing Daemon flowd of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service DoS. On all Junos OS MX Series platforms with SPC3 and MS-MPC/-MIC, when URL filtering is enabled and a specific UR...

CVE-2024-30388 Junos OS: QFX5000 Series and EX Series: Specific malformed LACP packets will cause flaps

An Improper Isolation or Compartmentalization vulnerability in the Packet Forwarding Engine pfe of Juniper Networks Junos OS on QFX5000 Series and EX Series allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. If a specific malformed LACP packet is received by a QFX5000...

CVE-2024-21617 Junos OS: BGP flap on NSR-enabled devices causes memory leak

An Incomplete Cleanup vulnerability in Nonstop active routing NSR component of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause memory leak leading to Denial of Service DoS. On all Junos OS platforms, when NSR is enabled, a BGP flap will cause memory leak. A manual...

CVE-2024-21604 Junos OS Evolved: A high rate of specific traffic will cause a complete system outage

An Allocation of Resources Without Limits or Throttling vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. If a high rate of specific valid packets are processed by the routing engine RE this will le...

CVE-2024-21587 Junos OS: MX Series: Memory leak in bbe-smgd process if BFD liveness detection for DHCP subscribers is enabled

An Improper Handling of Exceptional Conditions vulnerability in the broadband edge subscriber management daemon bbe-smgd of Juniper Networks Junos OS on MX Series allows an attacker directly connected to the vulnerable system who repeatedly flaps DHCP subscriber sessions to cause a slow memory...

CVE-2023-36848 Junos OS: MX Series: The FPC will crash on receiving a malformed CFM packet

An Improper Handling of Undefined Values vulnerability in the periodic packet management daemon PPMD of Juniper Networks Junos OS on MX Seriesexcept MPC10, MPC11 and LC9600 allows an unauthenticated adjacent attacker to cause a Denial of Service DoS. When a malformed CFM packet is received, it...

CVE-2023-36832 Junos OS: MX Series: PFE crash upon receipt of specific packet destined to an AMS interface

An Improper Handling of Exceptional Conditions vulnerability in packet processing of Juniper Networks Junos OS on MX Series allows an unauthenticated network-based attacker to send specific packets to an Aggregated Multiservices AMS interface on the device, causing the packet forwarding engine PF...