6 matches found
CVE-2024-39544 Junos OS Evolved: Low privileged local user able to view NETCONF traceoptions files
An Incorrect Default Permissions vulnerability in the command line interface CLI of Juniper Networks Junos OS Evolved allows a low privileged local attacker to view NETCONF traceoptions files, representing an exposure of sensitive information. On all Junos OS Evolved platforms, when NETCONF...
CVE-2024-39548 Junos OS Evolved: Receipt of specific packets in the aftmand process will lead to a memory leak
An Uncontrolled Resource Consumption vulnerability in the aftmand process of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to consume memory resources, resulting in a Denial of Service DoS condition. The processes do not recover on their own and must be...
CVE-2024-39546 Junos OS Evolved: Local low-privilege user can gain root permissions leading to privilege escalation
A Missing Authorization vulnerability in the Socket Intercept SI command file interface of Juniper Networks Junos OS Evolved allows an authenticated, low-privilege local attacker to modify certain files, allowing the attacker to cause any command to execute with root privileges leading to privile...
CVE-2024-39536 Junos OS and Junos OS Evolved: Flaps of BFD sessions with authentication cause a ppmd memory leak
A Missing Release of Memory after Effective Lifetime vulnerability in the Periodic Packet Management Daemon ppmd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause a Denial-of-Service DoS. When a BFD session configured with authentication...
CVE-2024-39562 Junos OS Evolved: A high rate of SSH connections causes a Denial of Service
A Missing Release of Resource after Effective Lifetime vulnerability the xinetd process, responsible for spawning SSH daemon sshd instances, of Juniper Networks Junos OS Evolved allows an unauthenticated network-based attacker to cause a Denial of Service DoS by blocking SSH access for legitimate...
CVE-2023-44195 Junos OS Evolved: Packets which are not destined to the router can reach the RE
An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the NetworkStack agent daemon nsagentd of Juniper Networks Junos OS Evolved allows an unauthenticated network based attacker to cause limited impact to the availability of the system. If specific packets reach...