Juniper Networks Junos OS 资源管理错误漏洞

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The OS provides a secure programming interface and the Junos SDK. A resource management error vulnerability exists in the Juniper Networks Junos OS, which arises from an uncontrolled...

The vulnerability in the J-Web web interface of Juniper Networks Junos OS, related to incorrect validation of input data, allows attackers to escalate their privileges.

The vulnerability in the J-Web web interface of Juniper Networks Junos OS is related to incorrect validation of input data. Exploiting this vulnerability can allow an attacker to increase their privileges remotely...

The vulnerability of the Junos operating system arises from an incorrect restriction on the path name to the restricted access directory, allowing attackers to elevate their privileges to the root level.

The vulnerability of the Junos operating system exists due to an incorrect restriction on the path name to the restricted access directory. Exploiting this vulnerability allows a malicious actor, operating remotely, to elevate their privileges to the root level...

The vulnerability of the J-Web interface in Junos OS operating systems allows attackers to circumvent security restrictions.

The vulnerability of the J-Web interface in Junos OS operating systems is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to bypass security restrictions from a remote location...

The vulnerability of the Juniper Extension Toolkit (JET) component in Juniper Networks’ Junos OS and Junper Networks’ Junos OS Evolved operating systems allows attackers to enhance their privileges within the system.

The vulnerability of the Juniper Extension Toolkit JET in Juniper Networks’ Junos OS and Juniper Networks’ Junos OS Evolved operating systems is related to insecure privilege management. Exploiting this vulnerability can allow an attacker, operating remotely, to enhance their privileges within th...

The vulnerability of Juniper Networks Junos OS and Juniper Networks Junos OS Evolved, related to buffer overflow in the stack, allows an attacker to execute arbitrary commands with root privileges or cause the application to crash.

The vulnerability of Juniper Networks Junos OS and Juniper Networks Junos OS Evolved is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to cause an application to terminate abnormally or execute arbitrary commands with root privileges...

The vulnerability of the MAP-E automatic tunneling mechanism in the Junos operating system, which allows a hacker to trigger a service failure.

The vulnerability of the MAP-E automatic tunneling mechanism in the Junos operating system is related to improper behavior. Exploiting this vulnerability can allow a malicious actor to cause service interruptions from a remote location...

The vulnerability of the Packet Forwarding Engine manager (FXPC) component in the Junos operating system, which allows a hacker to trigger a service failure.

The vulnerability of the Packet Forwarding Engine manager FXPC component in the Junos operating system exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions from a remote location...

The vulnerability of Juniper Networks’ Junos OS routers of the MX series lies in insufficient checking of unusual or exceptional states, allowing attackers to trigger a service failure.

The vulnerability of Juniper Networks’ Junos OS routers of the MX series is related to insufficient checking of unusual or exceptional states during packet processing on MS-MPC/MS-MIC. Exploiting this vulnerability can allow a malicious actor to cause service failures...

The vulnerability of Juniper Networks Junos OS and Juniper Networks Junos OS Evolved systems, related to improper handling of exceptional states, allows a perpetrator to trigger a service failure.

The vulnerability of Juniper Networks Junos OS and Juniper Networks Junos OS Evolved lies in the improper handling of exceptional states. Exploiting this vulnerability can allow a remote attacker to cause service failures...

Vulnerabilities fixed in Juniper Junos OS

Vulnerabilities have been fixed in Junos OS and Junos OS Evolved. The vulnerabilities allow an authenticated malicious person to obtain elevated privileges. These privileges can then be exploited to perform a denial-of-service Dos attack or executing code under root. These attacks are seen as...

Vulnerability fixed in Juniper Junos OS

Juniper has fixed a vulnerability in Junos OS on the QFX5000 Series. The vulnerability results in potentially sensitive system information, including kernel versions, being leaked in communication between the routing engine and the packet forwarding engine. A malicious person with access to the...

CVE-2021-31386

A Protection Mechanism Failure vulnerability in the J-Web HTTP service of Juniper Networks Junos OS allows a remote unauthenticated attacker to perform Person-in-the-Middle PitM attacks against the device. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S20; 15.1...

CVE-2021-31384

Due to a Missing Authorization weakness and Insufficient Granularity of Access Control in a specific device configuration, a vulnerability exists in Juniper Networks Junos OS on SRX Series whereby an attacker who attempts to access J-Web administrative interfaces can successfully do so from any...

CVE-2021-31382

On PTX1000 System, PTX10002-60C System, after upgrading to an affected release, a Race Condition vulnerability between the chassis daemon chassisd and firewall process dfwd of Juniper Networks Junos OS, may update the device's interfaces with incorrect firewall filters. This issue only occurs whe...

CVE-2021-31379

An Incorrect Behavior Order vulnerability in the MAP-E automatic tunneling mechanism of Juniper Networks Junos OS allows an attacker to send certain malformed IPv4 or IPv6 packets to cause a Denial of Service DoS to the PFE on the device which is disabled as a result of the processing of these...

CVE-2021-31375

An Improper Input Validation vulnerability in routing process daemon RPD of Juniper Networks Junos OS devices configured with BGP origin validation using Resource Public Key Infrastructure RPKI, allows an attacker to send a specific BGP update which may cause RPKI policy-checks to be bypassed...

CVE-2021-31376

An Improper Input Validation vulnerability in Packet Forwarding Engine manager FXPC process of Juniper Networks Junos OS allows an attacker to cause a Denial of Service DoS by sending specific DHCPv6 packets to the device and crashing the FXPC service. Continued receipt and processing of this...

CVE-2021-31370

An Incomplete List of Disallowed Inputs vulnerability in Packet Forwarding Engine PFE of Juniper Networks Junos OS on QFX5000 Series and EX4600 Series allows an adjacent unauthenticated attacker which sends a high rate of specific multicast traffic to cause control traffic received from the netwo...

CVE-2021-31377

An Incorrect Permission Assignment for Critical Resource vulnerability of a certain file in the filesystem of Junos OS allows a local authenticated attacker to cause routing process daemon RPD to crash and restart, causing a Denial of Service DoS. Repeated actions by the attacker will create a...