CVE-2021-0294

A vulnerability in Juniper Networks Junos OS, which only affects the release 18.4R2-S5, where a function is inconsistently implemented on Juniper Networks Junos QFX5000 Series and EX4600 Series, and if "storm-control enhanced" is configured, can lead to the enhanced storm control filter group not...

CVE-2021-0293

A vulnerability in Juniper Networks Junos OS caused by Missing Release of Memory after Effective Lifetime leads to a memory leak each time the CLI command 'show system connections extensive' is executed. The amount of memory leaked on each execution depends on the number of TCP connections from a...

CVE-2021-0289

When user-defined ARP Policer is configured and applied on one or more Aggregated Ethernet AE interface units, a Time-of-check Time-of-use TOCTOU Race Condition vulnerability between the Device Control Daemon DCD and firewall process dfwd daemons of Juniper Networks Junos OS allows an attacker to...

CVE-2021-0283

A buffer overflow vulnerability in the TCP/IP stack of Juniper Networks Junos OS allows an attacker to send specific sequences of packets to the device thereby causing a Denial of Service DoS. By repeatedly sending these sequences of packets to the device, an attacker can sustain the Denial of...

CVE-2021-0285

An uncontrolled resource consumption vulnerability in Juniper Networks Junos OS on QFX5000 Series and EX4600 Series switches allows an attacker sending large amounts of legitimate traffic destined to the device to cause Interchassis Control Protocol ICCP interruptions, leading to an unstable...

CVE-2021-0288

A vulnerability in the processing of specific MPLS packets in Juniper Networks Junos OS on MX Series and EX9200 Series devices with Trio-based MPCs Modular Port Concentrators may cause FPC to crash and lead to a Denial of Service DoS condition. Continued receipt of this packet will sustain the...

CVE-2021-0290

Improper Handling of Exceptional Conditions in Ethernet interface frame processing of Juniper Networks Junos OS allows an attacker to send specially crafted frames over the local Ethernet segment, causing the interface to go into a down state, resulting in a Denial of Service DoS condition. The...

CVE-2021-0287

In a Segment Routing ISIS SR-ISIS/MPLS environment, on Juniper Networks Junos OS and Junos OS Evolved devices, configured with ISIS Flexible Algorithm for Segment Routing and sensor-based statistics, a flap of a ISIS link in the network, can lead to a routing process daemon RPD crash and restart,...

CVE-2021-0282

On Juniper Networks Junos OS devices with Multipath or add-path feature enabled, processing a specific BGP UPDATE can lead to a routing process daemon RPD crash and restart, causing a Denial of Service DoS. Continued receipt and processing of this UPDATE message will create a sustained Denial of...

CVE-2021-0280

Due to an Improper Initialization vulnerability in Juniper Networks Junos OS on PTX platforms and QFX10K Series with Paradise PE chipset-based line cards, ddos-protection configuration changes made from the CLI will not take effect as expected beyond the default DDoS Distributed Denial of Service...

Vulnerabilities fixed in Juniper products

Juniper has fixed vulnerabilities in Junos OS, Junos OS Evolved and PTX, QTX, MX, EX9200 and SRX4600 devices. The vulnerabilities potentially enable a malicious party to launch attacks leading to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Remote...

Juniper Networks Junos OS 和 Junos OS Evolved 缓冲区错误漏洞

Juniper Networks Junos OS and Junos OS Evolved are both products of Juniper Networks, Inc.Juniper Networks Junos OS is a network operating system for the company's hardware devices. Juniper Networks Junos OS is a network operating system for the company's hardware devices that provides a secure...

Juniper Networks Junos OS 安全漏洞

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. A security vulnerability exists in Junos OS. Details of the vulnerability are not available at this time, bu...

Juniper Networks Junos OS 缓冲区错误漏洞

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The OS provides a secure programming interface and the Junos SDK. Junos OS suffers from a buffer error vulnerability that originates from a buffer overflow vulnerability in the device's...

Juniper Networks Junos OS 安全漏洞

Juniper Networks Junos OS is a network operating system from Juniper Networks for the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. a security vulnerability exists in Junos OS that stems from jitter in BFD sessions that could in turn...

Juniper Networks Junos OS 缓冲区错误漏洞

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The OS provides a secure programming interface and the Junos SDK. Junos OS suffers from a buffer error vulnerability that originates from a buffer overflow vulnerability in the device's...

The vulnerability in the configuration of Junos OS operating system-based ACX5800, EX9200, MX10000, MX240, MX480, and MX960 routers allows a attacker to cause service interruptions.

The vulnerability of the configuration of Junos OS operating system routers of the ACX5800, EX9200, MX10000, MX240, MX480, and MX960 series is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability can allow a malicious actor to cause service failures...

The vulnerability of the Captive Portal and Content Delivery (CPCD) services in Junos OS router series MX devices allows a hacker to induce a service failure.

The vulnerability of the Captive Portal and Content Delivery CPCD services in Junos OS router series MX devices is related to pointer aliasing errors. Exploiting this vulnerability can allow a malicious actor to trigger service failures using specially created HTTP packets...

The vulnerability affects the implementation of NAT64 technology for Juniper Networks’ MS-MIC and MS-MPC routers, as well as Junos OS-based MX routers. This allows attackers to cause service interruptions.

The vulnerability of NAT64 technology implemented in Juniper Networks’ MS-MIC and MS-MPC routers for Junos OS operating systems is related to incorrect calculation of buffer size when processing IPv6 and IPv4 packets. Exploiting this vulnerability allows a malicious actor to cause service failure...

The vulnerability of the implementation of the VXLAN technology by Juniper Networks’ Modular Port Concentrator devices for Junos OS-based MX routers allows a attacker to cause a service failure.

The vulnerability of the VXLAN technology implemented by Juniper Networks’ Modular Port Concentrator for Junos OS routers of the MX series is related to insufficient checking of unusual or exceptional states when using the LACP protocol. Exploiting this vulnerability can allow a malicious actor t...