CVE-2024-39542 Junos OS and Junos OS Evolved: A malformed CFM packet or specific transit traffic leads to FPC crash

An Improper Validation of Syntactic Correctness of Input vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on MX Series with MPC10/11 or LC9600, MX304, and Junos OS Evolved on ACX Series and PTX Series allows an unauthenticated, network based attacker to cause a...

CVE-2024-39541

CVE-2024-39541 affects Juniper Networks Junos OS and Junos OS Evolved. The vulnerability arises in the Routing Protocol Daemon (rpd) when conflicting information about a node is added to the Traffic Engineering (TE) database and subsequently processed, causing rpd to crash and restart (unauthenti...

CVE-2024-39541 Junos OS and Junos OS Evolved: Inconsistent information in the TE database can lead to an rpd crash

An Improper Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial-of-Service DoS. When conflicting information IP or ISO addresses about a node is added t...

CVE-2024-39528

A Use After Free vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated, network-based attacker to cause a Denial of Service DoS.On all Junos OS and Junos Evolved platforms, if a routing-instance deactivation is triggered, and at...

CVE-2024-39528

A Use After Free vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated, network-based attacker to cause a Denial of Service DoS.On all Junos OS and Junos Evolved platforms, if a routing-instance deactivation is triggered, and at...

CVE-2024-39522

An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved commands allows a local, authenticated attacker with low privileges to escalate their privileges to 'root' leading to a full compromise of the system. The Junos OS Evolved CLI doesn't properly handle...

CVE-2024-39524

An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved commands allows a local, authenticated attacker with low privileges to escalate their privileges to 'root' leading to a full compromise of the system. The Junos OS Evolved CLI doesn't properly handle...

CVE-2024-39523

An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved commands allows a local, authenticated attacker with low privileges to escalate their privileges to 'root' leading to a full compromise of the system. The Junos OS Evolved CLI doesn't properly handle...

CVE-2024-39522

An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved commands allows a local, authenticated attacker with low privileges to escalate their privileges to 'root' leading to a full compromise of the system. The Junos OS Evolved CLI doesn't properly handle...

CVE-2024-39521

An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved commands allows a local, authenticated attacker with low privileges to escalate their privileges to 'root' leading to a full compromise of the system. The Junos OS Evolved CLI doesn't properly handle...

CVE-2024-39524

An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved commands allows a local, authenticated attacker with low privileges to escalate their privileges to 'root' leading to a full compromise of the system. The Junos OS Evolved CLI doesn't properly handle...

CVE-2024-39519

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS Evolved on ACX7000 Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service DoS. On all ACX 7000 Series platforms running Junos OS Evolved...

CVE-2024-39519

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS Evolved on ACX7000 Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service DoS. On all ACX 7000 Series platforms running Junos OS Evolved...

CVE-2024-39520

An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved commands allows a local, authenticated attacker with low privileges to escalate their privileges to 'root' leading to a full compromise of the system. The Junos OS Evolved CLI doesn't properly handle...

CVE-2024-39538 Junos OS Evolved: ACX7000 Series: When multicast traffic with a specific (S,G) is received evo-pfemand crashes

A Buffer Copy without Checking Size of Input vulnerability in the PFE management daemon evo-pfemand of Juniper Networks Junos OS Evolved on ACX7000 Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service DoS.When multicast traffic with a specific, valid S,G is received,...

CVE-2024-39538

Junos OS Evolved on ACX7000 Series is affected by CVE-2024-39538 due to a Buffer Copy without Checking Size of Input in evo-pfemand (PFE management daemon). An unauthenticated, adjacent attacker can cause a Denial-of-Service by sending multicast traffic with a specific (S,G); evo-pfemand crashes,...

CVE-2024-39537 Junos OS Evolved: ACX7000 Series: Ports which have been inadvertently exposed can be reached over the network

An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved on ACX 7000 Series allows an unauthenticated, network-based attacker to cause a limited information disclosure and availability impact to the device. Due to a wrong...

CVE-2024-39536 Junos OS and Junos OS Evolved: Flaps of BFD sessions with authentication cause a ppmd memory leak

A Missing Release of Memory after Effective Lifetime vulnerability in the Periodic Packet Management Daemon ppmd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause a Denial-of-Service DoS. When a BFD session configured with authentication...

CVE-2024-39536

CVE-2024-39536 concerns Juniper Networks Junos OS and Junos OS Evolved. A Missing Release of Memory after Effective Lifetime vulnerability in the Periodic Packet Management Daemon (ppmd) allows an unauthenticated adjacent attacker to cause a Denial-of-Service (DoS). The leak is triggered when a B...

CVE-2024-39536 Junos OS and Junos OS Evolved: Flaps of BFD sessions with authentication cause a ppmd memory leak

A Missing Release of Memory after Effective Lifetime vulnerability in the Periodic Packet Management Daemon ppmd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause a Denial-of-Service DoS. When a BFD session configured with authentication...