CVE-2024-30403 Junos OS Evolved: When MAC learning happens, and an interface gets flapped, the PFE crashes

A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. When Layer 2 traffic is sent through a logical interface, MAC learning happens. If during this process,...

CVE-2024-30402 Junos OS and Junos OS Evolved: The l2ald crashes on receiving telemetry messages from a specific subscription

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Layer 2 Address Learning Daemon l2ald of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. When telemetry requests are sent to the device, and t...

CVE-2024-30402 Junos OS and Junos OS Evolved: The l2ald crashes on receiving telemetry messages from a specific subscription

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Layer 2 Address Learning Daemon l2ald of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. When telemetry requests are sent to the device, and t...

CVE-2024-30390 Junos OS Evolved: Connection limits is not being enforced while the resp. rate limit is being enforced

An Improper Restriction of Excessive Authentication Attempts vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a limited Denial of Service DoS to the management plane. When an incoming connection was blocked because it exceeded the...

CVE-2024-30390

CVE-2024-30390 affects Juniper Networks Junos OS Evolved. The vulnerability is an improper restriction of excessive authentication attempts: after a connection is blocked for exceeding connections-per-second, the system does not consider existing connections for subsequent attempts, allowing the ...

CVE-2024-30386 Junos OS and Junos OS Evolved: In a EVPN-VXLAN scenario state changes on adjacent systems can cause an l2ald process crash

A Use-After-Free vulnerability in the Layer 2 Address Learning Daemon l2ald of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause l2ald to crash leading to a Denial-of-Service DoS. In an EVPN-VXLAN scenario, when state updates are received and...

CVE-2024-30386 Junos OS and Junos OS Evolved: In a EVPN-VXLAN scenario state changes on adjacent systems can cause an l2ald process crash

A Use-After-Free vulnerability in the Layer 2 Address Learning Daemon l2ald of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause l2ald to crash leading to a Denial-of-Service DoS. In an EVPN-VXLAN scenario, when state updates are received and...

CVE-2024-30382

Juniper Networks Junos OS and Junos OS Evolved are affected by CVE-2024-30382 via an Improper Handling of Exceptional Conditions in the routing protocol daemon (rpd). A network-based, unauthenticated attacker can trigger a specific routing update when CB F (CoS-based forwarding) is configured wit...

CVE-2024-30409

An Improper Check for Unusual or Exceptional Conditions vulnerability in telemetry processing of Juniper Networks Junos OS and Junos OS Evolved allows a network-based authenticated attacker to cause the forwarding information base telemetry daemon fibtd to crash, leading to a limited Denial of...

CVE-2024-30406

A Cleartext Storage in a File on Disk vulnerability in Juniper Networks Junos OS Evolved ACX Series devices using the Paragon Active Assurance Test Agent software installed on network devices allows a local, authenticated attacker with high privileges to read all other users login credentials. Th...

CVE-2024-30406

A Cleartext Storage in a File on Disk vulnerability in Juniper Networks Junos OS Evolved ACX Series devices using the Paragon Active Assurance Test Agent software installed on network devices allows a local, authenticated attacker with high privileges to read all other users login credentials. Th...

CVE-2024-30409

An Improper Check for Unusual or Exceptional Conditions vulnerability in telemetry processing of Juniper Networks Junos OS and Junos OS Evolved allows a network-based authenticated attacker to cause the forwarding information base telemetry daemon fibtd to crash, leading to a limited Denial of...

CVE-2024-30394

A Stack-based Buffer Overflow vulnerability in the Routing Protocol Daemon RPD component of Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause an rpd crash, leading to Denial of Service DoS. On all Junos OS and Junos OS Evolved platforms, when EVPN is...

CVE-2024-21615

An Incorrect Default Permissions vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker to access confidential information on the system. On all Junos OS and Junos OS Evolved platforms, when NETCONF traceoptions are configured, and a super-user...

CVE-2024-21618

An Access of Memory Location After End of Buffer vulnerability in the Layer-2 Control Protocols Daemon l2cpd of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause Denial of Service DoS. On all Junos OS and Junos OS Evolved platforms, when LLDP is...

CVE-2024-30394

A Stack-based Buffer Overflow vulnerability in the Routing Protocol Daemon RPD component of Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause an rpd crash, leading to Denial of Service DoS. On all Junos OS and Junos OS Evolved platforms, when EVPN is...

CVE-2024-21615

An Incorrect Default Permissions vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker to access confidential information on the system. On all Junos OS and Junos OS Evolved platforms, when NETCONF traceoptions are configured, and a super-user...

CVE-2024-30395

An Improper Validation of Specified Type of Input vulnerability in Routing Protocol Daemon RPD of Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause Denial of Service DoS. If a BGP update is received over an established BGP session which contains a tunnel...

CVE-2024-21598

An Improper Validation of Syntactic Correctness of Input vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated attacker to cause a Denial of Service DoS. If a BGP update is received over an established BGP sessio...

CVE-2024-21590

An Improper Input Validation vulnerability in Juniper Tunnel Driver jtd and ICMP module of Juniper Networks Junos OS Evolved allows an unauthenticated attacker within the MPLS administrative domain to send specifically crafted packets to the Routing Engine RE to cause a Denial of Service DoS. Whe...