CVE-2024-21590

An Improper Input Validation vulnerability in Juniper Tunnel Driver jtd and ICMP module of Juniper Networks Junos OS Evolved allows an unauthenticated attacker within the MPLS administrative domain to send specifically crafted packets to the Routing Engine RE to cause a Denial of Service DoS. Whe...

CVE-2024-30394 Junos OS and Junos OS Evolved: A specific EVPN type-5 route causes rpd crash

A Stack-based Buffer Overflow vulnerability in the Routing Protocol Daemon RPD component of Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause an rpd crash, leading to Denial of Service DoS. On all Junos OS and Junos OS Evolved platforms, when EVPN is...

CVE-2024-30394 Junos OS and Junos OS Evolved: A specific EVPN type-5 route causes rpd crash

A Stack-based Buffer Overflow vulnerability in the Routing Protocol Daemon RPD component of Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause an rpd crash, leading to Denial of Service DoS. On all Junos OS and Junos OS Evolved platforms, when EVPN is...

CVE-2024-30394

CVE-2024-30394 affects Junos OS and Junos OS Evolved. It is a Stack-based Buffer Overflow in the Routing Protocol Daemon (RPD) triggered when EVPN is configured and a specific EVPN type-5 route is learned via BGP, causing an unauthenticated network-based attacker to crash rpd and induce DoS. Affe...

CVE-2024-30395 Junos OS and Junos OS Evolved: A malformed BGP tunnel encapsulation attribute will lead to an rpd crash

An Improper Validation of Specified Type of Input vulnerability in Routing Protocol Daemon RPD of Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause Denial of Service DoS. If a BGP update is received over an established BGP session which contains a tunnel...

CVE-2024-30395 Junos OS and Junos OS Evolved: A malformed BGP tunnel encapsulation attribute will lead to an rpd crash

An Improper Validation of Specified Type of Input vulnerability in Routing Protocol Daemon RPD of Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause Denial of Service DoS. If a BGP update is received over an established BGP session which contains a tunnel...

CVE-2024-30406

CVE-2024-30406 affects Juniper Networks Junos OS Evolved ACX Series devices running Paragon Active Assurance Test Agent. The issue is a Cleartext Storage in a File on Disk vulnerability that allows a local, authenticated attacker with high privileges to read other users’ credentials due to unencr...

CVE-2024-30406 Junos OS Evolved: ACX Series with Paragon Active Assurance Test Agent: A local high privileged attacker can recover other administrators credentials

A Cleartext Storage in a File on Disk vulnerability in Juniper Networks Junos OS Evolved ACX Series devices using the Paragon Active Assurance Test Agent software installed on network devices allows a local, authenticated attacker with high privileges to read all other users login credentials. Th...

CVE-2024-30409 Junos OS and Junos OS Evolved: Higher CPU consumption on routing engine leads to Denial of Service (DoS).

An Improper Check for Unusual or Exceptional Conditions vulnerability in telemetry processing of Juniper Networks Junos OS and Junos OS Evolved allows a network-based authenticated attacker to cause the forwarding information base telemetry daemon fibtd to crash, leading to a limited Denial of...

CVE-2024-30409

Vulnerability (CVE-2024-30409) in Juniper Networks Junos OS and Junos OS Evolved telemtry processing can crash the forwarding information base telemetry daemon (fibtd) via an improper check for unusual or exceptional conditions. A network-based authenticated attacker can cause a limited Denial of...

CVE-2024-30409 Junos OS and Junos OS Evolved: Higher CPU consumption on routing engine leads to Denial of Service (DoS).

An Improper Check for Unusual or Exceptional Conditions vulnerability in telemetry processing of Juniper Networks Junos OS and Junos OS Evolved allows a network-based authenticated attacker to cause the forwarding information base telemetry daemon fibtd to crash, leading to a limited Denial of...

CVE-2024-21618

CVE-2024-21618 affects Juniper Junos OS and Junos OS Evolved, where receiving a malformed LLDP packet on an interface with LLDP enabled can trigger an Access of Memory Location After End of Buffer in the Layer-2 Control Protocols Daemon (l2cpd). This causes l2cpd to crash and restart, reinitializ...

CVE-2024-21618 Junos OS and Junos OS Evolved: When LLDP is enabled and a malformed LLDP packet is received, l2cpd crashes

An Access of Memory Location After End of Buffer vulnerability in the Layer-2 Control Protocols Daemon l2cpd of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause Denial of Service DoS. On all Junos OS and Junos OS Evolved platforms, when LLDP is...

CVE-2024-21615 Junos OS and Junos OS Evolved: A low-privileged user can access confidential information

An Incorrect Default Permissions vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker to access confidential information on the system. On all Junos OS and Junos OS Evolved platforms, when NETCONF traceoptions are configured, and a super-user...

CVE-2024-21615

CVE-2024-21615 concerns Juniper Networks Junos OS and Junos OS Evolved. The root cause is an Incorrect Default Privileges condition that, when NETCONF traceoptions are configured, can allow a local, low-privileged user to access confidential information after a super-user performs certain NETCONF...

CVE-2024-21598 Junos OS and Junos OS Evolved: A malformed BGP tunnel encapsulation attribute will lead to an rpd crash

An Improper Validation of Syntactic Correctness of Input vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated attacker to cause a Denial of Service DoS. If a BGP update is received over an established BGP sessio...

CVE-2024-21590

CVE-2024-21590 describes an improper input validation in Juniper Tunnel Driver (jtd) and the ICMP module of Junos OS Evolved that allows an unauthenticated attacker within the MPLS domain to send crafted MPLS IPv4 packets to the Routing Engine, potentially causing a Denial of Service (DoS). Affec...

Juniper Networks Junos OS 安全漏洞

Juniper Networks Junos OS is a Juniper Networks USA network operating system dedicated to the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS and Junos OS Evolved, which stems...

Juniper Networks Junos OS Evolved 安全漏洞

Juniper Networks Junos OS Evolved is an upgraded version of Juniper Networks' Junos OS. A security vulnerability exists in Juniper Networks Junos OS Evolved ACX versions 23.1R1-EVO through 23.2R2-EVO, which arises from a plaintext storage vulnerability in a disk file that could allow a local,...

Juniper Networks Junos OS 安全漏洞

Juniper Networks Junos OS is a Juniper Networks USA network operating system dedicated to the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. Juniper Networks Junos OS and Junos OS Evolved contain a security vulnerability that originates...