CVE-2023-20260

A vulnerability in the application CLI of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager could allow an authenticated, local attacker to gain escalated privileges. This vulnerability is due to improper processing of command line arguments to application scripts. An...

CVE-2023-20260

CVE-2023-20260 affects Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM). The root cause is improper processing of command line arguments to application scripts in the CLI, enabling an authenticated, local attacker to escalate to root privileges on the underlying OS...

CVE-2023-20260

A vulnerability in the application CLI of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager could allow an authenticated, local attacker to gain escalated privileges. This vulnerability is due to improper processing of command line arguments to application scripts. An...

CVE-2023-20271

A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to improper validation of...

CVE-2024-21611

A Missing Release of Memory after Effective Lifetime vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. In a Juniper Flow Monitoring jflow scenario route churn that...

CVE-2024-21613

A Missing Release of Memory after Effective Lifetime vulnerability in Routing Protocol Daemon RPD of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause an rpd crash, leading to Denial of Service DoS. On all Junos OS and Junos OS Evolved platforms,...

CVE-2024-21614

An Improper Check for Unusual or Exceptional Conditions vulnerability in Routing Protocol Daemon RPD of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated attacker to cause rpd to crash, leading to Denial of Service DoS. On all Junos OS and Junos OS Evolved...

CVE-2024-21612

An Improper Handling of Syntactically Invalid Structure vulnerability in Object Flooding Protocol OFP service of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. On all Junos OS Evolved platforms, when specific TCP packets are...

CVE-2024-21602

A NULL Pointer Dereference vulnerability in Juniper Networks Junos OS Evolved on ACX7024, ACX7100-32C and ACX7100-48L allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. If a specific IPv4 UDP packet is received and sent to the Routing Engine RE packetio crashes an...

CVE-2024-21602

A NULL Pointer Dereference vulnerability in Juniper Networks Junos OS Evolved on ACX7024, ACX7100-32C and ACX7100-48L allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. If a specific IPv4 UDP packet is received and sent to the Routing Engine RE packetio crashes an...

CVE-2024-21585

An Improper Handling of Exceptional Conditions vulnerability in BGP session processing of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker, using specific timing outside the attacker's control, to flap BGP sessions and cause the routing protocol daem...

Heap overflow

A Heap-based Buffer Overflow vulnerability in the Routing Protocol Daemon RPD of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network based attacker to cause a Denial of Service DoS. If an attacker sends a specific BGP UPDATE message to the device, this will cause a...

Memory corruption

A Missing Release of Memory after Effective Lifetime vulnerability in Routing Protocol Daemon RPD of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause an rpd crash, leading to Denial of Service DoS. On all Junos OS and Junos OS Evolved platforms,...

Design/Logic Flaw

A Missing Release of Memory after Effective Lifetime vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. In a Juniper Flow Monitoring jflow scenario route churn that...

Code injection

An Allocation of Resources Without Limits or Throttling vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. If a high rate of specific valid packets are processed by the routing engine RE this will le...

CVE-2024-21614

Summary: CVE-2024-21614 affects Juniper Networks Junos OS and Junos OS Evolved. The issue is an improper check for unusual or exceptional conditions in the Routing Protocol Daemon (RPD). When NETCONF and gRPC are enabled and a specific Dynamic Rendering (DREND) query is executed, RPD crashes and ...

CVE-2024-21614 Junos OS and Junos OS Evolved: A specific query via DREND causes rpd crash

An Improper Check for Unusual or Exceptional Conditions vulnerability in Routing Protocol Daemon RPD of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated attacker to cause rpd to crash, leading to Denial of Service DoS. On all Junos OS and Junos OS Evolved...

CVE-2024-21613 Junos OS and Junos OS Evolved: A link flap causes patroot memory leak which leads to rpd crash

A Missing Release of Memory after Effective Lifetime vulnerability in Routing Protocol Daemon RPD of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause an rpd crash, leading to Denial of Service DoS. On all Junos OS and Junos OS Evolved platforms,...

CVE-2024-21612

CVE-2024-21612 affects Juniper Networks Junos OS Evolved, specifically the Object Flooding Protocol (OFP) service. An improper handling of a syntactically invalid structure allows unauthenticated, network-based attackers to crash OFP by sending specific TCP packets to an open OFP port, causing th...

CVE-2024-21611 Junos OS and Junos OS Evolved: In a jflow scenario continuous route churn will cause a memory leak and eventually an rpd crash

A Missing Release of Memory after Effective Lifetime vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. In a Juniper Flow Monitoring jflow scenario route churn that...