Juniper Junos OS Vulnerability (JSA100091)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA100091 advisory. - A Use of Incorrect Operator vulnerability in the Routing Engine firewall of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to bypass...

Juniper Networks Releases Security Bulletin for Junos OS and Junos OS Evolved

Juniper Networks has released a security advisory to address a vulnerability CVE-2024-21611 in Junos OS and Junos OS Evolved. A cyber threat actor could exploit this vulnerability to cause a denial-of-service condition. CISA encourages users and administrators to review the Juniper Advisory...

Juniper Junos OS Vulnerability (JSA11140)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA11140 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. C Tenable Network Security, Inc...

Juniper Junos MX/EX9200 Series: DDoS Vulnerability (JSA11062)

The version of Junos OS installed on the remote host is MX series or EX9200 series prior to 17.2R3-S4, 17.2X75-D102, 17.3R3-S8, 17.4R2-S11,18.2R2-S7, 18.2X75-D30, or 18.3R2-S4. It is, therefore, affected by a vulnerability as referenced in the JSA11062 advisory. Note that Nessus has not tested fo...

Junos OS: SRX Series: Unified Access Control (UAC) bypass vulnerability (JSA11018)

The version of Junos OS installed on the remote host is prior to 12.3X48-D100, 15.1X49-D210, 17.3R2-S5, 17.4R2-S9, 18.1R3-S10, 18.2R2-S7, 18.3R1-S7, 18.4R1-S6, 19.1R1-S4, 19.2R1-S3, 19.3R2-S1, or 19.4R1-S1. It is, therefore, affected by a unified access control UAC bypass vulnerability as...

Juniper Junos RCE (JSA10871)

According to the self reported version of Junos OS on the remote device it is affected by a remote code execution vulnerability in the routing protocol daemon RPD. An unauthenticated, remote attacker can exploit this, via crafted BGP NOTIFICATION messages, to crash the RPD process and potentially...

Junos OS: processing of specific transit IP packets in flowd, leading to Denial of Service (JSA10959)

The version of Junos OS installed on the remote host is prior to 15.1X49-D171 or 18.4R2. It is, therefore, affected by a vulnerability as referenced in the JSA10959 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...

Juniper JSA10947

The version of Junos OS installed on the remote host is prior to 12.3R12-S13, 12.3X48-D80, 14.1X53-D130, 15.1F6-S12, 15.1X49-D170, 15.1X53-D237, 16.1R3-S11, 16.2R2-S9, 17.1R3, 17.2R1-S8, 17.3R3-S4, 17.4R1-S6, 18.1R2-S4, 18.2R1-S5, 18.2X75-D40, 18.3R1-S3, or 18.4R1-S2. It is, therefore, affected b...

Junos OS: srxpfe DoS (JSA10972)

According to its self-reported version number, the remote Juniper Junos device is affected by a vulnerability in the srxpfe process. An unauthenticated, remote attacker can exploit this issue, by sending a large amount of traffic to an affected SRX1500 device, causing it to fail to forward traffi...

Juniper JSA10949

The version of Junos OS installed on the remote host is prior to 12.3X48-D80, 14.1X53-D51, 15.1F6-S13, 15.1X49-D171, 15.1X53-D238, 16.1R7-S5, 16.2R2-S9, 17.1R3, 17.2R1-S8, 17.3R3-S4, 17.4R1-S7, 18.1R2-S4, 18.2R1-S5, 18.2X75-D50, 18.3R1-S3, 18.4R1-S2, or 19.1R1-S1. It is, therefore, affected by a...

Junos OS: app-id Signature Update MitM (JSA10952)

According to its self-reported version number, the remote Juniper Junos device is affected by a weakness in the Application Identification app-id signature update client. This allows an unauthenticated, remote attacker to perform a Man-in-the-Middle MitM attack which can compromise the integrity...

Juniper JSA10925

The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the JSA10925 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self- reported version numbe...

Juniper Junos Memory Exhaustion RDP DOS with JET support (JSA10882)

According to its self-reported version number, the remote Junos device is affected by a denial of service vulnerability due to a flaw with the Routing Protocols Daemon with Juniper Extension Toolkit support. A remote attacker could exhaust memory resources potentially causing the device to become...

Juniper Junos Privilege Escalation (JSA10857)

According to its self-reported version number, the remote Junos device is affected by a privilege escalation vulnerability. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid111204; scriptversion"1.5"; scriptsetattributeattribute:"pluginmodificationdate",...

Juniper Junos DoS Telnet Vulnerability (JSA10817)

According to its self-reported version number, the remote Junos device is affected by two vulnerabilities in the telnetd service that may allow a remote unauthenticated attacker to cause a denial of service through memory and/or CPU consumption. TRUSTED...

Juniper Junos FreeBSD libc db Information Disclosure (JSA10756)

According to its self-reported version number, the remote Juniper Junos device is affected by an information disclosure vulnerability in the underlying FreeBSD operating system libc db interface due to improper initialization of memory for Berkeley DB 1.85 database structures. A local attacker ca...

Juniper Junos MX and T4000 Series Trinity uBFD Packet DoS (JSA10701)

According to its self-reported version number, the remote Juniper Junos device is potentially affected by a denial of service vulnerability due to improper handling of uBFD packets that are received directly by chassis that have the 'Trio Chipset' Trinity MPC. A remote attacker can exploit this...

Juniper Junos SRX Series Dynamic VPN XSS (JSA10677)

According to its self-reported version number, the remote Juniper Junos SRX series device is affected by a cross-site scripting vulnerability due to a flaw in Dynamic VPN. A remote attacker can exploit this to view sensitive information or session credentials. Note that this issue only affects...

Juniper Junos SRX1400/3400/3600 Etherleak Information Disclosure (JSA10579)

According to its self-reported version number, the remote Junos device has an information disclosure vulnerability. SRX1400, SRX3400, and SRX3600 services gateways pad Ethernet packets with data from previous packets instead of padding them with null bytes. A remote, unauthenticated attacker coul...

Juniper Junos PIM Join Flood DoS (PSN-2013-01-808)

According to its self-reported version number, the remote Junos device has a denial of service vulnerability. Receiving a large number of specially crafted IPv4 or IPv6 PIM join messages in a Next-Generation Multicast VPN NGEN MVPN environment can cause the routing daemon to crash. C Tenable...