1134 matches found
CVE-2023-22394
An Improper Handling of Unexpected Data Type vulnerability in the handling of SIP calls in Juniper Networks Junos OS on SRX Series and MX Series platforms allows an attacker to cause a memory leak leading to Denial of Services DoS. This issue occurs on all MX Series platforms with MS-MPC or MS-MI...
CVE-2023-22394
An Improper Handling of Unexpected Data Type vulnerability in the handling of SIP calls in Juniper Networks Junos OS on SRX Series and MX Series platforms allows an attacker to cause a memory leak leading to Denial of Services DoS. This issue occurs on all MX Series platforms with MS-MPC or MS-MI...
Design/Logic Flaw
An Improper Check or Handling of Exceptional Conditions vulnerability in the IPsec library of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause Denial of Service DoS. On all MX platforms with MS-MPC or MS-MIC card, when specific IPv4 packets are processed by an...
Memory corruption
An Improper Handling of Unexpected Data Type vulnerability in the handling of SIP calls in Juniper Networks Junos OS on SRX Series and MX Series platforms allows an attacker to cause a memory leak leading to Denial of Services DoS. This issue occurs on all MX Series platforms with MS-MPC or MS-MI...
Input validation
An Improper Locking vulnerability in the SIP ALG of Juniper Networks Junos OS on MX Series with MS-MPC or MS-MIC card and SRX Series allows an unauthenticated, network-based attacker to cause a flow processing daemon flowd crash and thereby a Denial of Service DoS. Continued receipt of these...
Memory corruption
A Missing Release of Memory after Effective Lifetime vulnerability in the Juniper Networks Junos OS on MX Series platforms with MPC10/MPC11 line cards, allows an unauthenticated adjacent attacker to cause a Denial of Service DoS. Devices are only vulnerable when the Suspicious Control Flow...
Cross site scripting
An Out-of-bounds Write vulnerability in the Internet Key Exchange Protocol daemon iked of Juniper Networks Junos OS on SRX series and MX with SPC3 allows an authenticated, network-based attacker to cause a Denial of Service DoS. iked will crash and restart, and the tunnel will not come up when a...
Race condition
An Unchecked Input for Loop Condition vulnerability in a NAT library of Juniper Networks Junos OS allows a local authenticated attacker with low privileges to cause a Denial of Service DoS. When an inconsistent "deterministic NAT" configuration is present on an SRX, or MX with SPC3 and then a...
CVE-2023-22416 Junos OS: MX Series and SRX Series: The flow processing daemon (flowd) will crash if SIP ALG is enabled and a malformed SIP packet is received
A Buffer Overflow vulnerability in SIP ALG of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service DoS. On all MX Series and SRX Series platform with SIP ALG enabled, when a malformed SIP packet is received, the flow processing daemon flowd will...
CVE-2023-22413 Junos OS: MX Series: The Multiservices PIC Management Daemon (mspmand) will crash when an IPsec6 tunnel processes specific IPv4 packets
An Improper Check or Handling of Exceptional Conditions vulnerability in the IPsec library of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause Denial of Service DoS. On all MX platforms with MS-MPC or MS-MIC card, when specific IPv4 packets are processed by an...
CVE-2023-22412 Junos OS: MX Series and SRX Series: The flow processing daemon (flowd) will crash if the SIP ALG is enabled and specific SIP messages are processed
An Improper Locking vulnerability in the SIP ALG of Juniper Networks Junos OS on MX Series with MS-MPC or MS-MIC card and SRX Series allows an unauthenticated, network-based attacker to cause a flow processing daemon flowd crash and thereby a Denial of Service DoS. Continued receipt of these...
Juniper Junos OS Vulnerability (JSA70200)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA70200 advisory. - An Out-of-bounds Write vulnerability in the Internet Key Exchange Protocol daemon iked of Juniper Networks Junos OS on SRX series and MX with SPC3 allows an authenticated,...
CVE-2023-22394 Junos OS: SRX Series and MX Series: Memory leak due to receipt of specially crafted SIP calls
An Improper Handling of Unexpected Data Type vulnerability in the handling of SIP calls in Juniper Networks Junos OS on SRX Series and MX Series platforms allows an attacker to cause a memory leak leading to Denial of Services DoS. This issue occurs on all MX Series platforms with MS-MPC or MS-MI...
CVE-2023-22409 Junos OS: SRX Series, MX Series with SPC3: When an inconsistent NAT configuration exists and a specific CLI command is issued the SPC will reboot
An Unchecked Input for Loop Condition vulnerability in a NAT library of Juniper Networks Junos OS allows a local authenticated attacker with low privileges to cause a Denial of Service DoS. When an inconsistent "deterministic NAT" configuration is present on an SRX, or MX with SPC3 and then a...
CVE-2023-22410 Junos OS: MX Series with MPC10/MPC11: When Suspicious Control Flow Detection (scfd) is enabled and an attacker is sending specific traffic, this causes a memory leak.
A Missing Release of Memory after Effective Lifetime vulnerability in the Juniper Networks Junos OS on MX Series platforms with MPC10/MPC11 line cards, allows an unauthenticated adjacent attacker to cause a Denial of Service DoS. Devices are only vulnerable when the Suspicious Control Flow...
CVE-2023-22416 Junos OS: MX Series and SRX Series: The flow processing daemon (flowd) will crash if SIP ALG is enabled and a malformed SIP packet is received
A Buffer Overflow vulnerability in SIP ALG of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service DoS. On all MX Series and SRX Series platform with SIP ALG enabled, when a malformed SIP packet is received, the flow processing daemon flowd will...
CVE-2023-22404
CVE-2023-22404 describes an out-of-bounds write in Juniper Junos OS iked (SRX/MX with SPC3) that can cause DoS. An authenticated, network-based attacker can trigger iked to crash and restart during IKE negotiation by sending a specially formatted payload, disrupting other concurrent IKE negotiati...
CVE-2023-22413 Junos OS: MX Series: The Multiservices PIC Management Daemon (mspmand) will crash when an IPsec6 tunnel processes specific IPv4 packets
An Improper Check or Handling of Exceptional Conditions vulnerability in the IPsec library of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause Denial of Service DoS. On all MX platforms with MS-MPC or MS-MIC card, when specific IPv4 packets are processed by an...
Juniper Junos OS Vulnerability (JSA70190)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA70190 advisory. - An Improper Handling of Unexpected Data Type vulnerability in the handling of SIP calls in Juniper Networks Junos OS on SRX Series and MX Series platforms allows an attack...
Juniper Junos OS Vulnerability (JSA70208)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA70208 advisory. - An Improper Locking vulnerability in the SIP ALG of Juniper Networks Junos OS on MX Series with MS-MPC or MS-MIC card and SRX Series allows an unauthenticated, network-bas...