203 matches found
CVE-2024-39563 Junos Space: Remote Command Execution (RCE) vulnerability in web application
A Command Injection vulnerability in Juniper Networks Junos Space allows an unauthenticated, network-based attacker sending a specially crafted request to execute arbitrary shell commands on the Junos Space Appliance, leading to remote command execution by the web application, gaining complete...
CVE-2024-39563 Junos Space: Remote Command Execution (RCE) vulnerability in web application
A Command Injection vulnerability in Juniper Networks Junos Space allows an unauthenticated, network-based attacker sending a specially crafted request to execute arbitrary shell commands on the Junos Space Appliance, leading to remote command execution by the web application, gaining complete...
CVE-2024-5624
Reflected Cross-Site Scripting XSS in Shift Logbook application of B&R APROL = R 4.4-00P3 may allow a network-based attacker to execute arbitrary JavaScript code in the context of the user's browser session...
CVE-2024-5624 Reflected Cross-Site Scripting (XSS) in Shift Logbook application of B&R APROL
Reflected Cross-Site Scripting XSS in Shift Logbook application of B&R APROL = R 4.4-00P3 may allow a network-based attacker to execute arbitrary JavaScript code in the context of the user's browser session...
Juniper Junos OS DoS (JSA82988)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA82988 advisory. - A Use of Externally-Controlled Format String vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on SRX Series allows an unauthenticated,...
CVE-2024-39533
An Unimplemented or Unsupported Feature in the UI vulnerability in Juniper Networks Junos OS on QFX5000 Series and EX4600 Series allows an unauthenticated, network-based attacker to cause a minor integrity impact to downstream networks.If one or more of the following match conditions...
CVE-2024-39553
CVE-2024-39553 affects Juniper Networks Junos OS Evolved sampling service (inline jflow). A Resource Exposure to Wrong Sphere vulnerability allows an unauthenticated, network-based attacker to send arbitrary data to the device, causing the msvcsd process to crash and yielding limited DoS while no...
CVE-2024-39551 Junos OS: SRX Series and MX Series with SPC3 and MS-MPC/MIC: Receipt of specific packets in H.323 ALG causes traffic drop
An Uncontrolled Resource Consumption vulnerability in the H.323 ALG Application Layer Gateway of Juniper Networks Junos OS on SRX Series and MX Series with SPC3 and MS-MPC/MIC, allows an unauthenticated network-based attacker to send specific packets causing traffic loss leading to Denial of...
CVE-2024-39545 Junos OS: SRX Series, MX Series with SPC3 and NFX350: When VPN tunnels parameters are not configured in specific way the iked process will crash
An Improper Check for Unusual or Exceptional Conditions vulnerability in the the IKE daemon iked of Juniper Networks Junos OS on SRX Series, MX Series with SPC3 and NFX350 allows allows an unauthenticated, network-based attacker sending specific mismatching parameters as part of the IPsec...
CVE-2024-39545
The CVE describes an Improper Check for Unusual or Exceptional Conditions in Juniper Networks Junos OS iked (on SRX Series, MX Series with SPC3, and NFX350), where unauthenticated network-based attackers can trigger an iked crash during IPsec negotiations by sending specific mismatching parameter...
CVE-2024-39545 Junos OS: SRX Series, MX Series with SPC3 and NFX350: When VPN tunnels parameters are not configured in specific way the iked process will crash
An Improper Check for Unusual or Exceptional Conditions vulnerability in the the IKE daemon iked of Juniper Networks Junos OS on SRX Series, MX Series with SPC3 and NFX350 allows allows an unauthenticated, network-based attacker sending specific mismatching parameters as part of the IPsec...
CVE-2024-39528
A Use After Free vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated, network-based attacker to cause a Denial of Service DoS.On all Junos OS and Junos Evolved platforms, if a routing-instance deactivation is triggered, and at...
CVE-2024-39537
CVE-2024-39537 affects Juniper Networks Junos OS Evolved on the ACX 7000 Series. Root cause: initialization error allows processes that should be internal to be reachable over the network via open ports, enabling an unauthenticated, network-based attacker to cause limited information disclosure a...
CVE-2024-39533 Junos OS: QFX5000 Series and EX4600 Series: Output firewall filter is not applied if certain match criteria are used
An Unimplemented or Unsupported Feature in the UI vulnerability in Juniper Networks Junos OS on QFX5000 Series and EX4600 Series allows an unauthenticated, network-based attacker to cause a minor integrity impact to downstream networks.If one or more of the following match conditions...
CVE-2024-39528 Junos OS and Junos OS Evolved: Concurrent deletion of a routing-instance and receipt of an SNMP request cause an RPD crash
A Use After Free vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated, network-based attacker to cause a Denial of Service DoS.On all Junos OS and Junos Evolved platforms, if a routing-instance deactivation is triggered, and at...
CVE-2024-39528
CVE-2024-39528 — AUse After Free in Juniper Junos OS/Junos OS Evolved Routing Protocol Daemon (rpd) causes a segmentation fault on a specific sequence (routing-instance deactivation + SNMP request), leading to rpd crash and DoS. Affected: Junos OS and Junos OS Evolved. Reported vulnerable version...
CVE-2024-39565 Junos OS: J-Web: An unauthenticated, network-based attacker can perform XPATH injection attack against a device.
An Improper Neutralization of Data within XPath Expressions 'XPath Injection' vulnerability in J-Web shipped with Juniper Networks Junos OS allows an unauthenticated, network-based attacker to execute remote commands on the target device. While an administrator is logged into a J-Web session or...
Juniper Junos OS Vulnerability (JSA83007)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA83007 advisory. - An Improper Check for Unusual or Exceptional Conditions vulnerability in the the IKE daemon iked of Juniper Networks Junos OS on SRX Series, MX Series with SPC3 and NFX350...
Juniper Junos OS Vulnerability (JSA83023)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA83023 advisory. - An Improper Neutralization of Data within XPath Expressions 'XPath Injection' vulnerability in J-Web shipped with Juniper Networks Junos OS allows an unauthenticated,...
Juniper Junos OS Vulnerability (JSA79101)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA79101 advisory. - An Exposure of Resource to Wrong Sphere vulnerability in the sampling service of Juniper Networks Junos OS Evolved allows an unauthenticated network-based attacker to send...