Lucene search
+L

873 matches found

Prion
Prion
added 2021/01/15 6:15 p.m.16 views

Design/Logic Flaw

In Juniper Networks Junos OS Evolved an attacker sending certain valid BGP update packets may cause Junos OS Evolved to access an uninitialized pointer causing RPD to core leading to a Denial of Service DoS. Continued receipt of these types of valid BGP update packets will cause an extended Denia...

5.7CVSS6.4AI score0.00441EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/01/15 5:35 p.m.109 views

CVE-2021-0211

CVE-2021-0211 describes an improper check in Juniper Networks Junos OS and Junos OS Evolved Routing Protocol Daemon (RPD) that allows an attacker to inject a valid BGP FlowSpec message, causing unexpected changes to route advertisements in the BGP FlowSpec domain and leading to a DoS condition. A...

10CVSS9.4AI score0.01317EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2021/01/15 5:35 p.m.29 views

CVE-2021-0211 Junos OS and Junos OS Evolved: Upon receipt of a specific BGP FlowSpec message network traffic may be disrupted.

An improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved Routing Protocol Daemon RPD service allows an attacker to send a valid BGP FlowSpec message thereby causing an unexpected change in the route advertisements within the BGP FlowSpec domain...

10CVSS9.6AI score0.01317EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/01/13 12:0 a.m.7 views

Juniper Networks Junos OS Input Validation Error Vulnerability

Juniper Networks Junos OS and Junos OS Evolved are both products of Juniper Networks, Inc.Juniper Networks Junos OS is a network operating system dedicated to the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. Junos OS Evolved is an...

8.8CVSS7.2AI score0.0065EPSS
Exploits0References6
CNVD
CNVD
added 2020/10/21 12:0 a.m.3 views

Juniper Networks Junos OS Evolved Code Issue Vulnerability

Juniper Networks Junos OS Evolved is an upgraded version of Juniper Networks' Junos OS. Juniper Networks Junos OS Evolved has a security vulnerability that can be exploited by an attacker to bypass restrictions and escalate his privileges by ignoring logout-disconnect...

7.2CVSS7.2AI score0.00328EPSS
Exploits0References1
CNVD
CNVD
added 2020/10/19 12:0 a.m.3 views

Juniper Networks Junos OS Evolved NDP Message Denial of Service Vulnerability

Juniper Networks Junos OS Evolved is a set of network operating systems dedicated to the company's hardware devices. Juniper Networks Junos OS Evolved suffers from a security vulnerability in the handling of NDP messages, which can be exploited by a remote attacker to submit a special request tha...

6.5CVSS7AI score0.00509EPSS
Exploits0References1
NVD
NVD
added 2020/10/16 9:15 p.m.16 views

CVE-2020-1678

On Juniper Networks Junos OS and Junos OS Evolved platforms with EVPN configured, receipt of specific BGP packets causes a slow memory leak. If the memory is exhausted the rpd process might crash. If the issue occurs, the memory leak could be seen by executing the "show task memory detail | match...

6.5CVSS0.00413EPSS
Exploits0References1
Prion
Prion
added 2020/10/16 9:15 p.m.22 views

Design/Logic Flaw

On Juniper Networks Junos OS and Junos OS Evolved devices, BGP session flapping can lead to a routing process daemon RPD crash and restart, limiting the attack surface to configured BGP peers. This issue only affects devices with BGP damping in combination with accepted-prefix-limit configuration...

4.3CVSS7.6AI score0.01288EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/10/16 9:15 p.m.14 views

Default configuration

The system console configuration option 'log-out-on-disconnect' In Juniper Networks Junos OS Evolved fails to log out an active CLI session when the console cable is disconnected. This could allow a malicious attacker with physical access to the console the ability to resume a previous interactiv...

7.2CVSS6.5AI score0.00328EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/10/16 8:31 p.m.49 views

CVE-2020-1681

CVE-2020-1681 affects Juniper Networks Junos OS Evolved prior to 20.1R2-EVO. A malformed IPv6 NDP packet can crash the ndp process, causing a DoS with the service restarting automatically; extended malformed traffic can impair IPv6 neighbor learning. The issue is limited to IPv6 NDP packet proces...

6.5CVSS6.3AI score0.00509EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/10/16 8:31 p.m.22 views

CVE-2020-1681 Junos OS Evolved: Receipt of a specifically malformed NDP packet could lead to Denial of Service

Receipt of a specifically malformed NDP packet sent from the local area network LAN to a device running Juniper Networks Junos OS Evolved can cause the ndp process to crash, resulting in a Denial of Service DoS. The process automatically restarts without intervention, but a continuous receipt of...

6.5CVSS6.3AI score0.00509EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/10/16 8:31 p.m.19 views

CVE-2020-1678 Junos OS and Junos OS Evolved: RPD can crash due to a slow memory leak.

On Juniper Networks Junos OS and Junos OS Evolved platforms with EVPN configured, receipt of specific BGP packets causes a slow memory leak. If the memory is exhausted the rpd process might crash. If the issue occurs, the memory leak could be seen by executing the "show task memory detail | match...

6.5CVSS6.5AI score0.00413EPSS
Exploits0References1
CVE
CVE
added 2020/10/16 8:31 p.m.43 views

CVE-2020-1666

CVE-2020-1666 affects Juniper Networks Junos OS Evolved: the console logout-on-disconnect option fails to terminate an active CLI session when the console cable is disconnected. Descriptions across connected documents indicate that a physically proximate attacker could resume a prior interactive ...

7.2CVSS6.5AI score0.00328EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/10/16 8:31 p.m.20 views

CVE-2020-1666 Junos OS Evolved: 'console log-out-on-disconnect' fails to terminate session on console cable disconnection

The system console configuration option 'log-out-on-disconnect' In Juniper Networks Junos OS Evolved fails to log out an active CLI session when the console cable is disconnected. This could allow a malicious attacker with physical access to the console the ability to resume a previous interactiv...

6.6CVSS6.5AI score0.00328EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/10/16 8:31 p.m.27 views

CVE-2020-1662 Junos OS and Junos OS Evolved: RPD crash due to BGP session flapping.

On Juniper Networks Junos OS and Junos OS Evolved devices, BGP session flapping can lead to a routing process daemon RPD crash and restart, limiting the attack surface to configured BGP peers. This issue only affects devices with BGP damping in combination with accepted-prefix-limit configuration...

7.5CVSS7.7AI score0.01288EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/10/16 12:0 a.m.6 views

PT-2020-14887 · Juniper Networks · Junos Evolved

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS Evolved versions prior to 20.1R2-EVO Description: The issue occurs when parsing a specifically malformed NDP packet sent from the local area network to a device running Juniper Networks Junos OS Evolved, causing the...

6.5CVSS6.3AI score0.00509EPSS
Exploits0References2
OSV
OSV
added 2020/07/17 7:15 p.m.6 views

CVE-2020-1644

On Juniper Networks Junos OS and Junos OS Evolved devices, the receipt of a specific BGP UPDATE packet causes an internal counter to be incremented incorrectly, which over time can lead to the routing protocols process RPD crash and restart. This issue affects both IBGP and EBGP multihop deployme...

7.5CVSS7.1AI score0.01276EPSS
Exploits0References1
Prion
Prion
added 2020/07/17 7:15 p.m.17 views

Code injection

On Juniper Networks Junos OS and Junos OS Evolved devices, the receipt of a specific BGP UPDATE packet causes an internal counter to be incremented incorrectly, which over time can lead to the routing protocols process RPD crash and restart. This issue affects both IBGP and EBGP multihop deployme...

5CVSS7.5AI score0.01276EPSS
Exploits0References1Affected Software2
Prion
Prion
added 2020/07/17 7:15 p.m.19 views

Design/Logic Flaw

On Juniper Networks Junos OS and Junos OS Evolved devices, processing a specific UPDATE for an EBGP peer can lead to a routing process daemon RPD crash and restart. This issue occurs only when the device is receiving and processing the BGP UPDATE for an EBGP peer. This issue does not occur when t...

4.3CVSS7.5AI score0.01014EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2020/07/17 6:40 p.m.23 views

CVE-2020-1648 Junos OS and Junos OS Evolved: RPD crash when processing a specific BGP packet

On Juniper Networks Junos OS and Junos OS Evolved devices, processing a specific BGP packet can lead to a routing process daemon RPD crash and restart. This issue can occur even before the BGP session with the peer is established. Repeated receipt of this specific BGP packet can result in an...

7.5CVSS7.4AI score0.01276EPSS
Exploits0References1
Rows per page
Query Builder