CVE-2022-22188

An Uncontrolled Memory Allocation vulnerability leading to a Heap-based Buffer Overflow in the packet forwarding engine PFE of Juniper Networks Junos OS allows a network-based unauthenticated attacker to flood the device with traffic leading to a Denial of Service DoS. The device must be configur...

CVE-2022-22188 Junos OS: QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650 Series: When storm control profiling is enabled and a device is under an active storm, a Heap-based Buffer Overflow in the PFE will cause a device to hang.

An Uncontrolled Memory Allocation vulnerability leading to a Heap-based Buffer Overflow in the packet forwarding engine PFE of Juniper Networks Junos OS allows a network-based unauthenticated attacker to flood the device with traffic leading to a Denial of Service DoS. The device must be configur...

CVE-2021-31371

Juniper Networks Junos OS uses the 128.0.0.0/2 subnet for internal communications between the RE and PFEs. It was discovered that packets utilizing these IP addresses may egress an QFX5000 Series switch, leaking configuration information such as heartbeats, kernel versions, etc. out to the...

CVE-2021-31371

CVE-2021-31371 affects Juniper Networks Junos OS on QFX5110/5120/5200/5210 and QFX5100 with QFX 5e Series image. The issue: internal RE-to-PFE 128.0.0.0/2 traffic may be forwarded to an egress interface, leaking configuration data (eg, heartbeats, kernel versions) to the Internet, across multiple...

Path traversal

A path traversal vulnerability in the Juniper Networks Junos OS device may allow an authenticated J-web user to read files with 'world' readable permission and delete files with 'world' writeable permission. This issue does not affect system files that can be accessed only by root user. This issu...

CVE-2020-1606 Junos OS: Path traversal vulnerability in J-Web

A path traversal vulnerability in the Juniper Networks Junos OS device may allow an authenticated J-web user to read files with 'world' readable permission and delete files with 'world' writeable permission. This issue does not affect system files that can be accessed only by root user. This issu...

Design/Logic Flaw

On EX4600, QFX5100 Series, NFX Series, QFX10K Series, QFX5110, QFX5200 Series, QFX5110, QFX5200, QFX10K Series, vSRX, SRX1500, SRX4000 Series, vSRX, SRX1500, SRX4000, QFX5110, QFX5200, QFX10K Series, when the user uses console management port to authenticate, the credentials used during device...

CVE-2019-0069 Junos OS: vSRX, SRX1500, SRX4K, ACX5K, EX4600, QFX5100, QFX5110, QFX5200, QFX10K and NFX Series: console management port device authentication credentials are logged in clear text

On EX4600, QFX5100 Series, NFX Series, QFX10K Series, QFX5110, QFX5200 Series, QFX5110, QFX5200, QFX10K Series, vSRX, SRX1500, SRX4000 Series, vSRX, SRX1500, SRX4000, QFX5110, QFX5200, QFX10K Series, when the user uses console management port to authenticate, the credentials used during device...

CVE-2018-0045

Receipt of a specific Draft-Rosen MVPN control packet may cause the routing protocol daemon RPD process to crash and restart or may lead to remote code execution. By continuously sending the same specific Draft-Rosen MVPN control packet, an attacker can repeatedly crash the RPD process causing a...

CVE-2018-0061 Junos OS: Denial of service in telnetd

A denial of service vulnerability in the telnetd service on Junos OS allows remote unauthenticated users to cause high CPU usage which may affect system performance. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D81 on SRX Series; 12.3 versions prior to...

CVE-2018-0052 Junos OS: Unauthenticated remote root access possible when RSH service is enabled

If RSH service is enabled on Junos OS and if the PAM authentication is disabled, a remote unauthenticated attacker can obtain root access to the device. RSH service is disabled by default on Junos. There is no documented CLI command to enable this service. However, an undocumented CLI command...

CVE-2018-0060 Junos OS: Invalid IP/mask learned from DHCP server might cause device control daemon (dcd) process crash

An improper input validation weakness in the device control daemon process dcd of Juniper Networks Junos OS allows an attacker to cause a Denial of Service to the dcd process and interfaces and connected clients when the Junos device is requesting an IP address for itself. Junos devices are not...

CVE-2018-0035

QFX5200 and QFX10002 devices that have been shipped with Junos OS 15.1X53-D21, 15.1X53-D30, 15.1X53-D31, 15.1X53-D32, 15.1X53-D33 and 15.1X53-D60 or have been upgraded to these releases using the .bin or .iso images may contain an unintended additional Open Network Install Environment ONIE...

Design/Logic Flaw

QFX5200 and QFX10002 devices that have been shipped with Junos OS 15.1X53-D21, 15.1X53-D30, 15.1X53-D31, 15.1X53-D32, 15.1X53-D33 and 15.1X53-D60 or have been upgraded to these releases using the .bin or .iso images may contain an unintended additional Open Network Install Environment ONIE...

CVE-2018-0035

QFX5200 and QFX10002 devices that have been shipped with Junos OS 15.1X53-D21, 15.1X53-D30, 15.1X53-D31, 15.1X53-D32, 15.1X53-D33 and 15.1X53-D60 or have been upgraded to these releases using the .bin or .iso images may contain an unintended additional Open Network Install Environment ONIE...

Junos OS: QFX5200 and QFX10002: Unintended ONIE partition was shipped with certain Junos OS .bin and .iso images

QFX5200 and QFX10002 devices that have been shipped with Junos OS 15.1X53-D21, 15.1X53-D30, 15.1X53-D31, 15.1X53-D32, 15.1X53-D33 and 15.1X53-D60 or have been upgraded to these releases using the .bin or .iso images may contain an unintended additional Open Network Install Environment ONIE...

CVE-2018-0035

CVE-2018-0035 affects Juniper QFX5200 and QFX10002 devices shipped with Junos OS 15.1X53-D21 through -D60 (and upgrades to these releases) that may include an unintended extra ONIE partition. This partition enables the superuser to reboot into ONIE, wiping the Junos partition and its configuratio...

CVE-2018-0035 Junos OS: QFX5200 and QFX10002: Unintended ONIE partition was shipped with certain Junos OS .bin and .iso images

QFX5200 and QFX10002 devices that have been shipped with Junos OS 15.1X53-D21, 15.1X53-D30, 15.1X53-D31, 15.1X53-D32, 15.1X53-D33 and 15.1X53-D60 or have been upgraded to these releases using the .bin or .iso images may contain an unintended additional Open Network Install Environment ONIE...

CVE-2017-2341

An insufficient authentication vulnerability on platforms where Junos OS instances are run in a virtualized environment, may allow unprivileged users on the Junos OS instance to gain access to the host operating environment, and thus escalate privileges. Affected releases are Juniper Networks Jun...

Authentication flaw

An insufficient authentication vulnerability on platforms where Junos OS instances are run in a virtualized environment, may allow unprivileged users on the Junos OS instance to gain access to the host operating environment, and thus escalate privileges. Affected releases are Juniper Networks Jun...