Lucene search

K

67 matches found

CVE
CVE
added 2023/07/14 6:15 p.m.42 views

CVE-2023-36840

A Reachable Assertion vulnerability in Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows a locally-based, low-privileged attacker to cause a Denial of Service (DoS). On all Junos OS and Junos OS Evolved, when a specific L2VPN command is run, RPD will crash and r...

5.5CVSS5.5AI score0.00069EPSS
CVE
CVE
added 2023/10/13 12:15 a.m.42 views

CVE-2023-44178

A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos OS allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Repeated actions by the attacker will create a sustained Denial of Service (DoS) condition. This issue affect...

5.5CVSS5.8AI score0.00058EPSS
CVE
CVE
added 2024/07/10 11:15 p.m.42 views

CVE-2024-39555

An Improper Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an attacker sending a specific malformed BGP update message to cause the session to reset, resulting in a Denial of Service (DoS). Continued rec...

8.7CVSS7.7AI score0.01835EPSS
CVE
CVE
added 2023/10/11 10:15 p.m.41 views

CVE-2023-44189

An Origin Validation vulnerability in MAC address validation of Juniper Networks Junos OS Evolved on PTX10003 Series allows a network-adjacent attacker to bypass MAC address checking, allowing MAC addresses not intended to reach the adjacent LAN to be forwarded to the downstream network. Due to thi...

6.1CVSS5.7AI score0.00006EPSS
CVE
CVE
added 2023/10/11 10:15 p.m.41 views

CVE-2023-44190

An Origin Validation vulnerability in MAC address validation of Juniper Networks Junos OS Evolved on PTX10001, PTX10004, PTX10008, and PTX10016 devices allows a network-adjacent attacker to bypass MAC address checking, allowing MAC addresses not intended to reach the adjacent LAN to be forwarded to...

6.1CVSS5.7AI score0.0001EPSS
CVE
CVE
added 2024/07/10 11:15 p.m.41 views

CVE-2024-39557

An Uncontrolled Resource Consumption vulnerability in the Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a memory leak, eventually exhausting all system memory, leading to a system crash and Denial of Service (DoS)....

7.1CVSS6.6AI score0.00229EPSS
CVE
CVE
added 2023/10/11 9:15 p.m.40 views

CVE-2023-44187

An Exposure of Sensitive Information vulnerability in the 'file copy' command of Junos OS Evolved allows a local, authenticated attacker with shell access to view passwords supplied on the CLI command-line. These credentials can then be used to provide unauthorized access to the remote system. This...

5.9CVSS5.6AI score0.00038EPSS
CVE
CVE
added 2020/04/08 8:15 p.m.39 views

CVE-2020-1622

A local, authenticated user with shell can obtain the hashed values of login passwords and shared secrets via the EvoSharedObjStore. This issue affects all versions of Junos OS Evolved prior to 19.1R1.

5.5CVSS5.4AI score0.00129EPSS
CVE
CVE
added 2020/04/08 8:15 p.m.39 views

CVE-2020-1624

A local, authenticated user with shell can obtain the hashed values of login passwords and shared secrets via raw objmon configuration files. This issue affects all versions of Junos OS Evolved prior to 19.1R1.

5.5CVSS5.4AI score0.00119EPSS
CVE
CVE
added 2023/04/17 10:15 p.m.39 views

CVE-2023-28973

An Improper Authorization vulnerability in the 'sysmanctl' shell command of Juniper Networks Junos OS Evolved allows a local, authenticated attacker to execute administrative commands that could impact the integrity of the system or system availability. Administrative functions such as daemon resta...

7.1CVSS7.2AI score0.00031EPSS
CVE
CVE
added 2020/04/08 8:15 p.m.38 views

CVE-2020-1623

A local, authenticated user with shell can view sensitive configuration information via the ev.ops configuration file. This issue affects all versions of Junos OS Evolved prior to 19.2R1.

5.5CVSS5.2AI score0.00053EPSS
CVE
CVE
added 2023/04/17 10:15 p.m.37 views

CVE-2023-28966

An Incorrect Default Permissions vulnerability in Juniper Networks Junos OS Evolved allows a low-privileged local attacker with shell access to modify existing files or execute commands as root. The issue is caused by improper file and directory permissions on certain system files, allowing an atta...

7.8CVSS7.6AI score0.00027EPSS
CVE
CVE
added 2023/10/13 12:15 a.m.37 views

CVE-2023-44196

An Improper Check for Unusual or Exceptional Conditions in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS Evolved on PTX10003 Series allows an unauthenticated adjacent attacker to cause an impact to the integrity of the system. When specific transit MPLS packets are received by the...

6.5CVSS5.8AI score0.00102EPSS
CVE
CVE
added 2022/10/18 3:15 a.m.36 views

CVE-2022-22240

An Allocation of Resources Without Limits or Throttling and a Missing Release of Memory after Effective Lifetime vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated low privileged attacker to cause a Denial of Sevice (D...

5.5CVSS5.6AI score0.00055EPSS
CVE
CVE
added 2023/04/17 10:15 p.m.33 views

CVE-2023-28978

An Insecure Default Initialization of Resource vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network based attacker to read certain confidential information. In the default configuration it is possible to read confidential information about locally configured (admini...

5.3CVSS5.1AI score0.00277EPSS
CVE
CVE
added 2023/07/14 6:15 p.m.33 views

CVE-2023-36836

A Use of an Uninitialized Resource vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, authenticated attacker with low privileges to cause a Denial of Service (DoS). On all Junos OS and Junos OS Evolved platforms, in a Multicast only ...

4.7CVSS4.8AI score0.00051EPSS
CVE
CVE
added 2024/01/12 1:15 a.m.26 views

CVE-2024-21612

An Improper Handling of Syntactically Invalid Structure vulnerability in Object Flooding Protocol (OFP) service of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). On all Junos OS Evolved platforms, when specific TCP packets are...

7.5CVSS7.4AI score0.00187EPSS
Total number of security vulnerabilities67