Junos Os Evolved@20.3 Security Vulnerabilities and Issues — Junos Os Evolved@20.3 CVE List

Lucene search

JuniperJunos Os Evolved20.3

14 matches found

CVE•added 2021/07/15 8:15 p.m.•202 views

CVE-2021-0286

A vulnerability in the handling of exceptional conditions in Juniper Networks Junos OS Evolved (EVO) allows an attacker to send specially crafted packets to the device, causing the Advanced Forwarding Toolkit manager (evo-aftmand-bt or evo-aftmand-zx) process to crash and restart, impacting all tra...

7.8CVSS7.5AI score0.00153EPSS

CVE•added 2021/07/15 8:15 p.m.•95 views

CVE-2021-0291

An Exposure of System Data vulnerability in Juniper Networks Junos OS and Junos OS Evolved, where a sensitive system-level resource is not being sufficiently protected, allows a network-based unauthenticated attacker to send specific traffic which partially reaches this resource. A high rate of spe...

6.5CVSS6.2AI score0.00285EPSS

CVE•added 2021/01/15 6:15 p.m.•92 views

CVE-2021-0211

An improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved Routing Protocol Daemon (RPD) service allows an attacker to send a valid BGP FlowSpec message thereby causing an unexpected change in the route advertisements within the BGP FlowSpec domain lea...

10CVSS9.4AI score0.00389EPSS

CVE•added 2021/10/19 7:15 p.m.•66 views

CVE-2021-31363

In an MPLS P2MP environment a Loop with Unreachable Exit Condition vulnerability in the routing protocol daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause high load on RPD which in turn may lead to routing protocol flaps. If a system...

6.5CVSS6.4AI score0.00081EPSS

CVE•added 2021/10/19 7:15 p.m.•65 views

CVE-2021-31350

An Improper Privilege Management vulnerability in the gRPC framework, used by the Juniper Extension Toolkit (JET) API on Juniper Networks Junos OS and Junos OS Evolved, allows a network-based, low-privileged authenticated attacker to perform operations as root, leading to complete compromise of the...

9CVSS8AI score0.00342EPSS

CVE•added 2021/10/19 7:15 p.m.•64 views

CVE-2021-31354

An Out Of Bounds (OOB) access vulnerability in the handling of responses by a Juniper Agile License (JAL) Client in Juniper Networks Junos OS and Junos OS Evolved, configured in Network Mode (to use Juniper Agile License Manager) may allow an attacker to cause a partial Denial of Service (DoS), or ...

8.8CVSS8AI score0.00279EPSS

CVE•added 2021/10/19 7:15 p.m.•59 views

CVE-2021-31383

In Point to MultiPoint (P2MP) scenarios within established sessions between network or adjacent neighbors the improper use of a source to destination copy write operation combined with a Stack-based Buffer Overflow on certain specific packets processed by the routing protocol daemon (RPD) of Junipe...

7.5CVSS7.7AI score0.00463EPSS

CVE•added 2021/07/15 8:15 p.m.•58 views

CVE-2021-0287

In a Segment Routing ISIS (SR-ISIS)/MPLS environment, on Juniper Networks Junos OS and Junos OS Evolved devices, configured with ISIS Flexible Algorithm for Segment Routing and sensor-based statistics, a flap of a ISIS link in the network, can lead to a routing process daemon (RPD) crash and restar...

6.5CVSS6.4AI score0.00076EPSS

CVE•added 2021/10/19 7:15 p.m.•54 views

CVE-2021-0297

A vulnerability in the processing of TCP MD5 authentication in Juniper Networks Junos OS Evolved may allow a BGP or LDP session configured with MD5 authentication to succeed, even if the peer does not have TCP MD5 authentication enabled. This could lead to untrusted or unauthorized sessions being e...

6.5CVSS6.5AI score0.00184EPSS

CVE•added 2021/04/22 8:15 p.m.•51 views

CVE-2021-0264

A vulnerability in the processing of traffic matching a firewall filter containing a syslog action in Juniper Networks Junos OS on MX Series with MPC10/MPC11 cards installed, PTX10003 and PTX10008 Series devices, will cause the line card to crash and restart, creating a Denial of Service (DoS). Con...

7.5CVSS6.4AI score0.00241EPSS

CVE•added 2021/10/19 7:15 p.m.•46 views

CVE-2021-31374

On Juniper Networks Junos OS and Junos OS Evolved devices processing a specially crafted BGP UPDATE or KEEPALIVE message can lead to a routing process daemon (RPD) crash and restart, causing a Denial of Service (DoS). Continued receipt and processing of this message will create a sustained Denial o...

7.5CVSS7.5AI score0.00389EPSS

CVE•added 2021/04/22 8:15 p.m.•43 views

CVE-2021-0259

Due to a vulnerability in DDoS protection in Juniper Networks Junos OS and Junos OS Evolved on QFX5K Series switches in a VXLAN configuration, instability might be experienced in the underlay network as a consequence of exceeding the default ddos-protection aggregate threshold. If an attacker on a ...

7.4CVSS7.2AI score0.00107EPSS

CVE•added 2021/04/22 8:15 p.m.•39 views

CVE-2021-0226

On Juniper Networks Junos OS Evolved devices, receipt of a specific IPv6 packet may cause an established IPv6 BGP session to terminate, creating a Denial of Service (DoS) condition. Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue...

7.5CVSS7.2AI score0.00536EPSS

CVE•added 2021/04/22 8:15 p.m.•31 views

CVE-2021-0225

An Improper Check for Unusual or Exceptional Conditions in Juniper Networks Junos OS Evolved may cause the stateless firewall filter configuration which uses the action 'policer' in certain combinations with other options to not take effect. An administrator can use the following CLI command to see...

5.8CVSS5.8AI score0.00187EPSS