Junos Os Evolved Security Vulnerabilities and Issues — Junos Os Evolved CVE List

Lucene search

JuniperJunos Os Evolved

14 matches found

CVE•added 2021/10/19 7:15 p.m.•71 views

CVE-2021-31362

A Protection Mechanism Failure vulnerability in RPD (routing protocol daemon) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent unauthenticated attacker to cause established IS-IS adjacencies to go down by sending a spoofed hello PDU leading to a Denial of Service (DoS) condition...

6.5CVSS6.4AI score0.00084EPSS

CVE•added 2021/10/19 7:15 p.m.•66 views

CVE-2021-31363

In an MPLS P2MP environment a Loop with Unreachable Exit Condition vulnerability in the routing protocol daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause high load on RPD which in turn may lead to routing protocol flaps. If a system...

6.5CVSS6.4AI score0.00081EPSS

CVE•added 2021/10/19 7:15 p.m.•65 views

CVE-2021-31350

An Improper Privilege Management vulnerability in the gRPC framework, used by the Juniper Extension Toolkit (JET) API on Juniper Networks Junos OS and Junos OS Evolved, allows a network-based, low-privileged authenticated attacker to perform operations as root, leading to complete compromise of the...

9CVSS8AI score0.00342EPSS

CVE•added 2021/10/19 7:15 p.m.•64 views

CVE-2021-31354

An Out Of Bounds (OOB) access vulnerability in the handling of responses by a Juniper Agile License (JAL) Client in Juniper Networks Junos OS and Junos OS Evolved, configured in Network Mode (to use Juniper Agile License Manager) may allow an attacker to cause a partial Denial of Service (DoS), or ...

8.8CVSS8AI score0.00279EPSS

CVE•added 2021/10/19 7:15 p.m.•62 views

CVE-2021-31360

An improper privilege management vulnerability in the Juniper Networks Junos OS and Junos OS Evolved command-line interpreter (CLI) allows a low-privileged user to overwrite local files as root, possibly leading to a system integrity issue or Denial of Service (DoS). Depending on the files overwrit...

7.1CVSS6.9AI score0.00116EPSS

CVE•added 2021/10/19 7:15 p.m.•59 views

CVE-2021-31383

In Point to MultiPoint (P2MP) scenarios within established sessions between network or adjacent neighbors the improper use of a source to destination copy write operation combined with a Stack-based Buffer Overflow on certain specific packets processed by the routing protocol daemon (RPD) of Junipe...

7.5CVSS7.7AI score0.00463EPSS

CVE•added 2021/10/19 7:15 p.m.•57 views

CVE-2021-31359

A local privilege escalation vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged user to cause the Juniper DHCP daemon (jdhcpd) process to crash, resulting in a Denial of Service (DoS), or execute arbitrary commands as root. Continued processing of malicio...

7.8CVSS8.1AI score0.00085EPSS

CVE•added 2021/10/19 7:15 p.m.•54 views

CVE-2021-0297

A vulnerability in the processing of TCP MD5 authentication in Juniper Networks Junos OS Evolved may allow a BGP or LDP session configured with MD5 authentication to succeed, even if the peer does not have TCP MD5 authentication enabled. This could lead to untrusted or unauthorized sessions being e...

6.5CVSS6.5AI score0.00184EPSS

CVE•added 2021/10/19 7:15 p.m.•53 views

CVE-2021-31353

An Improper Handling of Exceptional Conditions vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an attacker to inject a specific BGP update, causing the routing protocol daemon (RPD) to crash and restart, leading to a Denial of Service (DoS). Continued receipt and processing o...

7.5CVSS7.5AI score0.0041EPSS

CVE•added 2021/10/19 7:15 p.m.•47 views

CVE-2021-31356

A command injection vulnerability in command processing on Juniper Networks Junos OS Evolved allows an attacker with authenticated CLI access to be able to bypass configured access protections to execute arbitrary shell commands within the context of the current user. The vulnerability allows an at...

7.8CVSS8AI score0.00423EPSS

CVE•added 2021/10/19 7:15 p.m.•46 views

CVE-2021-31357

A command injection vulnerability in tcpdump command processing on Juniper Networks Junos OS Evolved allows an attacker with authenticated CLI access to be able to bypass configured access protections to execute arbitrary shell commands within the context of the current user. The vulnerability allo...

7.8CVSS8AI score0.00125EPSS

CVE•added 2021/10/19 7:15 p.m.•46 views

CVE-2021-31374

On Juniper Networks Junos OS and Junos OS Evolved devices processing a specially crafted BGP UPDATE or KEEPALIVE message can lead to a routing process daemon (RPD) crash and restart, causing a Denial of Service (DoS). Continued receipt and processing of this message will create a sustained Denial o...

7.5CVSS7.5AI score0.00389EPSS

CVE•added 2021/10/19 7:15 p.m.•44 views

CVE-2021-0298

A Race Condition in the 'show chassis pic' command in Juniper Networks Junos OS Evolved may allow an attacker to crash the port interface concentrator daemon (picd) process on the FPC, if the command is executed coincident with other system events outside the attacker's control, leading to a Denial...

4.7CVSS4.9AI score0.00033EPSS

CVE•added 2021/10/19 7:15 p.m.•44 views

CVE-2021-31358

A command injection vulnerability in sftp command processing on Juniper Networks Junos OS Evolved allows an attacker with authenticated CLI access to be able to bypass configured access protections to execute arbitrary shell commands within the context of the current user. The vulnerability allows ...

7.8CVSS8AI score0.00125EPSS