231 matches found
CVE-2023-22413
CVE-2023-22413 affects Juniper Networks Junos OS on MX Series with MS-MPC or MS-MIC, where an IPsec6 tunnel can trigger the Multiservices PIC Management Daemon (mspmand) to core and restart when processing specific IPv4 packets. This causes an FPC crash and impacts traffic while mspmand restarts,...
CVE-2022-22221
CVE-2022-22221 affects Juniper Networks Junos OS on SRX/EX Series via the download manager. The root cause is an Improper Neutralization of Special Elements in the download functionality, enabling a locally authenticated attacker with low privileges to gain full control of the device. Impact is s...
CVE-2024-30382
Juniper Networks Junos OS and Junos OS Evolved are affected by CVE-2024-30382 via an Improper Handling of Exceptional Conditions in the routing protocol daemon (rpd). A network-based, unauthenticated attacker can trigger a specific routing update when CB F (CoS-based forwarding) is configured wit...
CVE-2024-30397
CVE-2024-30397 affects Juniper Networks Junos OS, specifically the pkid daemon responsible for certificate verification. An improper check for unusual or exceptional conditions allows an unauthenticated network attacker to trigger a DoS by causing pkid to consume CPU and become unresponsive, brea...
CVE-2025-21597
CVE-2025-21597 covers an issue in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved. When BGP rib-sharding and update-threading are configured, a remote, unauthenticated, logically adjacent BGP peer can cause rpd to crash and restart via a specific timing of peer...
CVE-2022-22217
CVE-2022-22217 affects Juniper Junos OS on QFX10K Series switches (QFX10002/10008/10016). The root cause is an improper check that allows malformed MLD packets looping on a multi-homed ESI with VXLAN to be forwarded back to the peer, violating split horizon and causing a Denial of Service. Affect...
CVE-2022-22220
The CVE-2022-22220 issue is a TOCTOU race condition in Juniper Junos OS/rpd that can crash the process when a BGP flow route with a redirect IP is received while the next-hop reachability is flapping, enabling a network-based DoS. Affected software includes Junos OS and Junos OS Evolved across li...
CVE-2023-22394
Summary of CVE-2023-22394 — Junos OS SRX/MX SIP ALG memory leak (DoS) The vulnerability arises in Juniper Networks Junos OS when handling SIP calls with SIP ALG enabled, causing a memory leak that can degrade or disrupt SIP call processing and related applications. Affected products include Junos...
CVE-2024-30384
CVE-2024-30384 concerns Juniper Networks Junos OS on the EX4300 Series. The issue is an improper check for unusual or exceptional conditions in the Packet Forwarding Engine (PFE) that lets a locally authenticated user with low privileges trigger a PFE crash by issuing a specific CLI command. The ...
CVE-2024-39561
CVE-2024-39561 affects Juniper Junos OS on SRX4600/SRX5000 Series. The vulnerability stems from an improper check in the flow daemon (flowd) that can allow TCP packets with SYN/FIN or SYN/RST flags to bypass the intended block when no-syn-check and Express Path are enabled, causing such packets t...
CVE-2025-30653
CVE-2025-30653 describes an Expired Pointer Dereference in Juniper Networks Junos OS and Junos OS Evolved RPD (Routing Protocol Daemon). When an MPLS LSP is configured with node-link-protection and transport-class and an LSP flaps, rpd can crash and restart, causing a Denial of Service. Affected ...
CVE-2024-39529
CVE-2024-39529 describes a Use of Externally-Controlled Format String vulnerability in the Packet Forwarding Engine (PFE) of Junos OS on SRX Series, allowing an unauthenticated, network-based attacker to cause a DoS. Affected Junos OS versions include: prior to 21.4R3-S6; 22.2 before 22.2R3-S3; 2...
CVE-2025-30658
CVE-2025-30658 affects Junos OS on SRX Series with Anti-Virus enabled. A memory leak in the Anti-Virus jbufs is triggered by certain HTTP responses, enabling an unauthenticated, network-based attacker to cause a DoS by exhausting jbuf memory and halting transit traffic. Affected versions (per Jun...
CVE-2022-22201
CVE-2022-22201 affects Juniper Networks Junos OS on SRX5000/SRX4000/vSRX with PowerMode IPsec. The Packet Forwarding Engine (PFE) crashes when receiving a malformed ESP packet that matches an established IPsec tunnel, due to improper validation of index/position/offset in input. Impact is Denial ...
CVE-2022-22216
CVE-2022-22216 is a memory-disclosure vulnerability in Juniper Junos OS PFE affecting PTX1000/10000 Series and QFX10000/PTX5000 Series. The root cause is Etherleak: some Ethernet frames are not reliably padded, allowing an adjacent attacker to read fragments of system memory or data from previous...
CVE-2023-22405
CVE-2023-22405 describes a DoS in Juniper Networks Junos OS caused by an improper preservation of consistency between independent representations of shared state in the Packet Forwarding Engine (PFE). When devices run with service-provider/SP style switching and MAC limiting on an Aggregated Ethe...
CVE-2022-22214
CVE-2022-22214 describes an improper input validation in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS and Junos OS Evolved. An adjacent attacker can trigger a specific transit IPv6 packet over MPLS that causes an FPC to crash and reboot, with continued receipt leading to a sust...
CVE-2022-22246
CVE-2022-22246 is a PHP Local File Inclusion vulnerability in the J-Web component of Juniper Networks Junos OS. A low-privileged authenticated attacker could include and execute an untrusted PHP file stored on the server, potentially leading to a complete system compromise when chained with other...
CVE-2024-39511
The CVE-2024-39511 entry concerns Juniper Networks Junos OS: an improper input validation vulnerability in the 802.1X Authentication (dot1x) Daemon. When an operator runs a specific dot1x command, the dot1x daemon may crash, causing a Denial of Service that clears all 802.1x client authentication...
CVE-2024-39543
CVE-2024-39543 affects Juniper Networks Junos OS and Junos OS Evolved. The root cause is a buffer copy without input size validation in the routing protocol daemon (rpd), which allows an unauthenticated adjacent attacker to send crafted RPKI-RTR packets, crashing rpd and causing a DoS. Affected r...
CVE-2022-22218
On SRX Series devices running Junos OS, CVE-2022-22218 describes an improper check during CMPv2 auto re-enrollment that allows a network-based, unauthenticated attacker to trigger a Denial of Service by crashing the pkid process. The issue affects Junos OS on SRX Series across multiple releases (...
CVE-2022-22243
CVE-2022-22243 is an XPath Injection vulnerability in Juniper Networks Junos OS J-Web component. It enables an authenticated attacker to add an XPath command to the XPath stream, potentially chaining to other unspecified vulnerabilities and causing partial loss of confidentiality. Affected softwa...
CVE-2023-22410
The CVE-2023-22410 entry affects Juniper Networks Junos OS on MX Series with MPC10/MPC11 line cards. The issue is a memory leak in AftDdosScfdFlow caused by enabling Suspicious Control Flow Detection (scfd); when attackers send specific traffic, memory is allocated dynamically and not freed, lead...
CVE-2024-21594
CVE-2024-21594 affects Juniper Networks Junos OS on the SRX 5000 Series. It is a heap-based buffer overflow in the Network Services Daemon (NSD) that, when a specific command is repeatedly executed, can corrupt memory and cause a crash of the Flow Processing Daemon (flowd), requiring an NSD resta...
CVE-2024-39515
CVE-2024-39515 affects Juniper Junos OS and Junos OS Evolved when BGP traceoptions are enabled. An unauthenticated network-based attacker can send a specifically malformed BGP packet to cause the routing protocol daemon (rpd) to crash and restart, producing a Denial of Service. Sustained processi...
CVE-2022-22242
CVE-2022-22242 is a reflected Cross-site Scripting (XSS) vulnerability in Juniper Networks Junos OS, specifically in the J-Web component. An unauthenticated attacker can cause malicious scripts to be reflected off J-Web into the victim’s browser within the J-Web session, potentially compromising ...
CVE-2023-22395
CVE-2023-22395 describes a Missing Release of Memory after Effective Lifetime vulnerability in Juniper Networks Junos OS. An unauthenticated, adjacent attacker can cause a Denial of Service by sending specific MPLS-scoped packets to an IRB interface, triggering a buffer (mbuf) leak. Sustained tra...
CVE-2023-36841
CVE-2023-36841 affects Juniper Networks Junos OS on MX Series with PPPoE-configured interfaces (tcp-mss enabled). An unauthenticated network attacker sending malformed TCP traffic can trigger an infinite loop in the Packet Forwarding Engine (PFE), leading to DoS as resources are exhausted and a m...
CVE-2023-44188
CVE-2023-44188 is a TOCTOU race condition in Juniper Networks Junos OS telemetry processing that can cause the jkdsd daemon to crash and trigger DoS when multiple telemetry requests are sent from different collectors. Affected Junos OS versions span 20.4R3-S9 and earlier (various 21.x, 22.x, 23.1...
CVE-2024-30394
CVE-2024-30394 affects Junos OS and Junos OS Evolved. It is a Stack-based Buffer Overflow in the Routing Protocol Daemon (RPD) triggered when EVPN is configured and a specific EVPN type-5 route is learned via BGP, causing an unauthenticated network-based attacker to crash rpd and induce DoS. Affe...
CVE-2024-39516
CVE-2024-39516 is an Out-of-Bounds Read vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved. An unauthenticated network attacker can send a specially malformed BGP packet to cause rpd to crash and restart, producing a DoS. The issue affects iBGP/eB...
CVE-2022-22162
CVE-2022-22162 affects Juniper Networks Junos OS. The issue is a Information Disclosure/Privilege Elevation vulnerability in the CLI where a locally authenticated, low-privilege user can elevate privileges to the highest J-Web user, potentially leading to full device compromise. Affected {Juniper...
CVE-2022-22173
CVE-2022-22173 describes a memory leak in Juniper Networks Junos OS PKI daemon (pkid) when a CRL download fails, causing unauthenticated networked DoS by exhausting memory over time. Affected are Junos OS versions prior to specific revisions across 18.3R3-S6, 18.4 (R2-S9, R3-S10), 19.1 (R2-S3, R3...
CVE-2022-22234
Summary (CVE-2022-22234) An Improper Preservation of Consistency Between Independent Representations of Shared State in the Packet Forwarding Engine (PFE) of Juniper Junos OS can cause a DoS when the device is very busy, e.g., during CLI show commands, potentially marking SFPs as unplugged and af...
CVE-2025-30648
Summary: CVE-2025-30648 affects Juniper Networks Junos OS and Junos OS Evolved. An Improper Input Validation in the Juniper DHCP Daemon (jdhcpd) allows an unauthenticated, adjacent attacker to crash the jdhcpd when it receives a specifically malformed DHCP packet, causing a Denial of Service (DoS...
CVE-2022-22245
CVE-2022-22245 is a path traversal flaw in the J-Web component of Juniper Networks Junos OS that allows an authenticated, remote attacker to upload arbitrary files by bypassing validation, potentially compromising filesystem integrity. Affected versions range up to the listed fixed releases (e.g....
CVE-2023-22392
CVE-2023-22392 describes a memory-leak DoS in Juniper Junos OS PFE caused by missing release of memory after its effective lifetime. Affected devices include PTX3000/PTX5000/QFX10000 and PTX1000/10002/10004/10008/10016 with LC110x LC… FPCs (and LC110x variants) and cover multiple older Junos rele...
CVE-2024-21619
CVE-2024-21619 describes a vulnerability in Juniper Networks Junos OS on SRX and EX series where an unauthenticated attacker can access sensitive configuration information via the J-Web interface. The root cause is a Missing Authentication for a Critical Function combined with a Generation of Err...
CVE-2024-39558
CVE-2024-39558 affects Junos OS and Junos OS Evolved. An Unchecked Return Value in Routing Protocol Daemon (rpd) can be triggered by a specific PIM packet when MoFRR is configured, causing rpd to crash and reboot and leading to DoS. Impact is confirmed on multiple Junos OS/Junos OS Evolved versio...
CVE-2023-22391
CVE-2023-22391 affects Juniper Networks Junos OS on ACX2K Series. The issue is a class-of-service (CoS) queue management flaw that misroutes specific high-priority traffic (BGP, PIM, ICMP/ICMPv6 ND, ISAKMP) into a queue, enabling an unauthenticated network-based attacker to cause a DoS by sustain...
CVE-2023-22406
CVE-2023-22406 affects Juniper Networks Junos OS and Junos OS Evolved. It is a memory-leak/DoS issue in the kernel that manifests when a peer interface flaps in a Segment Routing scenario using OSPF, causing continuous memory growth in rpd and eventual rpd crash. Affected versions include Junos O...
CVE-2023-44203
CVE-2023-44203 affects Juniper Junos OS Packet Forwarding Engine (pfe) on QFX5000 Series and EX2300/EX3400/EX4100/EX4400/EX4600. Affected condition: an IGMP-specific packet in an isolated VLAN can be duplicated to all ports in the primary VLAN, causing packet flooding and a DoS. Affected platform...
CVE-2024-39514
CVE-2024-39514 affects Junos OS and Junos OS Evolved. An attacker—adjacent, unauthenticated—can trigger a crash of the Routing Protocol Daemon (rpd) by sending specific traffic on devices with EVPN-VPWS and IGMP-snooping enabled, causing a DoS. Affected ranges are listed per release: Junos OS ver...
CVE-2024-39528
CVE-2024-39528 — AUse After Free in Juniper Junos OS/Junos OS Evolved Routing Protocol Daemon (rpd) causes a segmentation fault on a specific sequence (routing-instance deactivation + SNMP request), leading to rpd crash and DoS. Affected: Junos OS and Junos OS Evolved. Reported vulnerable version...
CVE-2025-30655
CVE-2025-30655 affects Juniper Networks Junos OS and Junos OS Evolved. The issue is in the Routing Protocol Daemon (rpd) and causes a local, low-privileged attacker to trigger a Denial-of-Service by running the CLI command "show bgp neighbor" when BGP RIB sharding and update-threading are enabled...
CVE-2022-22244
CVE-2022-22244 affects Juniper Networks Junos OS in the J-Web component. An unauthenticated attacker can send a crafted POST to reach the XPath channel, potentially chaining to other vulnerabilities and causing a partial loss of confidentiality. Affected Junos OS versions range broadly from befor...
CVE-2023-44198
CVE-2023-44198 affects Juniper Networks Junos OS SIP ALG on SRX Series and MX Series. The vulnerability stems from an improper check for unusual or exceptional conditions, enabling an unauthenticated, network-based attacker to cause an integrity impact in connected networks. When SIP ALG is enabl...
CVE-2023-44199
CVE-2023-44199 is a vulnerability in Juniper Networks Junos OS on MX Series where an improper check in the Packet Forwarding Engine (PFE) can be triggered by network-based, unauthenticated attackers to cause a Denial of Service via prolonged routing churn when PTP is configured. Affected MX Serie...
CVE-2022-22202
The CVE concerns Juniper Networks Junos OS on PTX Series (including PTX1000, PTX3000 NextGen, PTX5000, PTX10002-60C, PTX10008, PTX10016). It is an improper handling of exceptional conditions that allows an unauthenticated MPLS-based attacker to trigger a DoS by crashing the dcpfe process and rest...
CVE-2022-22224
The CVE-2022-22224 issue affects Juniper Networks Junos OS and Junos OS Evolved, where processing a malformed OSPF TLV can cause the periodic packet management daemon (PPMD) to enter an infinite loop. This unblocks an unauthenticated adjacent attacker to induce a DoS by affecting OSPF neighbor re...