Lucene search

K
JuniperJunos18.3

190 matches found

CVE
CVE
added 2021/10/19 7:15 p.m.60 views

CVE-2021-31361

An Improper Check for Unusual or Exceptional Conditions vulnerability combined with Improper Handling of Exceptional Conditions in Juniper Networks Junos OS on QFX Series and PTX Series allows an unauthenticated network based attacker to cause increased FPC CPU utilization by sending specific IP pa...

5.3CVSS5.2AI score0.00458EPSS
CVE
CVE
added 2022/01/19 1:15 a.m.60 views

CVE-2022-22174

A vulnerability in the processing of inbound IPv6 packets in Juniper Networks Junos OS on QFX5000 Series and EX4600 switches may cause the memory to not be freed, leading to a packet DMA memory leak, and eventual Denial of Service (DoS) condition. Once the condition occurs, further packet processin...

7.5CVSS7.7AI score0.00389EPSS
CVE
CVE
added 2021/04/22 8:15 p.m.59 views

CVE-2021-0252

NFX Series devices using Juniper Networks Junos OS are susceptible to a local code execution vulnerability thereby allowing an attacker to elevate their privileges via the Junos Device Management Daemon (JDMD) process. This issue affects Juniper Networks Junos OS on NFX Series: 18.1 version 18.1R1 ...

7.8CVSS7.8AI score0.00165EPSS
CVE
CVE
added 2019/10/09 8:15 p.m.58 views

CVE-2019-0056

This issue only affects devices with three (3) or more MPC10's installed in a single chassis with OSPF enabled and configured on the device. An Insufficient Resource Pool weakness allows an attacker to cause the device's Open Shortest Path First (OSPF) states to transition to Down, resulting in a D...

7.5CVSS7.5AI score0.00389EPSS
CVE
CVE
added 2019/10/09 8:15 p.m.58 views

CVE-2019-0065

On MX Series, when the SIP ALG is enabled, receipt of a certain malformed SIP packet may crash the MS-PIC component on MS-MIC or MS-MPC. By continuously sending a crafted SIP packet, an attacker can repeatedly bring down MS-PIC on MS-MIC/MS-MPC causing a sustained Denial of Service. This issue affe...

7.5CVSS6.1AI score0.00277EPSS
CVE
CVE
added 2019/10/09 8:15 p.m.58 views

CVE-2019-0068

The SRX flowd process, responsible for packet forwarding, may crash and restart when processing specific multicast packets. By continuously sending the specific multicast packets, an attacker can repeatedly crash the flowd process causing a sustained Denial of Service. This issue affects Juniper Ne...

7.5CVSS7AI score0.00277EPSS
CVE
CVE
added 2020/01/15 9:15 a.m.58 views

CVE-2020-1606

A path traversal vulnerability in the Juniper Networks Junos OS device may allow an authenticated J-web user to read files with 'world' readable permission and delete files with 'world' writeable permission. This issue does not affect system files that can be accessed only by root user. This issue ...

8.1CVSS6.5AI score0.00319EPSS
CVE
CVE
added 2021/10/19 7:15 p.m.58 views

CVE-2021-31369

On MX Series platforms with MS-MPC/MS-MIC, an Allocation of Resources Without Limits or Throttling vulnerability in Juniper Networks Junos OS allows an unauthenticated network attacker to cause a partial Denial of Service (DoS) with a high rate of specific traffic. If a Class of Service (CoS) rule ...

5.3CVSS5.1AI score0.00268EPSS
CVE
CVE
added 2022/01/19 1:15 a.m.58 views

CVE-2022-22154

In a Junos Fusion scenario an External Control of Critical State Data vulnerability in the Satellite Device (SD) control state machine of Juniper Networks Junos OS allows an attacker who is able to make physical changes to the cabling of the device to cause a denial of service (DoS). An SD can get ...

6.8CVSS6.4AI score0.00049EPSS
CVE
CVE
added 2022/01/19 1:15 a.m.58 views

CVE-2022-22173

A Missing Release of Memory after Effective Lifetime vulnerability in the Public Key Infrastructure daemon (pkid) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause Denial of Service (DoS). In a scenario where Public Key Infrastructure (PKI) is used in combination wi...

7.5CVSS7.5AI score0.00285EPSS
CVE
CVE
added 2022/07/20 3:15 p.m.58 views

CVE-2022-22214

An Improper Input Validation vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent attacker to cause a PFE crash and thereby a Denial of Service (DoS). An FPC will crash and reboot after receiving a specific transit IPv6 packet over...

6.5CVSS6.3AI score0.00067EPSS
CVE
CVE
added 2021/07/15 8:15 p.m.57 views

CVE-2021-0285

An uncontrolled resource consumption vulnerability in Juniper Networks Junos OS on QFX5000 Series and EX4600 Series switches allows an attacker sending large amounts of legitimate traffic destined to the device to cause Interchassis Control Protocol (ICCP) interruptions, leading to an unstable cont...

7.5CVSS7.3AI score0.00389EPSS
CVE
CVE
added 2021/10/19 7:15 p.m.57 views

CVE-2021-31359

A local privilege escalation vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged user to cause the Juniper DHCP daemon (jdhcpd) process to crash, resulting in a Denial of Service (DoS), or execute arbitrary commands as root. Continued processing of malicio...

7.8CVSS8.1AI score0.00085EPSS
CVE
CVE
added 2021/10/19 7:15 p.m.57 views

CVE-2021-31385

An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in J-Web of Juniper Networks Junos OS allows any low-privileged authenticated attacker to elevate their privileges to root. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S1...

8.8CVSS8.6AI score0.00709EPSS
CVE
CVE
added 2022/07/20 3:15 p.m.57 views

CVE-2022-22216

An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the PFE of Juniper Networks Junos OS on PTX Series and QFX10k Series allows an adjacent unauthenticated attacker to gain access to sensitive information. PTX1000 and PTX10000 Series, and QFX10000 Series and PTX5000 Serie...

4.3CVSS5AI score0.03606EPSS
CVE
CVE
added 2021/07/15 8:15 p.m.56 views

CVE-2021-0282

On Juniper Networks Junos OS devices with Multipath or add-path feature enabled, processing a specific BGP UPDATE can lead to a routing process daemon (RPD) crash and restart, causing a Denial of Service (DoS). Continued receipt and processing of this UPDATE message will create a sustained Denial o...

7.5CVSS7.5AI score0.00367EPSS
CVE
CVE
added 2020/04/09 11:15 p.m.55 views

CVE-2020-1633

Due to a new NDP proxy feature for EVPN leaf nodes introduced in Junos OS 17.4, crafted NDPv6 packets could transit a Junos device configured as a Broadband Network Gateway (BNG) and reach the EVPN leaf node, causing a stale MAC address entry. This could cause legitimate traffic to be discarded, le...

7.4CVSS6.6AI score0.00107EPSS
CVE
CVE
added 2020/10/16 9:15 p.m.55 views

CVE-2020-1660

When DNS filtering is enabled on Juniper Networks Junos MX Series with one of the following cards MS-PIC, MS-MIC or MS-MPC, an incoming stream of packets processed by the Multiservices PIC Management Daemon (mspmand) process, responsible for managing "URL Filtering service", may crash, causing the ...

9.9CVSS9AI score0.00287EPSS
CVE
CVE
added 2021/04/22 8:15 p.m.55 views

CVE-2021-0258

A vulnerability in the forwarding of transit TCPv6 packets received on the Ethernet management interface of Juniper Networks Junos OS allows an attacker to trigger a kernel panic, leading to a Denial of Service (DoS). Continued receipt and processing of these transit packets will create a sustained...

7.1CVSS5.5AI score0.00202EPSS
CVE
CVE
added 2021/07/15 8:15 p.m.55 views

CVE-2021-0280

Due to an Improper Initialization vulnerability in Juniper Networks Junos OS on PTX platforms and QFX10K Series with Paradise (PE) chipset-based line cards, ddos-protection configuration changes made from the CLI will not take effect as expected beyond the default DDoS (Distributed Denial of Servic...

7.5CVSS7.4AI score0.00389EPSS
CVE
CVE
added 2021/10/19 7:15 p.m.55 views

CVE-2021-31377

An Incorrect Permission Assignment for Critical Resource vulnerability of a certain file in the filesystem of Junos OS allows a local authenticated attacker to cause routing process daemon (RPD) to crash and restart, causing a Denial of Service (DoS). Repeated actions by the attacker will create a ...

5.5CVSS5.3AI score0.00034EPSS
CVE
CVE
added 2022/01/19 1:15 a.m.55 views

CVE-2022-22162

A Generation of Error Message Containing Sensitive Information vulnerability in the CLI of Juniper Networks Junos OS allows a locally authenticated attacker with low privileges to elevate these to the level of any other user logged in via J-Web at this time, potential leading to a full compromise o...

7.8CVSS7.2AI score0.00127EPSS
CVE
CVE
added 2019/04/10 8:29 p.m.54 views

CVE-2019-0035

When "set system ports console insecure" is enabled, root login is disallowed for Junos OS as expected. However, the root password can be changed using "set system root-authentication plain-text-password" on systems booted from an OAM (Operations, Administration, and Maintenance) volume, leading to...

7.2CVSS6.7AI score0.00039EPSS
CVE
CVE
added 2020/04/08 8:15 p.m.54 views

CVE-2020-1637

A vulnerability in Juniper Networks SRX Series device configured as a Junos OS Enforcer device may allow a user to access network resources that are not permitted by a UAC policy. This issue might occur when the IP address range configured in the Infranet Controller (IC) is configured as an IP addr...

7.2CVSS6.6AI score0.00186EPSS
CVE
CVE
added 2020/07/17 7:15 p.m.54 views

CVE-2020-1645

When DNS filtering is enabled on Juniper Networks Junos MX Series with one of the following cards MS-PIC, MS-MIC or MS-MPC, an incoming stream of packets processed by the Multiservices PIC Management Daemon (mspmand) process, responsible for managing "URL Filtering service", may crash, causing the ...

8.3CVSS8.3AI score0.0027EPSS
CVE
CVE
added 2020/10/16 9:15 p.m.54 views

CVE-2020-1657

On SRX Series devices, a vulnerability in the key-management-daemon (kmd) daemon of Juniper Networks Junos OS allows an attacker to spoof packets targeted to IPSec peers before a security association (SA) is established thereby causing a failure to set up the IPSec channel. Sustained receipt of the...

7.5CVSS7.5AI score0.00389EPSS
CVE
CVE
added 2021/04/22 8:15 p.m.54 views

CVE-2021-0263

A Data Processing vulnerability in the Multi-Service process (multi-svcs) on the FPC of Juniper Networks Junos OS on the PTX Series routers may lead to the process becoming unresponsive, ultimately affecting traffic forwarding, allowing an attacker to cause a Denial of Service (DoS) condition . The...

5.9CVSS5.8AI score0.00312EPSS
CVE
CVE
added 2021/07/15 8:15 p.m.54 views

CVE-2021-0288

A vulnerability in the processing of specific MPLS packets in Juniper Networks Junos OS on MX Series and EX9200 Series devices with Trio-based MPCs (Modular Port Concentrators) may cause FPC to crash and lead to a Denial of Service (DoS) condition. Continued receipt of this packet will sustain the ...

6.5CVSS6.5AI score0.00081EPSS
CVE
CVE
added 2021/04/22 8:15 p.m.53 views

CVE-2021-0234

Due to an improper Initialization vulnerability on Juniper Networks Junos OS QFX5100-96S devices with QFX 5e Series image installed, ddos-protection configuration changes will not take effect beyond the default DDoS (Distributed Denial of Service) settings when configured from the CLI. The DDoS pro...

5.8CVSS5.8AI score0.00268EPSS
CVE
CVE
added 2021/04/22 8:15 p.m.53 views

CVE-2021-0238

When a MX Series is configured as a Broadband Network Gateway (BNG) based on Layer 2 Tunneling Protocol (L2TP), executing certain CLI command may cause the system to run out of disk space, excessive disk usage may cause other complications. An administrator can use the following CLI command to moni...

5.5CVSS5.5AI score0.00045EPSS
CVE
CVE
added 2021/07/15 8:15 p.m.53 views

CVE-2021-0281

On Juniper Networks Junos OS devices configured with BGP origin validation using Resource Public Key Infrastructure (RPKI) receipt of a specific packet from the RPKI cache server may cause routing process daemon (RPD) to crash and restart, creating a Denial of Service (DoS) condition. Continued rec...

7.5CVSS6.5AI score0.00277EPSS
CVE
CVE
added 2021/10/19 7:15 p.m.53 views

CVE-2021-31364

An Improper Check for Unusual or Exceptional Conditions vulnerability combined with a Race Condition in the flow daemon (flowd) of Juniper Networks Junos OS on SRX300 Series, SRX500 Series, SRX1500, and SRX5000 Series with SPC2 allows an unauthenticated network based attacker sending specific traff...

5.9CVSS6.1AI score0.00224EPSS
CVE
CVE
added 2021/10/19 7:15 p.m.53 views

CVE-2021-31366

An Unchecked Return Value vulnerability in the authd (authentication daemon) of Juniper Networks Junos OS on MX Series configured for subscriber management / BBE allows an adjacent attacker to cause a crash by sending a specific username. This impacts authentication, authorization, and accounting (...

6.5CVSS6.4AI score0.0023EPSS
CVE
CVE
added 2021/10/19 7:15 p.m.53 views

CVE-2021-31370

An Incomplete List of Disallowed Inputs vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on QFX5000 Series and EX4600 Series allows an adjacent unauthenticated attacker which sends a high rate of specific multicast traffic to cause control traffic received from the netwo...

6.5CVSS6.4AI score0.00084EPSS
CVE
CVE
added 2021/10/19 7:15 p.m.53 views

CVE-2021-31378

In broadband environments, including but not limited to Enhanced Subscriber Management, (CHAP, PPP, DHCP, etc.), on Juniper Networks Junos OS devices where RADIUS servers are configured for managing subscriber access and a subscriber is logged in and then requests to logout, the subscriber may be f...

7.5CVSS7AI score0.00275EPSS
CVE
CVE
added 2022/10/18 3:15 a.m.53 views

CVE-2022-22226

In VxLAN scenarios on EX4300-MP, EX4600, QFX5000 Series devices an Uncontrolled Memory Allocation vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated adjacently located attacker sending specific packets to cause a Denial of Service (DoS) condit...

6.5CVSS6.5AI score0.00087EPSS
CVE
CVE
added 2015/03/31 2:59 p.m.52 views

CVE-2014-9708

Embedthis Appweb before 4.6.6 and 5.x before 5.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a Range header with an empty value, as demonstrated by "Range: x=,".

5CVSS8.9AI score0.0451EPSS
CVE
CVE
added 2020/01/15 9:15 a.m.52 views

CVE-2020-1601

Certain types of malformed Path Computation Element Protocol (PCEP) packets when received and processed by a Juniper Networks Junos OS device serving as a Path Computation Client (PCC) in a PCEP environment using Juniper's path computational element protocol daemon (pccd) process allows an attacker...

7.5CVSS6.3AI score0.00405EPSS
CVE
CVE
added 2021/04/22 8:15 p.m.52 views

CVE-2021-0253

NFX Series devices using Juniper Networks Junos OS are susceptible to a local command execution vulnerability thereby allowing an attacker to elevate their privileges via the Junos Device Management Daemon (JDMD) process. This issue affects Juniper Networks Junos OS on NFX Series 17.2 version 17.2R...

7.8CVSS7.7AI score0.00438EPSS
CVE
CVE
added 2021/10/19 7:15 p.m.52 views

CVE-2021-31355

A persistent cross-site scripting (XSS) vulnerability in the captive portal graphical user interface of Juniper Networks Junos OS may allow a remote authenticated user to inject web script or HTML and steal sensitive data and credentials from a web administration session, possibly tricking a follow...

8CVSS5.8AI score0.00329EPSS
CVE
CVE
added 2021/10/19 7:15 p.m.52 views

CVE-2021-31386

A Protection Mechanism Failure vulnerability in the J-Web HTTP service of Juniper Networks Junos OS allows a remote unauthenticated attacker to perform Person-in-the-Middle (PitM) attacks against the device. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S20; 15.1 vers...

5.9CVSS5.4AI score0.00148EPSS
CVE
CVE
added 2022/01/19 1:15 a.m.52 views

CVE-2022-22179

A Improper Validation of Specified Index, Position, or Offset in Input vulnerability in the Juniper DHCP daemon (jdhcpd) of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to cause a crash of jdhcpd and thereby a Denial of Service (DoS). In a scenario where DHCP relay or local...

6.5CVSS6.5AI score0.00063EPSS
CVE
CVE
added 2020/01/15 9:15 a.m.51 views

CVE-2020-1608

Receipt of a specific MPLS or IPv6 packet on the core facing interface of an MX Series device configured for Broadband Edge (BBE) service may trigger a kernel crash (vmcore), causing the device to reboot. The issue is specific to the processing of packets destined to BBE clients connected to MX Ser...

7.8CVSS7.4AI score0.00552EPSS
CVE
CVE
added 2020/04/08 8:15 p.m.51 views

CVE-2020-1618

On Juniper Networks EX and QFX Series, an authentication bypass vulnerability may allow a user connected to the console port to login as root without any password. This issue might only occur in certain scenarios: • At the first reboot after performing device factory reset using the command “reques...

6.9CVSS6.6AI score0.0004EPSS
CVE
CVE
added 2020/10/16 9:15 p.m.51 views

CVE-2020-1665

On Juniper Networks MX Series and EX9200 Series, in a certain condition the IPv6 Distributed Denial of Service (DDoS) protection might not take affect when it reaches the threshold condition. The DDoS protection allows the device to continue to function while it is under DDoS attack, protecting bot...

5.3CVSS5.2AI score0.00233EPSS
CVE
CVE
added 2021/04/22 8:15 p.m.51 views

CVE-2021-0275

A Cross-site Scripting (XSS) vulnerability in J-Web on Juniper Networks Junos OS allows an attacker to target another user's session thereby gaining access to the users session. The other user session must be active for the attack to succeed. Once successful, the attacker has the same privileges as...

9.3CVSS8.3AI score0.00531EPSS
CVE
CVE
added 2021/10/19 7:15 p.m.51 views

CVE-2021-31371

Juniper Networks Junos OS uses the 128.0.0.0/2 subnet for internal communications between the RE and PFEs. It was discovered that packets utilizing these IP addresses may egress an QFX5000 Series switch, leaking configuration information such as heartbeats, kernel versions, etc. out to the Internet...

5.3CVSS5.1AI score0.00215EPSS
CVE
CVE
added 2021/10/19 7:15 p.m.51 views

CVE-2021-31379

An Incorrect Behavior Order vulnerability in the MAP-E automatic tunneling mechanism of Juniper Networks Junos OS allows an attacker to send certain malformed IPv4 or IPv6 packets to cause a Denial of Service (DoS) to the PFE on the device which is disabled as a result of the processing of these pa...

7.5CVSS7.7AI score0.00345EPSS
CVE
CVE
added 2022/01/19 1:15 a.m.51 views

CVE-2022-22153

An Insufficient Algorithmic Complexity combined with an Allocation of Resources Without Limits or Throttling vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX Series and MX Series with SPC3 allows an unauthenticated network attacker to cause latency in transit ...

7.5CVSS7.5AI score0.0039EPSS
CVE
CVE
added 2019/04/10 8:29 p.m.50 views

CVE-2019-0038

Crafted packets destined to the management interface (fxp0) of an SRX340 or SRX345 services gateway may create a denial of service (DoS) condition due to buffer space exhaustion. This issue only affects the SRX340 and SRX345 services gateways. No other products or platforms are affected by this vul...

6.5CVSS6.6AI score0.00062EPSS
Total number of security vulnerabilities190