Lucene search

K
JuniperJunos19.3

189 matches found

CVE
CVE
added 2023/10/13 12:15 a.m.52 views

CVE-2023-44183

An Improper Input Validation vulnerability in the VxLAN packet forwarding engine (PFE) of Juniper Networks Junos OS on QFX5000 Series, EX4600 Series devices allows an unauthenticated, adjacent attacker, sending two or more genuine packets in the same VxLAN topology to possibly cause a DMA memory le...

6.5CVSS6.1AI score0.00038EPSS
CVE
CVE
added 2021/04/22 8:15 p.m.51 views

CVE-2021-0264

A vulnerability in the processing of traffic matching a firewall filter containing a syslog action in Juniper Networks Junos OS on MX Series with MPC10/MPC11 cards installed, PTX10003 and PTX10008 Series devices, will cause the line card to crash and restart, creating a Denial of Service (DoS). Con...

7.5CVSS6.4AI score0.00241EPSS
CVE
CVE
added 2021/04/22 8:15 p.m.51 views

CVE-2021-0275

A Cross-site Scripting (XSS) vulnerability in J-Web on Juniper Networks Junos OS allows an attacker to target another user's session thereby gaining access to the users session. The other user session must be active for the attack to succeed. Once successful, the attacker has the same privileges as...

9.3CVSS8.3AI score0.00531EPSS
CVE
CVE
added 2021/10/19 7:15 p.m.51 views

CVE-2021-31371

Juniper Networks Junos OS uses the 128.0.0.0/2 subnet for internal communications between the RE and PFEs. It was discovered that packets utilizing these IP addresses may egress an QFX5000 Series switch, leaking configuration information such as heartbeats, kernel versions, etc. out to the Internet...

5.3CVSS5.1AI score0.00215EPSS
CVE
CVE
added 2021/10/19 7:15 p.m.51 views

CVE-2021-31379

An Incorrect Behavior Order vulnerability in the MAP-E automatic tunneling mechanism of Juniper Networks Junos OS allows an attacker to send certain malformed IPv4 or IPv6 packets to cause a Denial of Service (DoS) to the PFE on the device which is disabled as a result of the processing of these pa...

7.5CVSS7.7AI score0.00345EPSS
CVE
CVE
added 2023/01/13 12:15 a.m.51 views

CVE-2023-22396

An Uncontrolled Resource Consumption vulnerability in TCP processing on the Routing Engine (RE) of Juniper Networks Junos OS allows an unauthenticated network-based attacker to send crafted TCP packets destined to the device, resulting in an MBUF leak that ultimately leads to a Denial of Service (D...

7.5CVSS7.5AI score0.00036EPSS
CVE
CVE
added 2021/07/15 8:15 p.m.50 views

CVE-2021-0278

An Improper Input Validation vulnerability in J-Web of Juniper Networks Junos OS allows a locally authenticated attacker to escalate their privileges to root over the target device. junos:18.3R3-S5 junos:18.4R3-S9 junos:19.1R3-S6 junos:19.3R2-S6 junos:19.3R3-S3 junos:19.4R1-S4 junos:19.4R3-S4 junos...

8.8CVSS8AI score0.00167EPSS
CVE
CVE
added 2022/01/19 1:15 a.m.50 views

CVE-2022-22157

A traffic classification vulnerability in Juniper Networks Junos OS on the SRX Series Services Gateways may allow an attacker to bypass Juniper Deep Packet Inspection (JDPI) rules and access unauthorized networks or resources, when 'no-syn-check' is enabled on the device. JDPI incorrectly classifie...

9.3CVSS8.3AI score0.00241EPSS
CVE
CVE
added 2022/10/18 3:15 a.m.50 views

CVE-2022-22244

An XPath Injection vulnerability in the J-Web component of Juniper Networks Junos OS allows an unauthenticated attacker sending a crafted POST to reach the XPath channel, which may allow chaining to other unspecified vulnerabilities, leading to a partial loss of confidentiality. This issue affects ...

5.3CVSS5.7AI score0.00858EPSS
CVE
CVE
added 2022/10/18 3:15 a.m.50 views

CVE-2022-22250

An Improper Control of a Resource Through its Lifetime vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS and Junos OS Evolved allows unauthenticated adjacent attacker to cause a Denial of Service (DoS). In an EVPN-MPLS scenario, if MAC is learned locally on an access inte...

6.5CVSS6.6AI score0.00084EPSS
CVE
CVE
added 2023/04/17 10:15 p.m.50 views

CVE-2023-28972

An Improper Link Resolution Before File Access vulnerability in console port access of Juniper Networks Junos OS on NFX Series allows an attacker to bypass console access controls. When "set system ports console insecure" is enabled, root login is disallowed for Junos OS as expected. However, the r...

6.8CVSS6.7AI score0.00043EPSS
CVE
CVE
added 2023/07/14 7:15 p.m.50 views

CVE-2023-36850

An Improper Validation of Specified Index, Position, or Offset in Input vulnerability in the Connectivity Fault Management(CFM) module of Juniper Networks Junos OS on MX Series(except MPC10, MPC11 and LC9600) allows an adjacent attacker on the local broadcast domain to cause a Denial of Service(DoS...

6.5CVSS6.3AI score0.0006EPSS
CVE
CVE
added 2021/04/22 8:15 p.m.49 views

CVE-2021-0214

A vulnerability in the distributed or centralized periodic packet management daemon (PPMD) of Juniper Networks Junos OS may cause receipt of a malformed packet to crash and restart the PPMD process, leading to network destabilization, service interruption, and a Denial of Service (DoS) condition. C...

6.5CVSS6.5AI score0.00031EPSS
CVE
CVE
added 2021/04/22 8:15 p.m.49 views

CVE-2021-0216

A vulnerability in Juniper Networks Junos OS running on the ACX5448 and ACX710 platforms may cause BFD sessions to flap when a high rate of transit ARP packets are received. This, in turn, may impact routing protocols and network stability, leading to a Denial of Service (DoS) condition. When a hig...

6.5CVSS6.5AI score0.00081EPSS
CVE
CVE
added 2021/04/22 8:15 p.m.49 views

CVE-2021-0268

An Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') weakness in J-web of Juniper Networks Junos OS leads to buffer overflows, segment faults, or other impacts, which allows an attacker to modify the integrity of the device and exfiltration information from the d...

9.3CVSS8.8AI score0.00268EPSS
CVE
CVE
added 2022/10/18 3:15 a.m.49 views

CVE-2022-22224

An Improper Check or Handling of Exceptional Conditions vulnerability in the processing of a malformed OSPF TLV in Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause the periodic packet management daemon (PPMD) process to go into an infinite loop, wh...

6.5CVSS6.5AI score0.0009EPSS
CVE
CVE
added 2023/01/13 12:15 a.m.49 views

CVE-2023-22407

An Incomplete Cleanup vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS). An rpd crash can occur when an MPLS TE tunnel configuration change occurs on a directly connect...

6.5CVSS6.4AI score0.00119EPSS
CVE
CVE
added 2020/07/17 7:15 p.m.48 views

CVE-2020-1647

On Juniper Networks SRX Series with ICAP (Internet Content Adaptation Protocol) redirect service enabled, a double free vulnerability can lead to a Denial of Service (DoS) or Remote Code Execution (RCE) due to processing of a specific HTTP message. Continued processing of this specific HTTP message...

9.8CVSS9.7AI score0.01994EPSS
CVE
CVE
added 2021/07/15 8:15 p.m.48 views

CVE-2021-0295

A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) of Juniper Networks Junos OS on the QFX10K Series switches allows an attacker to trigger a packet forwarding loop, leading to a partial Denial of Service (DoS). The issue is caused by DVMRP packets looping on a multi-homed Et...

6.1CVSS6AI score0.00106EPSS
CVE
CVE
added 2022/01/19 1:15 a.m.48 views

CVE-2022-22160

An Unchecked Error Condition vulnerability in the subscriber management daemon (smgd) of Juniper Networks Junos OS allows an unauthenticated adjacent attacker to cause a crash of and thereby a Denial of Service (DoS). In a subscriber management / broadband edge environment if a single session group...

6.5CVSS6.5AI score0.00195EPSS
CVE
CVE
added 2022/07/20 3:15 p.m.48 views

CVE-2022-22202

An Improper Handling of Exceptional Conditions vulnerability on specific PTX Series devices, including the PTX1000, PTX3000 (NextGen), PTX5000, PTX10002-60C, PTX10008, and PTX10016 Series, in Juniper Networks Junos OS allows an unauthenticated MPLS-based attacker to cause a Denial of Service (DoS) ...

6.5CVSS6.6AI score0.00258EPSS
CVE
CVE
added 2022/10/18 3:15 a.m.48 views

CVE-2022-22223

On QFX10000 Series devices using Juniper Networks Junos OS when configured as transit IP/MPLS penultimate hop popping (PHP) nodes with link aggregation group (LAG) interfaces, an Improper Validation of Specified Index, Position, or Offset in Input weakness allows an attacker sending certain IP pack...

7.5CVSS7.2AI score0.00181EPSS
CVE
CVE
added 2022/10/18 3:15 a.m.48 views

CVE-2022-22234

An Improper Preservation of Consistency Between Independent Representations of Shared State vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). If the device is very busy for...

5.5CVSS5.3AI score0.00066EPSS
CVE
CVE
added 2023/04/17 10:15 p.m.48 views

CVE-2023-28976

An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). If specific traffic is received on MX Series and its rate excee...

7.5CVSS7.5AI score0.00187EPSS
CVE
CVE
added 2020/04/08 8:15 p.m.47 views

CVE-2020-1615

The factory configuration for vMX installations, as shipped, includes default credentials for the root account. Without proper modification of these default credentials by the administrator, an attacker could exploit these credentials and access the vMX instance without authorization. This issue af...

10CVSS9.6AI score0.0047EPSS
CVE
CVE
added 2021/04/22 8:15 p.m.47 views

CVE-2021-0242

A vulnerability due to the improper handling of direct memory access (DMA) buffers on EX4300 switches on Juniper Networks Junos OS allows an attacker sending specific unicast frames to trigger a Denial of Service (DoS) condition by exhausting DMA buffers, causing the FPC to crash and the device to ...

6.5CVSS6.6AI score0.00076EPSS
CVE
CVE
added 2021/10/19 7:15 p.m.47 views

CVE-2021-31373

A persistent Cross-Site Scripting (XSS) vulnerability in Juniper Networks Junos OS on SRX Series, J-Web interface may allow a remote authenticated user to inject persistent and malicious scripts. An attacker can exploit this vulnerability to steal sensitive data and credentials from a web administr...

8CVSS5.6AI score0.0028EPSS
CVE
CVE
added 2021/10/19 7:15 p.m.47 views

CVE-2021-31375

An Improper Input Validation vulnerability in routing process daemon (RPD) of Juniper Networks Junos OS devices configured with BGP origin validation using Resource Public Key Infrastructure (RPKI), allows an attacker to send a specific BGP update which may cause RPKI policy-checks to be bypassed. ...

7.2CVSS5.9AI score0.00207EPSS
CVE
CVE
added 2022/10/18 3:15 a.m.47 views

CVE-2022-22230

An Improper Input Validation vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent unauthenticated attacker to cause DoS (Denial of Service). If another router generates more than one specific valid OSPFv3 LSA then rpd will crash whi...

6.5CVSS6.5AI score0.00046EPSS
CVE
CVE
added 2020/07/17 7:15 p.m.46 views

CVE-2020-1644

On Juniper Networks Junos OS and Junos OS Evolved devices, the receipt of a specific BGP UPDATE packet causes an internal counter to be incremented incorrectly, which over time can lead to the routing protocols process (RPD) crash and restart. This issue affects both IBGP and EBGP multihop deployme...

7.5CVSS7.4AI score0.00389EPSS
CVE
CVE
added 2021/04/22 8:15 p.m.46 views

CVE-2021-0273

An always-incorrect control flow implementation in the implicit filter terms of Juniper Networks Junos OS and Junos OS Evolved on ACX5800, EX9200 Series, MX10000 Series, MX240, MX480, MX960 devices with affected Trio line cards allows an attacker to exploit an interdependency in the PFE UCODE micro...

5.3CVSS5.3AI score0.00268EPSS
CVE
CVE
added 2021/10/19 7:15 p.m.46 views

CVE-2021-31372

An Improper Input Validation vulnerability in J-Web of Juniper Networks Junos OS allows a locally authenticated J-Web attacker to escalate their privileges to root over the target device. This issue affects: Juniper Networks Junos OS All versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R3-S9...

9CVSS8.7AI score0.00521EPSS
CVE
CVE
added 2021/10/19 7:15 p.m.46 views

CVE-2021-31374

On Juniper Networks Junos OS and Junos OS Evolved devices processing a specially crafted BGP UPDATE or KEEPALIVE message can lead to a routing process daemon (RPD) crash and restart, causing a Denial of Service (DoS). Continued receipt and processing of this message will create a sustained Denial o...

7.5CVSS7.5AI score0.00389EPSS
CVE
CVE
added 2022/10/18 3:15 a.m.46 views

CVE-2022-22238

An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). When an incoming RESV message corresponding to a protected LS...

6.5CVSS5.8AI score0.0009EPSS
CVE
CVE
added 2023/04/17 10:15 p.m.46 views

CVE-2023-28979

An Improper Check for Unusual or Exceptional Conditions vulnerability in the kernel of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to bypass an integrity check. In a 6PE scenario and if an additional integrity check is configured, it will fail to drop specific malformed IP...

4.7CVSS4.8AI score0.00019EPSS
CVE
CVE
added 2020/07/17 7:15 p.m.45 views

CVE-2020-1649

When a device running Juniper Networks Junos OS with MPC7, MPC8, or MPC9 line cards installed and the system is configured for inline IP reassembly, used by L2TP, MAP-E, GRE, and IPIP, the packet forwarding engine (PFE) will become disabled upon receipt of small fragments requiring reassembly, gene...

7.5CVSS7.5AI score0.00408EPSS
CVE
CVE
added 2021/04/22 8:15 p.m.45 views

CVE-2021-0243

Improper Handling of Unexpected Data in the firewall policer of Juniper Networks Junos OS on EX4300 switches allows matching traffic to exceed set policer limits, possibly leading to a limited Denial of Service (DoS) condition. When the firewall policer discard action fails on a Layer 2 port, it wi...

4.7CVSS4.8AI score0.00078EPSS
CVE
CVE
added 2021/10/19 7:15 p.m.45 views

CVE-2021-31365

An Uncontrolled Resource Consumption vulnerability in Juniper Networks Junos OS on EX2300, EX3400 and EX4300 Series platforms allows an adjacent attacker sending a stream of layer 2 frames will trigger an Aggregated Ethernet (AE) interface to go down and thereby causing a Denial of Service (DoS). B...

6.5CVSS6.3AI score0.00081EPSS
CVE
CVE
added 2021/10/19 7:15 p.m.45 views

CVE-2021-31367

A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on PTX Series allows an adjacent attacker to cause a Denial of Service (DoS) by sending genuine BGP flowspec packets which cause an FPC heap memory leak. Once having...

6.5CVSS6.4AI score0.00081EPSS
CVE
CVE
added 2020/07/17 7:15 p.m.44 views

CVE-2020-1655

When a device running Juniper Networks Junos OS with MPC7, MPC8, or MPC9 line cards installed and the system is configured for inline IP reassembly, used by L2TP, MAP-E, GRE, and IPIP, the packet forwarding engine (PFE) will become disabled upon receipt of large packets requiring fragmentation, gen...

5.3CVSS5.2AI score0.00328EPSS
CVE
CVE
added 2021/04/22 8:15 p.m.44 views

CVE-2021-0251

A NULL Pointer Dereference vulnerability in the Captive Portal Content Delivery (CPCD) services daemon (cpcd) of Juniper Networks Junos OS on MX Series with MS-PIC, MS-SPC3, MS-MIC or MS-MPC allows an attacker to send malformed HTTP packets to the device thereby causing a Denial of Service (DoS), c...

8.6CVSS8.4AI score0.0039EPSS
CVE
CVE
added 2020/04/08 8:15 p.m.43 views

CVE-2020-1628

Juniper Networks Junos OS uses the 128.0.0.0/2 subnet for internal communications between the RE and PFEs. It was discovered that packets utilizing these IP addresses may egress an EX4300 switch, leaking configuration information such as heartbeats, kernel versions, etc. out to the Internet, leadin...

5.3CVSS5.1AI score0.00382EPSS
CVE
CVE
added 2020/04/08 8:15 p.m.43 views

CVE-2020-1638

The FPC (Flexible PIC Concentrator) of Juniper Networks Junos OS and Junos OS Evolved may restart after processing a specific IPv4 packet. Only packets destined to the device itself, successfully reaching the RE through existing edge and control plane filtering, will be able to cause the FPC restar...

7.5CVSS7.4AI score0.00389EPSS
CVE
CVE
added 2021/04/22 8:15 p.m.43 views

CVE-2021-0224

A vulnerability in the handling of internal resources necessary to bring up a large number of Layer 2 broadband remote access subscriber (BRAS) nodes in Juniper Networks Junos OS can cause the Access Node Control Protocol daemon (ANCPD) to crash and restart, leading to a Denial of Service (DoS) con...

6.5CVSS6.4AI score0.00081EPSS
CVE
CVE
added 2021/04/22 8:15 p.m.43 views

CVE-2021-0259

Due to a vulnerability in DDoS protection in Juniper Networks Junos OS and Junos OS Evolved on QFX5K Series switches in a VXLAN configuration, instability might be experienced in the underlay network as a consequence of exceeding the default ddos-protection aggregate threshold. If an attacker on a ...

7.4CVSS7.2AI score0.00107EPSS
CVE
CVE
added 2020/10/16 9:15 p.m.42 views

CVE-2020-1671

On Juniper Networks Junos OS platforms configured as DHCPv6 local server or DHCPv6 Relay Agent, Juniper Networks Dynamic Host Configuration Protocol Daemon (JDHCPD) process might crash with a core dump if a malformed DHCPv6 packet is received, resulting with the restart of the daemon. This issue on...

7.5CVSS7.5AI score0.00389EPSS
CVE
CVE
added 2020/10/16 9:15 p.m.42 views

CVE-2020-1680

On Juniper Networks MX Series with MS-MIC or MS-MPC card configured with NAT64 configuration, receipt of a malformed IPv6 packet may crash the MS-PIC component on MS-MIC or MS-MPC. This issue occurs when a multiservice card is translating the malformed IPv6 packet to IPv4 packet. An unauthenticated...

5.3CVSS5.2AI score0.00299EPSS
CVE
CVE
added 2021/04/22 8:15 p.m.42 views

CVE-2021-0228

An improper check for unusual or exceptional conditions vulnerability in Juniper Networks MX Series platforms with Trio-based MPC (Modular Port Concentrator) deployed in (Ethernet VPN) EVPN-(Virtual Extensible LAN) VXLAN configuration, may allow an attacker sending specific Layer 2 traffic to cause...

6.5CVSS6.5AI score0.00081EPSS
CVE
CVE
added 2021/04/22 8:15 p.m.42 views

CVE-2021-0230

On Juniper Networks SRX Series devices with link aggregation (lag) configured, executing any operation that fetches Aggregated Ethernet (AE) interface statistics, including but not limited to SNMP GET requests, causes a slow kernel memory leak. If all the available memory is consumed, the traffic w...

7.5CVSS7.6AI score0.00389EPSS
CVE
CVE
added 2022/10/18 3:15 a.m.42 views

CVE-2022-22208

A Use After Free vulnerability in the Routing Protocol Daemon (rdp) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker to cause Denial of Service (DoS). When a BGP session flap happens, a Use After Free of a memory location that was assigned to anothe...

5.9CVSS5.8AI score0.00179EPSS
Total number of security vulnerabilities189