Lucene search

K
JuniperJunos21.3

140 matches found

CVE
CVE
added 2023/10/13 12:15 a.m.46 views

CVE-2023-44194

An Incorrect Default Permissions vulnerability in Juniper Networks Junos OS allows an unauthenticated attacker with local access to the device to create a backdoor with root privileges. The issue is caused by improper directory permissions on a certain system directory, allowing an attacker with ac...

8.4CVSS7.8AI score0.00024EPSS
CVE
CVE
added 2024/01/12 1:15 a.m.46 views

CVE-2024-21594

A Heap-based Buffer Overflow vulnerability in the Network Services Daemon (NSD) of Juniper Networks Junos OS allows authenticated, low privileged, local attacker to cause a Denial of Service (DoS). On an SRX 5000 Series device, when executing a specific command repeatedly, memory is corrupted, whic...

5.5CVSS5.5AI score0.00023EPSS
CVE
CVE
added 2024/01/12 1:15 a.m.46 views

CVE-2024-21596

A Heap-based Buffer Overflow vulnerability in the Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network based attacker to cause a Denial of Service (DoS). If an attacker sends a specific BGP UPDATE message to the device, this will cause a...

5.3CVSS5.4AI score0.00075EPSS
CVE
CVE
added 2023/04/17 10:15 p.m.44 views

CVE-2023-1697

An Improper Handling of Missing Values vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause a dcpfe process core and thereby a Denial of Service (DoS). Continued receipt of these specific frames will cause a sustained...

6.5CVSS6.5AI score0.00102EPSS
CVE
CVE
added 2024/01/12 1:15 a.m.44 views

CVE-2023-36842

An Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper DHCP Daemon (jdhcpd) of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause the jdhcpd to consume all the CPU cycles resulting in a Denial of Service (DoS). On Junos OS devices with forward-...

6.5CVSS6.5AI score0.00038EPSS
CVE
CVE
added 2022/10/18 3:15 a.m.43 views

CVE-2022-22236

An Access of Uninitialized Pointer vulnerability in SIP Application Layer Gateway (ALG) of Juniper Networks Junos OS on SRX Series and MX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When specific valid SIP packets are received the PFE will crash and ...

7.5CVSS7.5AI score0.00265EPSS
CVE
CVE
added 2023/01/13 12:15 a.m.43 views

CVE-2023-22409

An Unchecked Input for Loop Condition vulnerability in a NAT library of Juniper Networks Junos OS allows a local authenticated attacker with low privileges to cause a Denial of Service (DoS). When an inconsistent "deterministic NAT" configuration is present on an SRX, or MX with SPC3 and then a spe...

5.5CVSS5.6AI score0.00044EPSS
CVE
CVE
added 2023/04/17 10:15 p.m.43 views

CVE-2023-28980

A Use After Free vulnerability in the routing protocol daemon of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause Denial of Service (DoS). In a rib sharding scenario the rpd process will crash shortly after specific CLI command is i...

5.5CVSS5.4AI score0.00048EPSS
CVE
CVE
added 2023/07/14 5:15 p.m.43 views

CVE-2023-36838

An Out-of-bounds Read vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX Series allows a local, authenticated attacker with low privileges, to cause a Denial of Service (DoS). If a low privileged user executes a specific CLI command, flowd which is responsible f...

5.5CVSS5.5AI score0.00042EPSS
CVE
CVE
added 2023/10/13 12:15 a.m.43 views

CVE-2023-44193

An Improper Release of Memory Before Removing Last Reference vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows a local, low privileged attacker to cause an FPC crash, leading to Denial of Service (DoS). On all Junos MX Series with MPC1 - MPC9, LC480, LC2101, MX1000...

5.5CVSS5.5AI score0.00031EPSS
CVE
CVE
added 2023/10/13 12:15 a.m.42 views

CVE-2023-44184

An Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in the management daemon (mgd) process of Juniper Networks Junos OS and Junos OS Evolved allows a network-based authenticated low-privileged attacker, by executing a specific command via NETCONF, to cause a CPU...

6.5CVSS6.5AI score0.00134EPSS
CVE
CVE
added 2023/10/13 12:15 a.m.42 views

CVE-2023-44191

An Allocation of Resources Without Limits or Throttling vulnerability in Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service (DoS). On all Junos OS QFX5000 Series and EX4000 Series platforms, when a high number of VLANs are configured, a specific D...

7.5CVSS7.4AI score0.00126EPSS
CVE
CVE
added 2023/10/13 12:15 a.m.42 views

CVE-2023-44197

An Out-of-Bounds Write vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). On all Junos OS and Junos OS Evolved devices an rpd crash and restart can occur while pro...

7.5CVSS7.4AI score0.00145EPSS
CVE
CVE
added 2024/01/12 1:15 a.m.42 views

CVE-2024-21585

An Improper Handling of Exceptional Conditions vulnerability in BGP session processing of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker, using specific timing outside the attacker's control, to flap BGP sessions and cause the routing protocol daemon...

5.9CVSS5.8AI score0.0015EPSS
CVE
CVE
added 2024/01/12 1:15 a.m.42 views

CVE-2024-21599

A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS). If an MX Series device receives PTP packets on an MPC3E that doesn't su...

6.5CVSS6.4AI score0.00051EPSS
CVE
CVE
added 2023/04/17 10:15 p.m.41 views

CVE-2023-28962

An Improper Authentication vulnerability in upload-file.php, used by the J-Web component of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to upload arbitrary files to temporary folders on the device. This issue affects Juniper Networks Junos OS: All versions prior to 1...

9.8CVSS7.5AI score0.00239EPSS
CVE
CVE
added 2023/04/17 10:15 p.m.41 views

CVE-2023-28984

A Use After Free vulnerability in the Layer 2 Address Learning Manager (l2alm) of Juniper Networks Junos OS on QFX Series allows an adjacent attacker to cause the Packet Forwarding Engine to crash and restart, leading to a Denial of Service (DoS). The PFE may crash when a lot of MAC learning and ag...

5.3CVSS5.3AI score0.00056EPSS
CVE
CVE
added 2023/07/14 6:15 p.m.41 views

CVE-2023-36840

A Reachable Assertion vulnerability in Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows a locally-based, low-privileged attacker to cause a Denial of Service (DoS). On all Junos OS and Junos OS Evolved, when a specific L2VPN command is run, RPD will crash and r...

5.5CVSS5.5AI score0.00069EPSS
CVE
CVE
added 2023/10/13 12:15 a.m.41 views

CVE-2023-44178

A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos OS allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Repeated actions by the attacker will create a sustained Denial of Service (DoS) condition. This issue affect...

5.5CVSS5.8AI score0.00058EPSS
CVE
CVE
added 2023/04/17 10:15 p.m.40 views

CVE-2023-28967

A Use of Uninitialized Resource vulnerability in the Border Gateway Protocol (BGP) software of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker to send specific genuine BGP packets to a device configured with BGP to cause a Denial of Service (DoS) by c...

7.5CVSS7.5AI score0.00161EPSS
CVE
CVE
added 2023/04/17 10:15 p.m.40 views

CVE-2023-28968

An Improperly Controlled Sequential Memory Allocation vulnerability in the Juniper Networks Deep Packet Inspection-Decoder (JDPI-Decoder) Application Signature component of Junos OS's AppID service on SRX Series devices will stop the JDPI-Decoder from identifying dynamic application traffic, allowi...

5.3CVSS5.4AI score0.00273EPSS
CVE
CVE
added 2023/04/17 10:15 p.m.40 views

CVE-2023-28974

An Improper Check for Unusual or Exceptional Conditions vulnerability in the bbe-smgd of Juniper Networks Junos OS allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). In a Broadband Edge / Subscriber Management scenario on MX Series when a specifically malformed ICMP pa...

7.4CVSS6.6AI score0.00081EPSS
CVE
CVE
added 2023/10/13 12:15 a.m.40 views

CVE-2023-44181

An Improperly Implemented Security Check for Standard vulnerability in storm control of Juniper Networks Junos OS QFX5k devices allows packets to be punted to ARP queue causing a l2 loop resulting in a DDOS violations and DDOS syslog. This issue is triggered when Storm control is enabled and ICMPv6...

7.5CVSS7.5AI score0.00093EPSS
CVE
CVE
added 2024/01/12 1:15 a.m.40 views

CVE-2024-21606

A Double Free vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX Series allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). In a remote access VPN scenario, if a "tcp-encap-profile" is configured and a sequence of specific packet...

7.5CVSS7.5AI score0.00182EPSS
CVE
CVE
added 2023/04/17 10:15 p.m.39 views

CVE-2023-28982

A Missing Release of Memory after Effective Lifetime vulnerability in the routing protocol daemon of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network based attacker to cause a Denial of Service (DoS). In a BGP rib sharding scenario, when an attribute of an active BG...

7.5CVSS7.5AI score0.00233EPSS
CVE
CVE
added 2023/04/17 10:15 p.m.38 views

CVE-2023-28975

An Unexpected Status Code or Return Value vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated attacker with physical access to the device to cause a Denial of Service (DoS). When certain USB devices are connected to a USB port of the routing-engine (RE), the kernel wi...

4.6CVSS4.7AI score0.00102EPSS
CVE
CVE
added 2023/04/17 10:15 p.m.38 views

CVE-2023-28981

An Improper Input Validation vulnerability in the kernel of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). If the receipt of router advertisements is enabled on an interface and a specifically malformed RA packet is re...

6.5CVSS6.5AI score0.0006EPSS
CVE
CVE
added 2023/04/17 10:15 p.m.37 views

CVE-2023-28965

An Improper Check or Handling of Exceptional Conditions within the storm control feature of Juniper Networks Junos OS allows an attacker sending a high rate of traffic to cause a Denial of Service. Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) con...

7.5CVSS6.9AI score0.00186EPSS
CVE
CVE
added 2023/07/14 4:15 p.m.37 views

CVE-2023-36832

An Improper Handling of Exceptional Conditions vulnerability in packet processing of Juniper Networks Junos OS on MX Series allows an unauthenticated network-based attacker to send specific packets to an Aggregated Multiservices (AMS) interface on the device, causing the packet forwarding engine (P...

7.5CVSS7.4AI score0.00197EPSS
CVE
CVE
added 2023/07/14 6:15 p.m.37 views

CVE-2023-36835

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on QFX10000 Series allows a network based attacker to cause a Denial of Service (DoS). If a specific valid IP packet is received and that packet needs to be route...

7.5CVSS7.5AI score0.00186EPSS
CVE
CVE
added 2024/01/12 1:15 a.m.37 views

CVE-2024-21607

An Unsupported Feature in the UI vulnerability in Juniper Networks Junos OS on MX Series and EX9200 Series allows an unauthenticated, network-based attacker to cause partial impact to the integrity of the device. If the "tcp-reset" option is added to the "reject" action in an IPv6 filter which matc...

5.3CVSS5.1AI score0.00044EPSS
CVE
CVE
added 2022/10/18 3:15 a.m.35 views

CVE-2022-22240

An Allocation of Resources Without Limits or Throttling and a Missing Release of Memory after Effective Lifetime vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated low privileged attacker to cause a Denial of Sevice (D...

5.5CVSS5.6AI score0.00051EPSS
CVE
CVE
added 2023/07/14 6:15 p.m.35 views

CVE-2023-36848

An Improper Handling of Undefined Values vulnerability in the periodic packet management daemon (PPMD) of Juniper Networks Junos OS on MX Series(except MPC10, MPC11 and LC9600) allows an unauthenticated adjacent attacker to cause a Denial of Service (DoS). When a malformed CFM packet is received, i...

6.5CVSS6.5AI score0.00081EPSS
CVE
CVE
added 2023/10/13 12:15 a.m.35 views

CVE-2023-44192

An Improper Input Validation vulnerability in the Packet Forwarding Engine of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause memory leak, leading to Denial of Service (DoS). On all Junos OS QFX5000 Series platforms, when pseudo-VTEP (Virtual Tunnel End Point) i...

7.5CVSS7.4AI score0.00145EPSS
CVE
CVE
added 2024/01/12 1:15 a.m.35 views

CVE-2024-21587

An Improper Handling of Exceptional Conditions vulnerability in the broadband edge subscriber management daemon (bbe-smgd) of Juniper Networks Junos OS on MX Series allows an attacker directly connected to the vulnerable system who repeatedly flaps DHCP subscriber sessions to cause a slow memory le...

6.5CVSS6.5AI score0.00051EPSS
CVE
CVE
added 2024/01/12 1:15 a.m.35 views

CVE-2024-21601

A Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in the Flow-processing Daemon (flowd) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (Dos). On SRX Series devices wh...

5.9CVSS5.8AI score0.00234EPSS
CVE
CVE
added 2024/01/12 1:15 a.m.34 views

CVE-2024-21603

An Improper Check for Unusual or Exceptional Conditions vulnerability in the kernel of Juniper Network Junos OS on MX Series allows a network based attacker with low privileges to cause a denial of service. If a scaled configuration for Source class usage (SCU) / destination class usage (DCU) (more...

6.5CVSS6.5AI score0.00096EPSS
CVE
CVE
added 2023/07/14 6:15 p.m.32 views

CVE-2023-36836

A Use of an Uninitialized Resource vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, authenticated attacker with low privileges to cause a Denial of Service (DoS). On all Junos OS and Junos OS Evolved platforms, in a Multicast only ...

4.7CVSS4.8AI score0.00051EPSS
CVE
CVE
added 2024/01/12 1:15 a.m.32 views

CVE-2024-21600

An Improper Neutralization of Equivalent Special Elements vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on PTX Series allows a unauthenticated, adjacent attacker to cause a Denial of Service (DoS). When MPLS packets are meant to be sent to a flexible tunnel interf...

6.5CVSS6.4AI score0.00054EPSS
CVE
CVE
added 2023/04/17 10:15 p.m.30 views

CVE-2023-28963

An Improper Authentication vulnerability in cert-mgmt.php, used by the J-Web component of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to read arbitrary files from temporary folders on the device. This issue affects Juniper Networks Junos OS: All versions prior to 19....

5.3CVSS5.3AI score0.00202EPSS
Total number of security vulnerabilities140