Lucene search

K

25 matches found

cve
cve
added 2022/01/19 1:15 a.m.81 views

CVE-2022-22163

An Improper Input Validation vulnerability in the Juniper DHCP daemon (jdhcpd) of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to cause a crash of jdhcpd and thereby a Denial of Service (DoS). If a device is configured as DHCPv6 local server and persistent storage is enable...

7.4CVSS6.6AI score0.00078EPSS
cve
cve
added 2022/01/19 1:15 a.m.77 views

CVE-2022-22159

A vulnerability in the NETISR network queue functionality of Juniper Networks Junos OS kernel allows an attacker to cause a Denial of Service (DoS) by sending crafted genuine packets to a device. During an attack, the routing protocol daemon (rpd) CPU may reach 100% utilization, yet FPC CPUs forwar...

7.5CVSS7.3AI score0.0054EPSS
cve
cve
added 2022/01/19 1:15 a.m.74 views

CVE-2022-22156

An Improper Certificate Validation weakness in the Juniper Networks Junos OS allows an attacker to perform Person-in-the-Middle (PitM) attacks when a system script is fetched from a remote source at a specified HTTPS URL, which may compromise the integrity and confidentiality of the device. The fol...

7.4CVSS6.9AI score0.00116EPSS
cve
cve
added 2022/01/19 1:15 a.m.74 views

CVE-2022-22178

A Stack-based Buffer Overflow vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on MX Series and SRX series allows an unauthenticated networked attacker to cause a flowd crash and thereby a Denial of Service (DoS). Continued receipt of these specific packets will caus...

7.5CVSS7.5AI score0.00463EPSS
cve
cve
added 2022/01/19 1:15 a.m.69 views

CVE-2022-22172

A Missing Release of Memory after Effective Lifetime vulnerability in the Layer-2 control protocols daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause a memory leak. Continued exploitation can lead to memory exhaustion and thereby a...

6.5CVSS6.5AI score0.00081EPSS
cve
cve
added 2022/01/19 1:15 a.m.64 views

CVE-2022-22168

An Improper Validation of Specified Type of Input vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated adjacent attacker to trigger a Missing Release of Memory after Effective Lifetime vulnerability. Continued exploitation of this vulnerability will eventually lead to ...

6.5CVSS6.3AI score0.00076EPSS
cve
cve
added 2022/01/19 1:15 a.m.63 views

CVE-2022-22161

An Uncontrolled Resource Consumption vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated network based attacker to cause 100% CPU load and the device to become unresponsive by sending a flood of traffic to the out-of-band management ethernet port. Continued receipted ...

7.5CVSS7.4AI score0.0098EPSS
cve
cve
added 2022/01/19 1:15 a.m.63 views

CVE-2022-22177

A release of illegal memory vulnerability in the snmpd daemon of Juniper Networks Junos OS, Junos OS Evolved allows an attacker to halt the snmpd daemon causing a sustained Denial of Service (DoS) to the service until it is manually restarted. This issue impacts any version of SNMP – v1,v2, v3 This...

7.5CVSS6.2AI score0.00241EPSS
cve
cve
added 2022/01/19 1:15 a.m.62 views

CVE-2022-22171

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a Denial of Service (DoS) by sending specific packets over VXLAN which cause the PFE to reset. This issue af...

7.5CVSS7.5AI score0.0039EPSS
cve
cve
added 2022/01/19 1:15 a.m.62 views

CVE-2022-22176

An Improper Validation of Syntactic Correctness of Input vulnerability in the Juniper DHCP daemon (jdhcpd) of Juniper Networks Junos OS allows an adjacent unauthenticated attacker sending a malformed DHCP packet to cause a crash of jdhcpd and thereby a Denial of Service (DoS). If option-82 is confi...

7.4CVSS6.7AI score0.00078EPSS
cve
cve
added 2022/01/19 1:15 a.m.61 views

CVE-2022-22166

An Improper Validation of Specified Quantity in Input vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause an rdp crash and thereby a Denial of Service (DoS). If a BGP update message is received over an established BGP...

6.5CVSS6.5AI score0.00195EPSS
cve
cve
added 2022/01/19 1:15 a.m.61 views

CVE-2022-22169

An Improper Initialization vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an attacker who sends specific packets in certain orders and at specific timings to force OSPFv3 to unexpectedly enter graceful-restart (GR helper mode) even though...

5.9CVSS5.7AI score0.00277EPSS
cve
cve
added 2022/01/19 1:15 a.m.60 views

CVE-2022-22170

A Missing Release of Resource after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a Denial of Service (DoS) by sending specific packets over VXLAN which cause heap memory to leak and on exhau...

7.5CVSS7.4AI score0.0039EPSS
cve
cve
added 2022/01/19 1:15 a.m.60 views

CVE-2022-22174

A vulnerability in the processing of inbound IPv6 packets in Juniper Networks Junos OS on QFX5000 Series and EX4600 switches may cause the memory to not be freed, leading to a packet DMA memory leak, and eventual Denial of Service (DoS) condition. Once the condition occurs, further packet processin...

7.5CVSS7.7AI score0.00389EPSS
cve
cve
added 2022/01/19 1:15 a.m.60 views

CVE-2022-22180

An Improper Check for Unusual or Exceptional Conditions vulnerability in the processing of specific IPv6 packets on certain EX Series devices may lead to exhaustion of DMA memory causing a Denial of Service (DoS). Over time, exploitation of this vulnerability may cause traffic to stop being forward...

7.5CVSS7.8AI score0.00389EPSS
cve
cve
added 2022/01/19 1:15 a.m.58 views

CVE-2022-22154

In a Junos Fusion scenario an External Control of Critical State Data vulnerability in the Satellite Device (SD) control state machine of Juniper Networks Junos OS allows an attacker who is able to make physical changes to the cabling of the device to cause a denial of service (DoS). An SD can get ...

6.8CVSS6.4AI score0.00049EPSS
cve
cve
added 2022/01/19 1:15 a.m.58 views

CVE-2022-22155

An Uncontrolled Resource Consumption vulnerability in the handling of IPv6 neighbor state change events in Juniper Networks Junos OS allows an adjacent attacker to cause a memory leak in the Flexible PIC Concentrator (FPC) of an ACX5448 router. The continuous flapping of an IPv6 neighbor with speci...

6.5CVSS6.5AI score0.00196EPSS
cve
cve
added 2022/01/19 1:15 a.m.58 views

CVE-2022-22173

A Missing Release of Memory after Effective Lifetime vulnerability in the Public Key Infrastructure daemon (pkid) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause Denial of Service (DoS). In a scenario where Public Key Infrastructure (PKI) is used in combination wi...

7.5CVSS7.5AI score0.00285EPSS
cve
cve
added 2022/01/19 1:15 a.m.56 views

CVE-2022-22175

An Improper Locking vulnerability in the SIP ALG of Juniper Networks Junos OS on MX Series and SRX Series allows an unauthenticated networked attacker to cause a flowprocessing daemon (flowd) crash and thereby a Denial of Service (DoS). Continued receipt of these specific packets will cause a susta...

7.5CVSS7.5AI score0.00302EPSS
cve
cve
added 2022/01/19 1:15 a.m.55 views

CVE-2022-22162

A Generation of Error Message Containing Sensitive Information vulnerability in the CLI of Juniper Networks Junos OS allows a locally authenticated attacker with low privileges to elevate these to the level of any other user logged in via J-Web at this time, potential leading to a full compromise o...

7.8CVSS7.2AI score0.00127EPSS
cve
cve
added 2022/01/19 1:15 a.m.55 views

CVE-2022-22167

A traffic classification vulnerability in Juniper Networks Junos OS on the SRX Series Services Gateways may allow an attacker to bypass Juniper Deep Packet Inspection (JDPI) rules and access unauthorized networks or resources, when 'no-syn-check' is enabled on the device. While JDPI correctly class...

9.8CVSS8.5AI score0.00255EPSS
cve
cve
added 2022/01/19 1:15 a.m.52 views

CVE-2022-22179

A Improper Validation of Specified Index, Position, or Offset in Input vulnerability in the Juniper DHCP daemon (jdhcpd) of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to cause a crash of jdhcpd and thereby a Denial of Service (DoS). In a scenario where DHCP relay or local...

6.5CVSS6.5AI score0.00063EPSS
cve
cve
added 2022/01/19 1:15 a.m.51 views

CVE-2022-22153

An Insufficient Algorithmic Complexity combined with an Allocation of Resources Without Limits or Throttling vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX Series and MX Series with SPC3 allows an unauthenticated network attacker to cause latency in transit ...

7.5CVSS7.5AI score0.0039EPSS
cve
cve
added 2022/01/19 1:15 a.m.50 views

CVE-2022-22157

A traffic classification vulnerability in Juniper Networks Junos OS on the SRX Series Services Gateways may allow an attacker to bypass Juniper Deep Packet Inspection (JDPI) rules and access unauthorized networks or resources, when 'no-syn-check' is enabled on the device. JDPI incorrectly classifie...

9.3CVSS8.3AI score0.00241EPSS
cve
cve
added 2022/01/19 1:15 a.m.48 views

CVE-2022-22160

An Unchecked Error Condition vulnerability in the subscriber management daemon (smgd) of Juniper Networks Junos OS allows an unauthenticated adjacent attacker to cause a crash of and thereby a Denial of Service (DoS). In a subscriber management / broadband edge environment if a single session group...

6.5CVSS6.5AI score0.00195EPSS