Lucene search

K
JuniperJunos

104 matches found

CVE
CVE
added 2004/08/18 4:0 a.m.748 views

CVE-2004-0230

TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.

5CVSS9.1AI score0.11484EPSS
CVE
CVE
added 2023/08/17 8:15 p.m.390 views

CVE-2023-36844

A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series allows an unauthenticated, network-based attacker to control certain, important environment variables. Using a crafted request an attacker is able to modify certain PHP environment variables leadin...

5.3CVSS7.1AI score0.94297EPSS
CVE
CVE
added 2023/09/27 3:18 p.m.379 views

CVE-2023-36851

A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to webauth_operation.php that doesn't require authentication, an at...

5.3CVSS6.7AI score0.11397EPSS
CVE
CVE
added 2023/08/17 8:15 p.m.294 views

CVE-2023-36846

A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to user.php that doesn't require authentication an attacker is able...

5.3CVSS6.1AI score0.94278EPSS
CVE
CVE
added 2023/08/17 8:15 p.m.283 views

CVE-2023-36847

A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on EX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to installAppPackage.php that doesn't require authentication an atta...

5.3CVSS6.1AI score0.94278EPSS
CVE
CVE
added 2024/04/12 3:15 p.m.94 views

CVE-2024-21610

An Improper Handling of Exceptional Conditions vulnerability in the Class of Service daemon (cosd) of Juniper Networks Junos OS allows an authenticated, network-based attacker with low privileges to cause a limited Denial of Service (DoS). In a scaled CoS scenario with 1000s of interfaces, when spe...

5.3CVSS4.5AI score0.00099EPSS
CVE
CVE
added 2019/07/11 8:15 p.m.90 views

CVE-2019-0048

On EX4300 Series switches with TCAM optimization enabled, incoming multicast traffic matches an implicit loopback filter rule first, since it has high priority. This rule is meant for reserved multicast addresses 224.0.0.x, but incorrectly matches on 224.x.x.x. Due to this bug, when a firewall filt...

5.8CVSS5.7AI score0.00208EPSS
CVE
CVE
added 2023/10/13 12:15 a.m.82 views

CVE-2023-44176

A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos OS allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Repeated actions by the attacker will create a sustained Denial of Service (DoS) condition. This issue affect...

5.5CVSS5.8AI score0.00058EPSS
CVE
CVE
added 2019/10/09 8:15 p.m.72 views

CVE-2019-0074

A path traversal vulnerability in NFX150 Series and QFX10K Series, EX9200 Series, MX Series and PTX Series devices with Next-Generation Routing Engine (NG-RE) allows a local authenticated user to read sensitive system files. This issue only affects NFX150 Series and QFX10K Series, EX9200 Series, MX...

5.5CVSS5.3AI score0.00041EPSS
CVE
CVE
added 2024/04/12 3:15 p.m.71 views

CVE-2024-21615

An Incorrect Default Permissions vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker to access confidential information on the system. On all Junos OS and Junos OS Evolved platforms, when NETCONF traceoptions are configured, and a super-user perfo...

5.1CVSS6.3AI score0.00035EPSS
CVE
CVE
added 2022/04/14 4:15 p.m.70 views

CVE-2022-22193

An Improper Handling of Unexpected Data Type vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). Continued execution of this command might cause a sustain...

5.5CVSS5.5AI score0.00051EPSS
CVE
CVE
added 2022/01/19 1:15 a.m.61 views

CVE-2022-22169

An Improper Initialization vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an attacker who sends specific packets in certain orders and at specific timings to force OSPFv3 to unexpectedly enter graceful-restart (GR helper mode) even though...

5.9CVSS5.7AI score0.00277EPSS
CVE
CVE
added 2022/10/18 3:15 a.m.61 views

CVE-2022-22220

A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Routing Protocol Daemon (rpd) of Juniper Networks Junos OS, Junos OS Evolved allows a network-based unauthenticated attacker to cause a Denial of Service (DoS). When a BGP flow route with redirect IP extended community is received...

5.9CVSS5.7AI score0.00227EPSS
CVE
CVE
added 2013/07/11 2:55 p.m.60 views

CVE-2013-4690

Juniper Junos 10.4 before 10.4S13, 11.4 before 11.4R7-S1, 12.1 before 12.1R5-S3, 12.1X44 before 12.1X44-D20, and 12.1X45 before 12.1X45-D10 on the SRX1400, SRX3400, and SRX3600 does not properly initialize memory locations used during padding of Ethernet packets, which allows remote attackers to ob...

5CVSS4.6AI score0.03606EPSS
CVE
CVE
added 2021/01/15 6:15 p.m.60 views

CVE-2021-0205

When the "Intrusion Detection Service" (IDS) feature is configured on Juniper Networks MX series with a dynamic firewall filter using IPv6 source or destination prefix, it may incorrectly match the prefix as /32, causing the filter to block unexpected traffic. This issue affects only IPv6 prefixes ...

5.8CVSS5.7AI score0.00229EPSS
CVE
CVE
added 2021/07/15 8:15 p.m.60 views

CVE-2021-0293

A vulnerability in Juniper Networks Junos OS caused by Missing Release of Memory after Effective Lifetime leads to a memory leak each time the CLI command 'show system connections extensive' is executed. The amount of memory leaked on each execution depends on the number of TCP connections from and...

5.5CVSS5.5AI score0.00047EPSS
CVE
CVE
added 2021/10/19 7:15 p.m.60 views

CVE-2021-31361

An Improper Check for Unusual or Exceptional Conditions vulnerability combined with Improper Handling of Exceptional Conditions in Juniper Networks Junos OS on QFX Series and PTX Series allows an unauthenticated network based attacker to cause increased FPC CPU utilization by sending specific IP pa...

5.3CVSS5.2AI score0.00458EPSS
CVE
CVE
added 2021/10/19 7:15 p.m.58 views

CVE-2021-31369

On MX Series platforms with MS-MPC/MS-MIC, an Allocation of Resources Without Limits or Throttling vulnerability in Juniper Networks Junos OS allows an unauthenticated network attacker to cause a partial Denial of Service (DoS) with a high rate of specific traffic. If a Class of Service (CoS) rule ...

5.3CVSS5.1AI score0.00268EPSS
CVE
CVE
added 2022/10/18 3:15 a.m.56 views

CVE-2022-22225

A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated attacker with an established BGP session to cause a Denial of Service (DoS). In a BGP multipath scenario, when one of th...

5.9CVSS5.8AI score0.00158EPSS
CVE
CVE
added 2021/10/19 7:15 p.m.55 views

CVE-2021-31377

An Incorrect Permission Assignment for Critical Resource vulnerability of a certain file in the filesystem of Junos OS allows a local authenticated attacker to cause routing process daemon (RPD) to crash and restart, causing a Denial of Service (DoS). Repeated actions by the attacker will create a ...

5.5CVSS5.3AI score0.00034EPSS
CVE
CVE
added 2023/01/13 12:15 a.m.55 views

CVE-2023-22398

An Access of Uninitialized Pointer vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). When an MPLS ping is performed on BGP LSPs, the RPD might crash. Re...

5.5CVSS5.2AI score0.00044EPSS
CVE
CVE
added 2018/01/10 10:29 p.m.54 views

CVE-2018-0009

On Juniper Networks SRX series devices, firewall rules configured to match custom application UUIDs starting with zeros can match all TCP traffic. Due to this issue, traffic that should have been blocked by other rules is permitted to flow through the device resulting in a firewall bypass condition...

5.9CVSS6AI score0.00252EPSS
CVE
CVE
added 2021/04/22 8:15 p.m.54 views

CVE-2021-0263

A Data Processing vulnerability in the Multi-Service process (multi-svcs) on the FPC of Juniper Networks Junos OS on the PTX Series routers may lead to the process becoming unresponsive, ultimately affecting traffic forwarding, allowing an attacker to cause a Denial of Service (DoS) condition . The...

5.9CVSS5.8AI score0.00312EPSS
CVE
CVE
added 2023/10/11 9:15 p.m.54 views

CVE-2023-44188

A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in telemetry processing of Juniper Networks Junos OS allows a network-based authenticated attacker to flood the system with multiple telemetry requests, causing the Junos Kernel Debugging Streaming Daemon (jkdsd) process to crash, le...

5.3CVSS5.1AI score0.00102EPSS
CVE
CVE
added 2016/01/15 7:59 p.m.53 views

CVE-2016-1256

Juniper Junos OS before 12.1X44-D55, 12.1X46 before 12.1X46-D40, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R10, 12.3X48 before 12.3X48-D20, 13.2 before 13.2R8, 13.2X51 before 13.2X51-D40, 13.3 before 13.3R7, 14.1 before 14.1R5, 14.1X53 before 14.1X53-D18 or 14.1X53-D30, 14.1X55 before 14.1X55-D25...

5.3CVSS5.3AI score0.00484EPSS
CVE
CVE
added 2018/04/11 7:29 p.m.53 views

CVE-2018-0019

A vulnerability in Junos OS SNMP MIB-II subagent daemon (mib2d) may allow a remote network based attacker to cause the mib2d process to crash resulting in a denial of service condition (DoS) for the SNMP subsystem. While a mib2d process crash can disrupt the network monitoring via SNMP, it does not...

5.9CVSS5.9AI score0.00337EPSS
CVE
CVE
added 2019/01/15 9:29 p.m.53 views

CVE-2019-0009

On EX2300 and EX3400 series, high disk I/O operations may disrupt the communication between the routing engine (RE) and the packet forwarding engine (PFE). In a virtual chassis (VC) deployment, this issue disrupts communication between the VC members. This issue does not affect other Junos platform...

5.5CVSS5.4AI score0.00051EPSS
CVE
CVE
added 2021/04/22 8:15 p.m.53 views

CVE-2021-0234

Due to an improper Initialization vulnerability on Juniper Networks Junos OS QFX5100-96S devices with QFX 5e Series image installed, ddos-protection configuration changes will not take effect beyond the default DDoS (Distributed Denial of Service) settings when configured from the CLI. The DDoS pro...

5.8CVSS5.8AI score0.00268EPSS
CVE
CVE
added 2021/04/22 8:15 p.m.53 views

CVE-2021-0238

When a MX Series is configured as a Broadband Network Gateway (BNG) based on Layer 2 Tunneling Protocol (L2TP), executing certain CLI command may cause the system to run out of disk space, excessive disk usage may cause other complications. An administrator can use the following CLI command to moni...

5.5CVSS5.5AI score0.00045EPSS
CVE
CVE
added 2021/07/15 8:15 p.m.53 views

CVE-2021-0294

A vulnerability in Juniper Networks Junos OS, which only affects the release 18.4R2-S5, where a function is inconsistently implemented on Juniper Networks Junos QFX5000 Series and EX4600 Series, and if "storm-control enhanced" is configured, can lead to the enhanced storm control filter group not b...

5.3CVSS5.3AI score0.0023EPSS
CVE
CVE
added 2021/10/19 7:15 p.m.53 views

CVE-2021-31364

An Improper Check for Unusual or Exceptional Conditions vulnerability combined with a Race Condition in the flow daemon (flowd) of Juniper Networks Junos OS on SRX300 Series, SRX500 Series, SRX1500, and SRX5000 Series with SPC2 allows an unauthenticated network based attacker sending specific traff...

5.9CVSS6.1AI score0.00224EPSS
CVE
CVE
added 2022/07/20 3:15 p.m.53 views

CVE-2022-22204

An Improper Release of Memory Before Removing Last Reference vulnerability in the Session Initiation Protocol (SIP) Application Layer Gateway (ALG) of Juniper Networks Junos OS allows unauthenticated network-based attacker to cause a partial Denial of Service (DoS). On all MX and SRX platforms, if ...

5.3CVSS5.2AI score0.00148EPSS
CVE
CVE
added 2015/03/31 2:59 p.m.52 views

CVE-2014-9708

Embedthis Appweb before 4.6.6 and 5.x before 5.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a Range header with an empty value, as demonstrated by "Range: x=,".

5CVSS8.9AI score0.0451EPSS
CVE
CVE
added 2021/10/19 7:15 p.m.52 views

CVE-2021-31386

A Protection Mechanism Failure vulnerability in the J-Web HTTP service of Juniper Networks Junos OS allows a remote unauthenticated attacker to perform Person-in-the-Middle (PitM) attacks against the device. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S20; 15.1 vers...

5.9CVSS5.4AI score0.00148EPSS
CVE
CVE
added 2023/10/13 12:15 a.m.52 views

CVE-2023-44201

An Incorrect Permission Assignment for Critical Resource vulnerability in a specific file of Juniper Networks Junos OS and Junos OS Evolved allows a local authenticated attacker to read configuration changes without having the permissions. When a user with the respective permissions commits a confi...

5.5CVSS5.4AI score0.00038EPSS
CVE
CVE
added 2019/01/15 9:29 p.m.51 views

CVE-2019-0005

On EX2300, EX3400, EX4600, QFX3K and QFX5K series, firewall filter configuration cannot perform packet matching on any IPv6 extension headers. This issue may allow IPv6 packets that should have been blocked to be forwarded. IPv4 packet filtering is unaffected by this vulnerability. Affected release...

5.3CVSS5.3AI score0.00209EPSS
CVE
CVE
added 2020/10/16 9:15 p.m.51 views

CVE-2020-1665

On Juniper Networks MX Series and EX9200 Series, in a certain condition the IPv6 Distributed Denial of Service (DDoS) protection might not take affect when it reaches the threshold condition. The DDoS protection allows the device to continue to function while it is under DDoS attack, protecting bot...

5.3CVSS5.2AI score0.00233EPSS
CVE
CVE
added 2021/10/19 7:15 p.m.51 views

CVE-2021-31371

Juniper Networks Junos OS uses the 128.0.0.0/2 subnet for internal communications between the RE and PFEs. It was discovered that packets utilizing these IP addresses may egress an QFX5000 Series switch, leaking configuration information such as heartbeats, kernel versions, etc. out to the Internet...

5.3CVSS5.1AI score0.00215EPSS
CVE
CVE
added 2022/07/20 3:15 p.m.51 views

CVE-2022-22213

A vulnerability in Handling of Undefined Values in the routing protocol daemon (RPD) process of Juniper Networks Junos OS and Junos OS Evolved may allow an unauthenticated network-based attacker to crash the RPD process by sending a specific BGP update while the system is under heavy load, leading ...

5.9CVSS5.8AI score0.00222EPSS
CVE
CVE
added 2005/01/29 5:0 a.m.50 views

CVE-2004-0467

Juniper JUNOS 5.x through JUNOS 7.x allows remote attackers to cause a denial of service (routing disabled) via a large number of MPLS packets, which are not filtered or verified before being sent to the Routing Engine, which reduces the speed at which other packets are processed.

5CVSS6.7AI score0.05783EPSS
CVE
CVE
added 2004/12/06 5:0 a.m.50 views

CVE-2004-0468

Memory leak in Juniper JUNOS Packet Forwarding Engine (PFE) allows remote attackers to cause a denial of service (memory exhaustion and device reboot) via certain IPv6 packets.

5CVSS6.6AI score0.00997EPSS
CVE
CVE
added 2014/07/11 8:55 p.m.50 views

CVE-2014-3822

Juniper Junos 11.4 before 11.4R8, 12.1 before 12.1R5, 12.1X44 before 12.1X44-D20, 12.1X45 before 12.1X45-D15, 12.1X46 before 12.1X46-D10, and 12.1X47 before 12.1X47-D10 on SRX Series devices, allows remote attackers to cause a denial of service (flowd crash) via a malformed packet, related to trans...

5.4CVSS6.8AI score0.00491EPSS
CVE
CVE
added 2022/10/18 3:15 a.m.50 views

CVE-2022-22244

An XPath Injection vulnerability in the J-Web component of Juniper Networks Junos OS allows an unauthenticated attacker sending a crafted POST to reach the XPath channel, which may allow chaining to other unspecified vulnerabilities, leading to a partial loss of confidentiality. This issue affects ...

5.3CVSS5.7AI score0.00858EPSS
CVE
CVE
added 2023/10/13 12:15 a.m.49 views

CVE-2023-44177

A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos and Junos EVO allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Repeated actions by the attacker will create a sustained Denial of Service (DoS) condition. This i...

5.5CVSS5.8AI score0.00058EPSS
CVE
CVE
added 2014/01/23 5:55 p.m.48 views

CVE-2013-7313

The OSPF implementation in Juniper Junos through 13.x, JunosE, and ScreenOS through 6.3.x does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial o...

5.4CVSS6.3AI score0.00937EPSS
CVE
CVE
added 2017/10/13 5:29 p.m.48 views

CVE-2017-10618

When the 'bgp-error-tolerance' feature â�" designed to help mitigate remote session resets from malformed path attributes â�" is enabled, a BGP UPDATE containing a specifically crafted set of transitive attributes can cause the RPD routing process to crash and restart. Devices with BGP enabled that...

5.9CVSS5.7AI score0.00295EPSS
CVE
CVE
added 2019/10/09 8:15 p.m.48 views

CVE-2019-0069

On EX4600, QFX5100 Series, NFX Series, QFX10K Series, QFX5110, QFX5200 Series, QFX5110, QFX5200, QFX10K Series, vSRX, SRX1500, SRX4000 Series, vSRX, SRX1500, SRX4000, QFX5110, QFX5200, QFX10K Series, when the user uses console management port to authenticate, the credentials used during device auth...

5.9CVSS5.6AI score0.0002EPSS
CVE
CVE
added 2022/10/18 3:15 a.m.48 views

CVE-2022-22234

An Improper Preservation of Consistency Between Independent Representations of Shared State vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). If the device is very busy for...

5.5CVSS5.3AI score0.00066EPSS
CVE
CVE
added 2023/04/17 10:15 p.m.48 views

CVE-2023-28961

An Improper Handling of Unexpected Data Type vulnerability in IPv6 firewall filter processing of Juniper Networks Junos OS on the ACX Series devices will prevent a firewall filter with the term 'from next-header ah' from being properly installed in the packet forwarding engine (PFE). There is no im...

5.8CVSS5.4AI score0.00149EPSS
CVE
CVE
added 2017/10/13 5:29 p.m.47 views

CVE-2017-10613

A vulnerability in a specific loopback filter action command, processed in a specific logical order of operation, in a running configuration of Juniper Networks Junos OS, allows an attacker with CLI access and the ability to initiate remote sessions to the loopback interface with the defined action...

5.5CVSS5.5AI score0.00045EPSS
Total number of security vulnerabilities104