CVSS: 8.2EPSS: 0%CPEs: 16EXPL: 0CVE-2025-21598 – Junos OS and Junos OS Evolved: When BGP traceoptions are configured, receipt of malformed BGP packets causes RPD to crash
https://notcve.org/view.php?id=CVE-2025-21598
09 Jan 2025 — An Out-of-bounds Read vulnerability in Juniper Networks Junos OS and Junos OS Evolved's routing protocol daemon (rpd) allows an unauthenticated, network-based attacker to send malformed BGP packets to a device configured with packet receive trace options enabled to crash rpd. This issue affects: Junos OS: * from 21.2R3-S8 before 21.2R3-S9, * from 21.4R3-S7 before 21.4R3-S9, * from 22.2R3-S4 before 22.2R3-S5, * from 22.3R3-S2 before 22.3R3-S4, * from 22.4R3 before 22.4R3-S5, * from 23.2R2 before 23.2R2-S2, *... • https://supportportal.juniper.net/JSA92867 • CWE-125: Out-of-bounds Read •
CVSS: 7.1EPSS: 0%CPEs: 16EXPL: 0CVE-2025-21600 – Junos OS and Junos OS Evolved: With certain BGP options enabled, receipt of specifically malformed BGP update causes RPD crash
https://notcve.org/view.php?id=CVE-2025-21600
09 Jan 2025 — An Out-of-Bounds Read vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, logically adjacent BGP peer sending a specifically malformed BGP packet to cause rpd to crash and restart, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue only affects systems configured in either of two ways: * systems with BGP traceoptions enabled * ... • https://supportportal.juniper.net/JSA92870 • CWE-125: Out-of-bounds Read •
CVSS: 7.1EPSS: 0%CPEs: 16EXPL: 0CVE-2025-21602 – Junos OS and Junos OS Evolved: Receipt of specially crafted BGP update packet causes RPD crash
https://notcve.org/view.php?id=CVE-2025-21602
09 Jan 2025 — An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker sending a specific BGP update packet to cause rpd to crash and restart, resulting in a Denial of Service (DoS). Continuous receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects iBGP and eBGP, and both IPv4 and IPv6 are affected by this vulnerability. This is... • https://supportportal.juniper.net/JSA92872 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 6.8EPSS: 0%CPEs: 6EXPL: 0CVE-2025-21596 – Junos OS: SRX1500,SRX4100,SRX4200: Execution of low-privileged CLI command results in chassisd crash
https://notcve.org/view.php?id=CVE-2025-21596
09 Jan 2025 — An Improper Handling of Exceptional Conditions vulnerability in the command-line processing of Juniper Networks Junos OS on SRX1500, SRX4100, and SRX4200 devices allows a local, low-privileged authenticated attacker executing the 'show chassis environment pem' command to cause the chassis daemon (chassisd) to crash and restart, resulting in a temporary Denial of Service (DoS). However, repeated execution of this command will eventually cause the chassisd process to fail to restart, impacting packet processi... • https://supportportal.juniper.net/JSA92864 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.1EPSS: 0%CPEs: 14EXPL: 0CVE-2025-21593 – Junos OS and Junos OS Evolved: On SRv6 enabled devices, an attacker sending a malformed BGP update can cause the rpd to crash
https://notcve.org/view.php?id=CVE-2025-21593
09 Jan 2025 — An Improper Control of a Resource Through its Lifetime vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker to cause a Denial-of-Service (DoS). On devices with SRv6 (Segment Routing over IPv6) enabled, an attacker can send a malformed BGP UPDATE packet which will cause the rpd to crash and restart. Continued receipt of these UPDATE packets will cause a sustained DoS condition. This issue affects iBGP and eBGP, a... • https://supportportal.juniper.net/JSA92861 • CWE-664: Improper Control of a Resource Through its Lifetime •
CVSS: 6.8EPSS: 0%CPEs: 6EXPL: 0CVE-2025-21592 – Junos OS: SRX Series: Low privileged user able to access highly sensitive information on file system
https://notcve.org/view.php?id=CVE-2025-21592
09 Jan 2025 — An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the command-line interface (CLI) of Juniper Networks Junos OS on SRX Series devices allows a local, low-privileged user with access to the Junos CLI to view the contents of sensitive files on the file system. Through the execution of either 'show services advanced-anti-malware' or 'show services security-intelligence' command, a user with limited permissions (e.g., a low privilege login class user) can access protected files that... • https://supportportal.juniper.net/JSA92860 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.9EPSS: 0%CPEs: 6EXPL: 0CVE-2024-47507 – Junos OS and Junos OS Evolved: BGP update message containing aggregator attribute with an ASN value of zero (0) is accepted
https://notcve.org/view.php?id=CVE-2024-47507
11 Oct 2024 — An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause an integrity impact to the downstream devices. When a peer sends a BGP update message which contains the aggregator attribute with an ASN value of zero (0), rpd accepts and propagates this attribute, which can cause issues for downstream BGP peers receiving this. This issue affects: Junos OS: * ... • https://supportportal.juniper.net/JSA88138 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 8.2EPSS: 0%CPEs: 5EXPL: 0CVE-2024-47506 – Junos OS: SRX Series: A large amount of traffic being processed by ATP Cloud can lead to a PFE crash
https://notcve.org/view.php?id=CVE-2024-47506
11 Oct 2024 — A Deadlock vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When a large amount of traffic is processed by ATP Cloud inspection, a deadlock can occur which will result in a PFE crash and restart. Whether the crash occurs, depends on system internal timing that is outside the attackers control. This issue affects Junos OS on SRX Series: * All versions before 21.3R3-S1, * 21.4 ve... • https://supportportal.juniper.net/JSA88137 • CWE-833: Deadlock •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2024-47503 – Junos OS: SRX4600 and SRX5000 Series: Sequence of specific PIM packets causes a flowd crash
https://notcve.org/view.php?id=CVE-2024-47503
11 Oct 2024 — An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX4600 and SRX5000 Series allows an unauthenticated and logically adjacent attacker to cause a Denial-of-Service (DoS). If in a multicast scenario a sequence of specific PIM packets is received, this will cause a flowd crash and restart, which leads to momentary service interruption. This issue affects Junos OS on SRX 4600 and SRX 5000 Series: * All versions before 21.... • https://supportportal.juniper.net/JSA88133 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 8.7EPSS: 0%CPEs: 16EXPL: 0CVE-2024-47499 – Junos OS and Junos OS Evolved: In a BMP scenario receipt of a malformed AS PATH attribute can cause an RPD crash
https://notcve.org/view.php?id=CVE-2024-47499
11 Oct 2024 — An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network based attacker to cause a Denial of Service (DoS). In a scenario where BGP Monitoring Protocol (BMP) is configured with rib-in pre-policy monitoring, receiving a BGP update with a specifically malformed AS PATH attribute over an established BGP session, can cause an RPD crash and restart. This issue affects: Junos OS: ... • https://supportportal.juniper.net/JSA88129 • CWE-754: Improper Check for Unusual or Exceptional Conditions •