CVSS: 10.0EPSS: 0%CPEs: 161EXPL: 0CVE-2022-22241 – Junos OS: Vulnerability in J-Web may allow deserialization without authentication
https://notcve.org/view.php?id=CVE-2022-22241
18 Oct 2022 — An Improper Input Validation vulnerability in the J-Web component of Juniper Networks Junos OS may allow an unauthenticated attacker to access data without proper authorization. Utilizing a crafted POST request, deserialization may occur which could lead to unauthorized local file access or the ability to execute arbitrary commands. This issue affects Juniper Networks Junos OS: all versions prior to 19.1R3-S9; 19.2 versions prior to 19.2R3-S6; 19.3 versions prior to 19.3R3-S7; 19.4 versions prior to 19.4R2-... • https://kb.juniper.net/JSA69899 • CWE-20: Improper Input Validation CWE-502: Deserialization of Untrusted Data •
CVSS: 5.5EPSS: 0%CPEs: 89EXPL: 0CVE-2022-22240 – Junos OS and Junos OS Evolved: An rpd memory leak might be observed while running a specific cli command in a RIB sharding scenario
https://notcve.org/view.php?id=CVE-2022-22240
18 Oct 2022 — An Allocation of Resources Without Limits or Throttling and a Missing Release of Memory after Effective Lifetime vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated low privileged attacker to cause a Denial of Sevice (DoS). In a high-scaled BGP routing environment with rib-sharding enabled, two issues may occur when executing a specific CLI command. One is a memory leak issue with rpd where the leak rate is not constant, and the... • https://kb.juniper.net/JSA69896 • CWE-401: Missing Release of Memory after Effective Lifetime CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.5EPSS: 0%CPEs: 147EXPL: 0CVE-2022-22238 – Junos OS and Junos OS Evolved: The rpd process will crash when a malformed incoming RESV message is processed
https://notcve.org/view.php?id=CVE-2022-22238
18 Oct 2022 — An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). When an incoming RESV message corresponding to a protected LSP is malformed it causes an incorrect internal state resulting in an rpd core. This issue affects: Juniper Networks Junos OS All versions prior to 19.2R3-S6; 19.3 versions prior to 19.3R3-S6; 19.4 versions prior t... • https://kb.juniper.net/JSA69894 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 7.8EPSS: 0%CPEs: 89EXPL: 0CVE-2022-22235 – Junos OS: SRX Series: A flowd core will be observed when malformed GPRS traffic is processed
https://notcve.org/view.php?id=CVE-2022-22235
18 Oct 2022 — An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based, attacker to cause Denial of Service (DoS). A PFE crash will happen when a GPRS Tunnel Protocol (GTP) packet is received with a malformed field in the IP header of GTP encapsulated General Packet Radio Services (GPRS) traffic. The packet needs to match existing state which is outside the attackers control, so the issue... • https://kb.juniper.net/JSA69891 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 5.5EPSS: 0%CPEs: 184EXPL: 0CVE-2022-22234 – Junos OS: EX2300 and EX3400 Series: One of more SFPs might become unavailable when the system is very busy
https://notcve.org/view.php?id=CVE-2022-22234
18 Oct 2022 — An Improper Preservation of Consistency Between Independent Representations of Shared State vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). If the device is very busy for example while executing a series of show commands on the CLI one or more SFPs might not be detected anymore. The system then changes its state to "unplugged" which is leading to traffic impact and at least a part... • https://kb.juniper.net/JSA69890 • CWE-1250: Improper Preservation of Consistency Between Independent Representations of Shared State •
CVSS: 6.5EPSS: 0%CPEs: 181EXPL: 0CVE-2022-22230 – Junos OS and Junos OS Evolved: RPD crash upon receipt of specific OSPFv3 LSAs
https://notcve.org/view.php?id=CVE-2022-22230
18 Oct 2022 — An Improper Input Validation vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent unauthenticated attacker to cause DoS (Denial of Service). If another router generates more than one specific valid OSPFv3 LSA then rpd will crash while processing these LSAs. This issue only affects systems configured with OSPFv3, while OSPFv2 is not affected. This issue affects: Juniper Networks Junos OS 19.2 versions prior to 19.2R3-S6; 19.3 version 19.3R2 a... • https://kb.juniper.net/JSA69884 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 274EXPL: 0CVE-2022-22226 – Junos OS: EX4300-MP, EX4600, QFX5000 Series: In VxLAN scenarios specific packets processed cause a memory leak leading to a PFE crash
https://notcve.org/view.php?id=CVE-2022-22226
18 Oct 2022 — In VxLAN scenarios on EX4300-MP, EX4600, QFX5000 Series devices an Uncontrolled Memory Allocation vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated adjacently located attacker sending specific packets to cause a Denial of Service (DoS) condition by crashing one or more PFE's when they are received and processed by the device. Upon automatic restart of the PFE, continued processing of these packets will cause the memory leak to reappear. Depending on t... • https://kb.juniper.net/JSA69876 • CWE-770: Allocation of Resources Without Limits or Throttling CWE-789: Memory Allocation with Excessive Size Value •
CVSS: 5.9EPSS: 0%CPEs: 92EXPL: 0CVE-2022-22225 – Junos OS and Junos OS Evolved: In a BGP multipath scenario, when one of the contributing routes is flapping often and rapidly, rpd may crash
https://notcve.org/view.php?id=CVE-2022-22225
18 Oct 2022 — A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated attacker with an established BGP session to cause a Denial of Service (DoS). In a BGP multipath scenario, when one of the contributing routes is flapping often and rapidly, rpd may crash. As this crash depends on whether a route is a contributing route, and on the internal timing of the events triggered by the flap this vulnerabili... • https://kb.juniper.net/JSA69875 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 6.5EPSS: 0%CPEs: 125EXPL: 0CVE-2022-22224 – Junos OS and Junos OS Evolved: PPMD goes into infinite loop upon receipt of malformed OSPF TLV
https://notcve.org/view.php?id=CVE-2022-22224
18 Oct 2022 — An Improper Check or Handling of Exceptional Conditions vulnerability in the processing of a malformed OSPF TLV in Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause the periodic packet management daemon (PPMD) process to go into an infinite loop, which in turn can cause protocols and functions reliant on PPMD such as OSPF neighbor reachability to be impacted, resulting in a sustained Denial of Service (DoS) condition. The DoS condition persists until the PPM... • https://kb.juniper.net/JSA69874 • CWE-703: Improper Check or Handling of Exceptional Conditions •
CVSS: 7.8EPSS: 0%CPEs: 225EXPL: 1CVE-2022-22223 – Junos OS: QFX10000 Series: In IP/MPLS PHP node scenarios upon receipt of certain crafted packets multiple interfaces in LAG configurations may detach.
https://notcve.org/view.php?id=CVE-2022-22223
18 Oct 2022 — On QFX10000 Series devices using Juniper Networks Junos OS when configured as transit IP/MPLS penultimate hop popping (PHP) nodes with link aggregation group (LAG) interfaces, an Improper Validation of Specified Index, Position, or Offset in Input weakness allows an attacker sending certain IP packets to cause multiple interfaces in the LAG to detach causing a Denial of Service (DoS) condition. Continued receipt and processing of these packets will sustain the Denial of Service. This issue affects IPv4 and ... • https://kb.juniper.net/JSA69873 • CWE-20: Improper Input Validation CWE-1285: Improper Validation of Specified Index, Position, or Offset in Input •