CVSS: 7.4EPSS: 0%CPEs: 173EXPL: 0CVE-2022-22163 – Junos OS: jdhcpd crashes upon receipt of a specific DHCPv6 packet
https://notcve.org/view.php?id=CVE-2022-22163
19 Jan 2022 — An Improper Input Validation vulnerability in the Juniper DHCP daemon (jdhcpd) of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to cause a crash of jdhcpd and thereby a Denial of Service (DoS). If a device is configured as DHCPv6 local server and persistent storage is enabled, jdhcpd will crash when receiving a specific DHCPv6 message. This issue affects: Juniper Networks Junos OS All versions prior to 15.1R7-S11; 18.4 versions prior to 18.4R3-S9; 19.1 versions prior to 19.1R2-S3, 19... • https://kb.juniper.net/JSA11271 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 204EXPL: 0CVE-2022-22162 – Junos OS: A low privileged user can elevate their privileges to the ones of the highest privileged j-web user logged in
https://notcve.org/view.php?id=CVE-2022-22162
19 Jan 2022 — A Generation of Error Message Containing Sensitive Information vulnerability in the CLI of Juniper Networks Junos OS allows a locally authenticated attacker with low privileges to elevate these to the level of any other user logged in via J-Web at this time, potential leading to a full compromise of the device. This issue affects Juniper Networks Junos OS: All versions prior to 15.1R7-S11; 18.3 versions prior to 18.3R3-S6; 18.4 versions prior to 18.4R2-S9, 18.4R3-S10; 19.1 versions prior to 19.1R2-S3, 19.1R... • https://kb.juniper.net/JSA11270 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 7.5EPSS: 0%CPEs: 144EXPL: 0CVE-2022-22161 – Junos OS: MX104 might become unresponsive if the out-of-band management port receives a flood of traffic
https://notcve.org/view.php?id=CVE-2022-22161
19 Jan 2022 — An Uncontrolled Resource Consumption vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated network based attacker to cause 100% CPU load and the device to become unresponsive by sending a flood of traffic to the out-of-band management ethernet port. Continued receipted of a flood will create a sustained Denial of Service (DoS) condition. Once the flood subsides the system will recover by itself. An indication that the system is affected by this issue would be that an irq handled... • https://kb.juniper.net/JSA11269 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.4EPSS: 0%CPEs: 112EXPL: 1CVE-2022-22156 – Junos OS: Certificate validation is skipped when fetching system scripts from a HTTPS URL
https://notcve.org/view.php?id=CVE-2022-22156
19 Jan 2022 — An Improper Certificate Validation weakness in the Juniper Networks Junos OS allows an attacker to perform Person-in-the-Middle (PitM) attacks when a system script is fetched from a remote source at a specified HTTPS URL, which may compromise the integrity and confidentiality of the device. The following command can be executed by an administrator via the CLI to refresh a script from a remote location, which is affected from this vulnerability: >request system scripts refresh-from (commit | event | extensio... • https://kb.juniper.net/JSA11264 • CWE-295: Improper Certificate Validation CWE-300: Channel Accessible by Non-Endpoint CWE-358: Improperly Implemented Security Check for Standard •
CVSS: 7.5EPSS: 0%CPEs: 104EXPL: 0CVE-2022-22153 – SRX Series and MX Series with SPC3: A high percentage of fragments might lead to high latency or packet drops
https://notcve.org/view.php?id=CVE-2022-22153
19 Jan 2022 — An Insufficient Algorithmic Complexity combined with an Allocation of Resources Without Limits or Throttling vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX Series and MX Series with SPC3 allows an unauthenticated network attacker to cause latency in transit packet processing and even packet loss. If transit traffic includes a significant percentage (> 5%) of fragmented packets which need to be reassembled, high latency or packet drops might be observed. This issue af... • https://kb.juniper.net/JSA11261 • CWE-407: Inefficient Algorithmic Complexity CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 9.0EPSS: 0%CPEs: 132EXPL: 0CVE-2021-31372 – Junos OS: J-Web allows a locally authenticated attacker to escalate their privileges to root.
https://notcve.org/view.php?id=CVE-2021-31372
19 Oct 2021 — An Improper Input Validation vulnerability in J-Web of Juniper Networks Junos OS allows a locally authenticated J-Web attacker to escalate their privileges to root over the target device. This issue affects: Juniper Networks Junos OS All versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R3-S9; 19.1 versions prior to 19.1R3-S6; 19.2 versions prior to 19.2R3-S3; 19.3 versions prior to 19.3R3-S3; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 ve... • https://kb.juniper.net/JSA11237 • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 150EXPL: 0CVE-2021-31371 – Junos OS: QFX5000 Series: Traffic from the network internal to the device (128.0.0.0) may be forwarded to egress interfaces.
https://notcve.org/view.php?id=CVE-2021-31371
19 Oct 2021 — Juniper Networks Junos OS uses the 128.0.0.0/2 subnet for internal communications between the RE and PFEs. It was discovered that packets utilizing these IP addresses may egress an QFX5000 Series switch, leaking configuration information such as heartbeats, kernel versions, etc. out to the Internet, leading to an information exposure vulnerability. This issue affects Juniper Networks Junos OS on QFX5110, QFX5120, QFX5200, QFX5210 Series, and QFX5100 with QFX 5e Series image installed: All versions prior to ... • https://kb.juniper.net/JSA11236 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 176EXPL: 0CVE-2021-31369 – Junos OS: MX Series: Traffic drops will be observed if MS-MPC/MS-PIC resources are consumed by certain traffic causing a partial DoS
https://notcve.org/view.php?id=CVE-2021-31369
19 Oct 2021 — On MX Series platforms with MS-MPC/MS-MIC, an Allocation of Resources Without Limits or Throttling vulnerability in Juniper Networks Junos OS allows an unauthenticated network attacker to cause a partial Denial of Service (DoS) with a high rate of specific traffic. If a Class of Service (CoS) rule is attached to the service-set and a high rate of specific traffic is processed by this service-set, for some of the other traffic which has services applied and is being processed by this MS-MPC/MS-MIC drops will... • https://kb.juniper.net/JSA11231 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.8EPSS: 0%CPEs: 170EXPL: 0CVE-2021-31368 – Junos OS: EX2300 Series, EX3400 Series, and ACX710 might become unresponsive if the out-of-band management port receives a flood of traffic
https://notcve.org/view.php?id=CVE-2021-31368
19 Oct 2021 — An Uncontrolled Resource Consumption vulnerability in the kernel of Juniper Networks JUNOS OS allows an unauthenticated network based attacker to cause 100% CPU load and the device to become unresponsive by sending a flood of traffic to the out-of-band management ethernet port. Continued receipted of a flood will create a sustained Denial of Service (DoS) condition. Once the flood subsides the system will recover by itself. An indication that the system is affected by this issue would be that kernel and net... • https://kb.juniper.net/JSA11230 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.5EPSS: 0%CPEs: 532EXPL: 0CVE-2021-31365 – Junos OS: EX2300, EX3400 and EX4300 Series: An Aggregated Ethernet (AE) interface will go down due to a stream of specific layer 2 frames
https://notcve.org/view.php?id=CVE-2021-31365
19 Oct 2021 — An Uncontrolled Resource Consumption vulnerability in Juniper Networks Junos OS on EX2300, EX3400 and EX4300 Series platforms allows an adjacent attacker sending a stream of layer 2 frames will trigger an Aggregated Ethernet (AE) interface to go down and thereby causing a Denial of Service (DoS). By continuously sending a stream of specific layer 2 frames an attacker will sustain the Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS EX4300 Series All versions prior to 15.1R7-S... • https://kb.juniper.net/JSA11227 • CWE-400: Uncontrolled Resource Consumption •