CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2022-22195 – Junos OS Evolved: Specific packets reaching the RE lead to a counter overflow and eventually a crash
https://notcve.org/view.php?id=CVE-2022-22195
14 Apr 2022 — An Improper Update of Reference Count vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to trigger a counter overflow, eventually causing a Denial of Service (DoS). This issue affects Juniper Networks Junos OS Evolved: All versions prior to 20.4R3-S1-EVO; 21.1 versions prior to 21.1R3-EVO; 21.2 versions prior to 21.2R3-EVO; 21.3 versions prior to 21.3R2-EVO. This issue does not affect Juniper Networks Junos OS. Una vulnerabilidad de Actualizac... • https://kb.juniper.net/JSA69508 • CWE-911: Improper Update of Reference Count •
CVSS: 5.5EPSS: 0%CPEs: 30EXPL: 0CVE-2022-22193 – Junos OS and Junos OS Evolved: In a BGP rib-sharding scenario when a certain CLI command is executed the rpd process might crash
https://notcve.org/view.php?id=CVE-2022-22193
14 Apr 2022 — An Improper Handling of Unexpected Data Type vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). Continued execution of this command might cause a sustained Denial of Service condition. If BGP rib sharding is configured and a certain CLI command is executed the rpd process can crash. During the rpd crash and restart, the routing protocols might be impacted and traf... • https://kb.juniper.net/JSA69503 • CWE-241: Improper Handling of Unexpected Data Type •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2022-22183 – Junos OS Evolved: A remote attacker may cause a CPU Denial of Service by sending genuine traffic to a device on a specific IPv4 port.
https://notcve.org/view.php?id=CVE-2022-22183
14 Apr 2022 — An Improper Access Control vulnerability in Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker who is able to connect to a specific open IPv4 port, which in affected releases should otherwise be unreachable, to cause the CPU to consume all resources as more traffic is sent to the port to create a Denial of Service (DoS) condition. Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Ju... • https://kb.juniper.net/JSA69516 • CWE-16: Configuration CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-284: Improper Access Control •
CVSS: 7.5EPSS: 0%CPEs: 236EXPL: 0CVE-2022-22177 – Junos OS and Junos OS Evolved: After receiving a specific number of crafted packets snmpd will segmentation fault (SIGSEGV) requiring a manual restart.
https://notcve.org/view.php?id=CVE-2022-22177
19 Jan 2022 — A release of illegal memory vulnerability in the snmpd daemon of Juniper Networks Junos OS, Junos OS Evolved allows an attacker to halt the snmpd daemon causing a sustained Denial of Service (DoS) to the service until it is manually restarted. This issue impacts any version of SNMP – v1,v2, v3 This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S20; 15.1 versions prior to 15.1R7-S11; 18.3 versions prior to 18.3R3-S6; 18.4 versions prior to 18.4R2-S9, 18.4R3-S10; 19.1 versions prior ... • https://kb.juniper.net/JSA11283 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 6.5EPSS: 0%CPEs: 109EXPL: 0CVE-2022-22172 – Junos OS and Junos OS Evolved: An l2cpd memory leak can occur when specific LLDP packets are received leading to a DoS
https://notcve.org/view.php?id=CVE-2022-22172
19 Jan 2022 — A Missing Release of Memory after Effective Lifetime vulnerability in the Layer-2 control protocols daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause a memory leak. Continued exploitation can lead to memory exhaustion and thereby a Denial of Service (DoS). This issue occurs when specific LLDP packets are received. The impact of the l2cpd cores is that if any of the stp protocols (rstp, mstp or vstp) is used then stp re-converges and traffic... • https://kb.juniper.net/JSA11278 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.9EPSS: 0%CPEs: 215EXPL: 0CVE-2022-22169 – Junos OS and Junos OS Evolved: OSPFv3 session might go into INIT state upon receipt of multiple crafted packets from a trusted neighbor device.
https://notcve.org/view.php?id=CVE-2022-22169
19 Jan 2022 — An Improper Initialization vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an attacker who sends specific packets in certain orders and at specific timings to force OSPFv3 to unexpectedly enter graceful-restart (GR helper mode) even though there is not any Grace-LSA received in OSPFv3 causing a Denial of Service (DoS). Unexpectedly entering GR helper mode might cause the OSPFv3 neighbor adjacency formed on this interface to be stuck in the "INIT" s... • https://kb.juniper.net/JSA11276 • CWE-665: Improper Initialization •
CVSS: 6.5EPSS: 0%CPEs: 11EXPL: 0CVE-2022-22164 – Junos OS Evolved: Telnet service may be enabled when it is expected to be disabled.
https://notcve.org/view.php?id=CVE-2022-22164
19 Jan 2022 — An Improper Initialization vulnerability in Juniper Networks Junos OS Evolved may cause a commit operation for disabling the telnet service to not take effect as expected, resulting in the telnet service staying enabled. When it is not intended to be operating on the device, an administrator can issue the following command to verify whether telnet is operating in the background: user@device > show system connections | grep :23 tcp 0 0 0.0.0.0:23 0.0.0.0:* LISTEN 20879/xinetd This issue affects: Juniper Netw... • https://kb.juniper.net/JSA11272 • CWE-665: Improper Initialization •
CVSS: 6.5EPSS: 0%CPEs: 152EXPL: 0CVE-2021-31362 – Junos OS and Junos OS Evolved: An IS-IS adjacency might be taken down if a bad hello PDU is received for an existing adjacency causing a DoS
https://notcve.org/view.php?id=CVE-2021-31362
19 Oct 2021 — A Protection Mechanism Failure vulnerability in RPD (routing protocol daemon) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent unauthenticated attacker to cause established IS-IS adjacencies to go down by sending a spoofed hello PDU leading to a Denial of Service (DoS) condition. Continued receipted of these spoofed PDUs will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS All versions prior to 18.2R3-S8; 18.3 versions prior to 18.3R3-S... • https://kb.juniper.net/JSA11224 • CWE-693: Protection Mechanism Failure •
CVSS: 7.1EPSS: 0%CPEs: 221EXPL: 0CVE-2021-31360 – Junos OS and Junos OS Evolved: Denial of Service vulnerability in local file processing
https://notcve.org/view.php?id=CVE-2021-31360
19 Oct 2021 — An improper privilege management vulnerability in the Juniper Networks Junos OS and Junos OS Evolved command-line interpreter (CLI) allows a low-privileged user to overwrite local files as root, possibly leading to a system integrity issue or Denial of Service (DoS). Depending on the files overwritten, exploitation of this vulnerability could lead to a sustained Denial of Service (DoS) condition, requiring manual user intervention to recover. Systems are only vulnerable if jdhcpd is running, which can be co... • https://kb.juniper.net/JSA11222 • CWE-20: Improper Input Validation CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 221EXPL: 0CVE-2021-31359 – Junos OS and Junos OS Evolved: Local Privilege Escalation vulnerability
https://notcve.org/view.php?id=CVE-2021-31359
19 Oct 2021 — A local privilege escalation vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged user to cause the Juniper DHCP daemon (jdhcpd) process to crash, resulting in a Denial of Service (DoS), or execute arbitrary commands as root. Continued processing of malicious input will repeatedly crash the system and sustain the Denial of Service (DoS) condition. Systems are only vulnerable if jdhcpd is running, which can be confirmed via the 'show system processes' command. For ex... • https://kb.juniper.net/JSA11222 • CWE-121: Stack-based Buffer Overflow CWE-269: Improper Privilege Management •