CVSS: 7.8EPSS: 0%CPEs: 28EXPL: 0CVE-2022-22192 – Junos OS Evolved: PTX Series: An attacker can cause a kernel panic by sending a malformed TCP packet to the device
https://notcve.org/view.php?id=CVE-2022-22192
18 Oct 2022 — An Improper Validation of Syntactic Correctness of Input vulnerability in the kernel of Juniper Networks Junos OS Evolved on PTX series allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). When an incoming TCP packet destined to the device is malformed there is a possibility of a kernel panic. Only TCP packets destined to the ports for BGP, LDP and MSDP can trigger this. This issue only affects PTX10004, PTX10008, PTX10016. No other PTX Series devices or other platforms are a... • https://kb.juniper.net/JSA69915 • CWE-20: Improper Input Validation CWE-1286: Improper Validation of Syntactic Correctness of Input •
CVSS: 6.5EPSS: 0%CPEs: 142EXPL: 1CVE-2022-22215 – Junos OS and Junos OS Evolved: /var/run/<pid>.env files are potentially not deleted during termination of a gRPC connection causing inode exhaustion
https://notcve.org/view.php?id=CVE-2022-22215
20 Jul 2022 — A Missing Release of File Descriptor or Handle after Effective Lifetime vulnerability in plugable authentication module (PAM) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). It is possible that after the termination of a gRPC connection the respective/var/run/
CVSS: 6.5EPSS: 0%CPEs: 260EXPL: 0CVE-2022-22214 – Junos OS and Junos OS Evolved: In an MPLS scenario upon receipt of a specific IPv6 packet an FPC will crash
https://notcve.org/view.php?id=CVE-2022-22214
20 Jul 2022 — An Improper Input Validation vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent attacker to cause a PFE crash and thereby a Denial of Service (DoS). An FPC will crash and reboot after receiving a specific transit IPv6 packet over MPLS. Continued receipt of this packet will create a sustained Denial of Service (DoS) condition. This issue does not affect systems configured for IPv4 only. This issue affects: Juniper Networks Junos OS All ver... • https://kb.juniper.net/JSA69718 • CWE-20: Improper Input Validation •
CVSS: 5.9EPSS: 0%CPEs: 41EXPL: 0CVE-2022-22213 – Junos OS and Junos OS Evolved: Denial of Service (DoS) vulnerability in RPD upon receipt of specific BGP update
https://notcve.org/view.php?id=CVE-2022-22213
20 Jul 2022 — A vulnerability in Handling of Undefined Values in the routing protocol daemon (RPD) process of Juniper Networks Junos OS and Junos OS Evolved may allow an unauthenticated network-based attacker to crash the RPD process by sending a specific BGP update while the system is under heavy load, leading to a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. Malicious exploitation of this issue requires a very specific combination of... • https://kb.juniper.net/JSA69717 • CWE-232: Improper Handling of Undefined Values •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2022-22212 – Junos OS Evolved: A high rate of specific hostbound traffic will cause unexpected hostbound traffic delays or drops
https://notcve.org/view.php?id=CVE-2022-22212
20 Jul 2022 — An Allocation of Resources Without Limits or Throttling vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved allows unauthenticated network based attacker to cause a Denial of Service (DoS). On all Junos Evolved platforms hostbound protocols will be impacted by a high rate of specific hostbound traffic from ports on a PFE. Continued receipt of this amount of traffic will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS Evo... • https://kb.juniper.net/JSA69716 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.5EPSS: 0%CPEs: 82EXPL: 0CVE-2022-22196 – Junos OS and Junos OS Evolved: The rpd CPU spikes to 100% after a malformed ISIS TLV has been received
https://notcve.org/view.php?id=CVE-2022-22196
14 Apr 2022 — An Improper Check for Unusual or Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker with an established ISIS adjacency to cause a Denial of Service (DoS). The rpd CPU spikes to 100% after a malformed ISIS TLV has been received which will lead to processing issues of routing updates and in turn traffic impact. This issue affects: Juniper Networks Junos OS 19.3 versions prior to 19.3R3-S4; 19.... • https://kb.juniper.net/JSA69509 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2022-22195 – Junos OS Evolved: Specific packets reaching the RE lead to a counter overflow and eventually a crash
https://notcve.org/view.php?id=CVE-2022-22195
14 Apr 2022 — An Improper Update of Reference Count vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to trigger a counter overflow, eventually causing a Denial of Service (DoS). This issue affects Juniper Networks Junos OS Evolved: All versions prior to 20.4R3-S1-EVO; 21.1 versions prior to 21.1R3-EVO; 21.2 versions prior to 21.2R3-EVO; 21.3 versions prior to 21.3R2-EVO. This issue does not affect Juniper Networks Junos OS. Una vulnerabilidad de Actualizac... • https://kb.juniper.net/JSA69508 • CWE-911: Improper Update of Reference Count •
CVSS: 5.5EPSS: 0%CPEs: 30EXPL: 0CVE-2022-22193 – Junos OS and Junos OS Evolved: In a BGP rib-sharding scenario when a certain CLI command is executed the rpd process might crash
https://notcve.org/view.php?id=CVE-2022-22193
14 Apr 2022 — An Improper Handling of Unexpected Data Type vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). Continued execution of this command might cause a sustained Denial of Service condition. If BGP rib sharding is configured and a certain CLI command is executed the rpd process can crash. During the rpd crash and restart, the routing protocols might be impacted and traf... • https://kb.juniper.net/JSA69503 • CWE-241: Improper Handling of Unexpected Data Type •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2022-22183 – Junos OS Evolved: A remote attacker may cause a CPU Denial of Service by sending genuine traffic to a device on a specific IPv4 port.
https://notcve.org/view.php?id=CVE-2022-22183
14 Apr 2022 — An Improper Access Control vulnerability in Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker who is able to connect to a specific open IPv4 port, which in affected releases should otherwise be unreachable, to cause the CPU to consume all resources as more traffic is sent to the port to create a Denial of Service (DoS) condition. Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Ju... • https://kb.juniper.net/JSA69516 • CWE-16: Configuration CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-284: Improper Access Control •
CVSS: 7.5EPSS: 0%CPEs: 236EXPL: 0CVE-2022-22177 – Junos OS and Junos OS Evolved: After receiving a specific number of crafted packets snmpd will segmentation fault (SIGSEGV) requiring a manual restart.
https://notcve.org/view.php?id=CVE-2022-22177
19 Jan 2022 — A release of illegal memory vulnerability in the snmpd daemon of Juniper Networks Junos OS, Junos OS Evolved allows an attacker to halt the snmpd daemon causing a sustained Denial of Service (DoS) to the service until it is manually restarted. This issue impacts any version of SNMP – v1,v2, v3 This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S20; 15.1 versions prior to 15.1R7-S11; 18.3 versions prior to 18.3R3-S6; 18.4 versions prior to 18.4R2-S9, 18.4R3-S10; 19.1 versions prior ... • https://kb.juniper.net/JSA11283 • CWE-755: Improper Handling of Exceptional Conditions •