CVSS: 7.5EPSS: 0%CPEs: 156EXPL: 0CVE-2022-22197 – Junos OS and Junos OS Evolved: An rpd core will be observed with proxy BGP route-target filtering enabled and certain route add and delete event happening
https://notcve.org/view.php?id=CVE-2022-22197
14 Apr 2022 — An Operation on a Resource after Expiration or Release vulnerability in the Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker with an established BGP session to cause a Denial of Service (DoS). This issue occurs when proxy-generate route-target filtering is enabled, and certain proxy-route add and delete events are happening. This issue affects: Juniper Networks Junos OS All versions prior to 17.3R3-S11; 17.4 versions prior to 17... • https://kb.juniper.net/JSA69511 • CWE-672: Operation on a Resource after Expiration or Release •
CVSS: 6.5EPSS: 0%CPEs: 82EXPL: 0CVE-2022-22196 – Junos OS and Junos OS Evolved: The rpd CPU spikes to 100% after a malformed ISIS TLV has been received
https://notcve.org/view.php?id=CVE-2022-22196
14 Apr 2022 — An Improper Check for Unusual or Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker with an established ISIS adjacency to cause a Denial of Service (DoS). The rpd CPU spikes to 100% after a malformed ISIS TLV has been received which will lead to processing issues of routing updates and in turn traffic impact. This issue affects: Juniper Networks Junos OS 19.3 versions prior to 19.3R3-S4; 19.... • https://kb.juniper.net/JSA69509 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2022-22195 – Junos OS Evolved: Specific packets reaching the RE lead to a counter overflow and eventually a crash
https://notcve.org/view.php?id=CVE-2022-22195
14 Apr 2022 — An Improper Update of Reference Count vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to trigger a counter overflow, eventually causing a Denial of Service (DoS). This issue affects Juniper Networks Junos OS Evolved: All versions prior to 20.4R3-S1-EVO; 21.1 versions prior to 21.1R3-EVO; 21.2 versions prior to 21.2R3-EVO; 21.3 versions prior to 21.3R2-EVO. This issue does not affect Juniper Networks Junos OS. Una vulnerabilidad de Actualizac... • https://kb.juniper.net/JSA69508 • CWE-911: Improper Update of Reference Count •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2022-22194 – Junos OS Evolved: PTX series: An attacker sending a crafted GRE packet will cause the PFE to restart
https://notcve.org/view.php?id=CVE-2022-22194
14 Apr 2022 — An Improper Check for Unusual or Exceptional Conditions vulnerability in the packetIO daemon of Juniper Networks Junos OS Evolved on PTX10003, PTX10004, and PTX10008 allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). Continued receipt of these crafted packets will cause a sustained Denial of Service condition. This issue affects Juniper Networks Junos OS Evolved all versions prior to 20.4R2-S3-EVO on PTX10003, PTX10004, and PTX10008. This issue does not affect: Juniper Net... • https://kb.juniper.net/JSA69505 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 5.5EPSS: 0%CPEs: 30EXPL: 0CVE-2022-22193 – Junos OS and Junos OS Evolved: In a BGP rib-sharding scenario when a certain CLI command is executed the rpd process might crash
https://notcve.org/view.php?id=CVE-2022-22193
14 Apr 2022 — An Improper Handling of Unexpected Data Type vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). Continued execution of this command might cause a sustained Denial of Service condition. If BGP rib sharding is configured and a certain CLI command is executed the rpd process can crash. During the rpd crash and restart, the routing protocols might be impacted and traf... • https://kb.juniper.net/JSA69503 • CWE-241: Improper Handling of Unexpected Data Type •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2022-22183 – Junos OS Evolved: A remote attacker may cause a CPU Denial of Service by sending genuine traffic to a device on a specific IPv4 port.
https://notcve.org/view.php?id=CVE-2022-22183
14 Apr 2022 — An Improper Access Control vulnerability in Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker who is able to connect to a specific open IPv4 port, which in affected releases should otherwise be unreachable, to cause the CPU to consume all resources as more traffic is sent to the port to create a Denial of Service (DoS) condition. Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Ju... • https://kb.juniper.net/JSA69516 • CWE-16: Configuration CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-284: Improper Access Control •
CVSS: 6.5EPSS: 0%CPEs: 109EXPL: 0CVE-2022-22172 – Junos OS and Junos OS Evolved: An l2cpd memory leak can occur when specific LLDP packets are received leading to a DoS
https://notcve.org/view.php?id=CVE-2022-22172
19 Jan 2022 — A Missing Release of Memory after Effective Lifetime vulnerability in the Layer-2 control protocols daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause a memory leak. Continued exploitation can lead to memory exhaustion and thereby a Denial of Service (DoS). This issue occurs when specific LLDP packets are received. The impact of the l2cpd cores is that if any of the stp protocols (rstp, mstp or vstp) is used then stp re-converges and traffic... • https://kb.juniper.net/JSA11278 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.9EPSS: 0%CPEs: 215EXPL: 0CVE-2022-22169 – Junos OS and Junos OS Evolved: OSPFv3 session might go into INIT state upon receipt of multiple crafted packets from a trusted neighbor device.
https://notcve.org/view.php?id=CVE-2022-22169
19 Jan 2022 — An Improper Initialization vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an attacker who sends specific packets in certain orders and at specific timings to force OSPFv3 to unexpectedly enter graceful-restart (GR helper mode) even though there is not any Grace-LSA received in OSPFv3 causing a Denial of Service (DoS). Unexpectedly entering GR helper mode might cause the OSPFv3 neighbor adjacency formed on this interface to be stuck in the "INIT" s... • https://kb.juniper.net/JSA11276 • CWE-665: Improper Initialization •
CVSS: 6.5EPSS: 0%CPEs: 11EXPL: 0CVE-2022-22164 – Junos OS Evolved: Telnet service may be enabled when it is expected to be disabled.
https://notcve.org/view.php?id=CVE-2022-22164
19 Jan 2022 — An Improper Initialization vulnerability in Juniper Networks Junos OS Evolved may cause a commit operation for disabling the telnet service to not take effect as expected, resulting in the telnet service staying enabled. When it is not intended to be operating on the device, an administrator can issue the following command to verify whether telnet is operating in the background: user@device > show system connections | grep :23 tcp 0 0 0.0.0.0:23 0.0.0.0:* LISTEN 20879/xinetd This issue affects: Juniper Netw... • https://kb.juniper.net/JSA11272 • CWE-665: Improper Initialization •
CVSS: 7.5EPSS: 0%CPEs: 69EXPL: 0CVE-2021-31383 – Junos OS and Junos OS Evolved: In Point to MultiPoint (P2MP) scenarios receipt of various crafted packets causes RPD to core.
https://notcve.org/view.php?id=CVE-2021-31383
19 Oct 2021 — In Point to MultiPoint (P2MP) scenarios within established sessions between network or adjacent neighbors the improper use of a source to destination copy write operation combined with a Stack-based Buffer Overflow on certain specific packets processed by the routing protocol daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved sent by a remote unauthenticated network attacker causes the RPD to crash causing a Denial of Service (DoS). Continued receipt and processing of these packets will create a... • https://kb.juniper.net/JSA11251 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •