CVSS: 7.8EPSS: 0%CPEs: 66EXPL: 0CVE-2023-28982 – Junos OS and Junos OS Evolved: In a BGP rib sharding scenario when a route is frequently updated an rpd memory leak will occur
https://notcve.org/view.php?id=CVE-2023-28982
17 Apr 2023 — A Missing Release of Memory after Effective Lifetime vulnerability in the routing protocol daemon of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network based attacker to cause a Denial of Service (DoS). In a BGP rib sharding scenario, when an attribute of an active BGP route is updated memory will leak. As rpd memory usage increases over time the rpd process will eventually run out of memory, crash, and restart. The memory utilization can be monitored with the following CLI co... • https://supportportal.juniper.net/JSA70608 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 9.0EPSS: 0%CPEs: 11EXPL: 0CVE-2023-28983 – Junos OS Evolved: Shell Injection vulnerability in the gNOI server
https://notcve.org/view.php?id=CVE-2023-28983
17 Apr 2023 — An OS Command Injection vulnerability in gRPC Network Operations Interface (gNOI) server module of Juniper Networks Junos OS Evolved allows an authenticated, low privileged, network based attacker to inject shell commands and execute code. This issue affects Juniper Networks Junos OS Evolved 21.4 version 21.4R1-EVO and later versions prior to 22.1R1-EVO. • https://supportportal.juniper.net/JSA70609 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.1EPSS: 0%CPEs: 31EXPL: 0CVE-2023-22397 – Junos OS Evolved: PTX10003: An attacker sending specific genuine packets will cause a memory leak in the PFE leading to a Denial of Service
https://notcve.org/view.php?id=CVE-2023-22397
12 Jan 2023 — An Allocation of Resources Without Limits or Throttling weakness in the memory management of the Packet Forwarding Engine (PFE) on Juniper Networks Junos OS Evolved PTX10003 Series devices allows an adjacently located attacker who has established certain preconditions and knowledge of the environment to send certain specific genuine packets to begin a Time-of-check Time-of-use (TOCTOU) Race Condition attack which will cause a memory leak to begin. Once this condition begins, and as long as the attacker is a... • https://kb.juniper.net/JSA70193 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.5EPSS: 0%CPEs: 104EXPL: 0CVE-2023-22407 – Junos OS and Junos OS Evolved: An RPD crash can happen due to an MPLS TE tunnel configuration change on a directly connected router
https://notcve.org/view.php?id=CVE-2023-22407
12 Jan 2023 — An Incomplete Cleanup vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS). An rpd crash can occur when an MPLS TE tunnel configuration change occurs on a directly connected router. This issue affects: Juniper Networks Junos OS All versions prior to 18.4R2-S7; 19.1 versions prior to 19.1R3-S2; 19.2 versions prior to 19.2R3; 19.3 versions prior to 19.3R3; 19.4 versions prior to 19.4... • https://kb.juniper.net/JSA70203 • CWE-459: Incomplete Cleanup •
CVSS: 5.9EPSS: 0%CPEs: 14EXPL: 0CVE-2023-22402 – Junos OS Evolved: The kernel might restart in a BGP scenario where "bgp auto-discovery" is enabled and such a neighbor flaps
https://notcve.org/view.php?id=CVE-2023-22402
12 Jan 2023 — A Use After Free vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). In a Non Stop Routing (NSR) scenario, an unexpected kernel restart might be observed if "bgp auto-discovery" is enabled and if there is a BGP neighbor flap of auto-discovery sessions for any reason. This is a race condition which is outside of an attackers direct control and it depends on system internal timing whether this issue occurs. This... • https://kb.juniper.net/JSA70198 • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 130EXPL: 0CVE-2023-22406 – Junos OS and Junos OS Evolved: A memory leak which will ultimately lead to an rpd crash will be observed when a peer interface flaps continuously in a Segment Routing scenario using OSPF
https://notcve.org/view.php?id=CVE-2023-22406
12 Jan 2023 — A Missing Release of Memory after Effective Lifetime vulnerability in the kernel of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS). In a segment-routing scenario with OSPF as IGP, when a peer interface continuously flaps, next-hop churn will happen and a continuous increase in Routing Protocol Daemon (rpd) memory consumption will be observed. This will eventually lead to an rpd crash and restart when the memory is full. The memo... • https://kb.juniper.net/JSA70202 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 193EXPL: 0CVE-2023-22398 – Junos OS and Junos OS Evolved: RPD might crash when MPLS ping is performed on BGP LSPs
https://notcve.org/view.php?id=CVE-2023-22398
12 Jan 2023 — An Access of Uninitialized Pointer vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). When an MPLS ping is performed on BGP LSPs, the RPD might crash. Repeated execution of this operation will lead to a sustained DoS. This issue affects: Juniper Networks Junos OS: 15.1 versions prior to 15.1R7-S12; 19.1 versions prior to 19.1R3-S9; 19.2 versions prior to 19.2R1-S9... • https://kb.juniper.net/JSA70181 • CWE-824: Access of Uninitialized Pointer •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2023-22401 – Junos OS and Junos OS Evolved: PTX10008, PTX10016: When a specific SNMP MIB is queried the FPC will crash
https://notcve.org/view.php?id=CVE-2023-22401
12 Jan 2023 — An Improper Validation of Array Index vulnerability in the Advanced Forwarding Toolkit Manager daemon (aftmand) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). On the PTX10008 and PTX10016 platforms running Junos OS or Junos OS Evolved, when a specific SNMP MIB is queried this will cause a PFE crash and the FPC will go offline and not automatically recover. A system restart is required to get the affected FPC in an opera... • https://kb.juniper.net/JSA70197 • CWE-129: Improper Validation of Array Index •
CVSS: 7.8EPSS: 0%CPEs: 37EXPL: 0CVE-2023-22400 – Junos OS Evolved: A specific SNMP GET operation and a specific CLI commands cause resources to leak and eventually the evo-pfemand process will crash
https://notcve.org/view.php?id=CVE-2023-22400
12 Jan 2023 — An Uncontrolled Resource Consumption vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause an FPC crash leading to a Denial of Service (DoS). When a specific SNMP GET operation or a specific CLI command is executed this will cause a GUID resource leak, eventually leading to exhaustion and result in an FPC crash and reboot. GUID exhaustion will trigger a syslog message like one of the following for example: evo... • https://kb.juniper.net/JSA70196 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 47EXPL: 0CVE-2023-22393 – Junos OS and Junos OS Evolved: RPD crash upon receipt of BGP route with invalid next-hop
https://notcve.org/view.php?id=CVE-2023-22393
12 Jan 2023 — An Improper Check for Unusual or Exceptional Conditions vulnerability in BGP route processing of Juniper Networks Junos OS and Junos OS Evolved allows an attacker to cause Routing Protocol Daemon (RPD) crash by sending a BGP route with invalid next-hop resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue only affects systems without import policy configured. This issue affects: Juniper Networks Junos OS ... • https://kb.juniper.net/JSA70189 • CWE-358: Improperly Implemented Security Check for Standard CWE-754: Improper Check for Unusual or Exceptional Conditions •