CVSS: 6.5EPSS: 0%CPEs: 109EXPL: 0CVE-2022-22172 – Junos OS and Junos OS Evolved: An l2cpd memory leak can occur when specific LLDP packets are received leading to a DoS
https://notcve.org/view.php?id=CVE-2022-22172
19 Jan 2022 — A Missing Release of Memory after Effective Lifetime vulnerability in the Layer-2 control protocols daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause a memory leak. Continued exploitation can lead to memory exhaustion and thereby a Denial of Service (DoS). This issue occurs when specific LLDP packets are received. The impact of the l2cpd cores is that if any of the stp protocols (rstp, mstp or vstp) is used then stp re-converges and traffic... • https://kb.juniper.net/JSA11278 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.9EPSS: 0%CPEs: 215EXPL: 0CVE-2022-22169 – Junos OS and Junos OS Evolved: OSPFv3 session might go into INIT state upon receipt of multiple crafted packets from a trusted neighbor device.
https://notcve.org/view.php?id=CVE-2022-22169
19 Jan 2022 — An Improper Initialization vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an attacker who sends specific packets in certain orders and at specific timings to force OSPFv3 to unexpectedly enter graceful-restart (GR helper mode) even though there is not any Grace-LSA received in OSPFv3 causing a Denial of Service (DoS). Unexpectedly entering GR helper mode might cause the OSPFv3 neighbor adjacency formed on this interface to be stuck in the "INIT" s... • https://kb.juniper.net/JSA11276 • CWE-665: Improper Initialization •
CVSS: 6.5EPSS: 0%CPEs: 11EXPL: 0CVE-2022-22164 – Junos OS Evolved: Telnet service may be enabled when it is expected to be disabled.
https://notcve.org/view.php?id=CVE-2022-22164
19 Jan 2022 — An Improper Initialization vulnerability in Juniper Networks Junos OS Evolved may cause a commit operation for disabling the telnet service to not take effect as expected, resulting in the telnet service staying enabled. When it is not intended to be operating on the device, an administrator can issue the following command to verify whether telnet is operating in the background: user@device > show system connections | grep :23 tcp 0 0 0.0.0.0:23 0.0.0.0:* LISTEN 20879/xinetd This issue affects: Juniper Netw... • https://kb.juniper.net/JSA11272 • CWE-665: Improper Initialization •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2021-31358 – Junos OS Evolved: shell-injection vulnerabilities in evo_sftp UI wrapper script
https://notcve.org/view.php?id=CVE-2021-31358
19 Oct 2021 — A command injection vulnerability in sftp command processing on Juniper Networks Junos OS Evolved allows an attacker with authenticated CLI access to be able to bypass configured access protections to execute arbitrary shell commands within the context of the current user. The vulnerability allows an attacker to bypass command authorization restrictions assigned to their specific user account and execute commands that are available to the privilege level for which the user is assigned. For example, a user t... • https://kb.juniper.net/JSA11221 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2021-31357 – Junos OS Evolved: shell-injection vulnerabilities in evo_tcpdump UI wrapper script
https://notcve.org/view.php?id=CVE-2021-31357
19 Oct 2021 — A command injection vulnerability in tcpdump command processing on Juniper Networks Junos OS Evolved allows an attacker with authenticated CLI access to be able to bypass configured access protections to execute arbitrary shell commands within the context of the current user. The vulnerability allows an attacker to bypass command authorization restrictions assigned to their specific user account and execute commands that are available to the privilege level for which the user is assigned. For example, a use... • https://kb.juniper.net/JSA11221 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2021-31356 – Junos OS Evolved: Multiple shell-injection vulnerabilities in EVO UI wrapper scripts
https://notcve.org/view.php?id=CVE-2021-31356
19 Oct 2021 — A command injection vulnerability in command processing on Juniper Networks Junos OS Evolved allows an attacker with authenticated CLI access to be able to bypass configured access protections to execute arbitrary shell commands within the context of the current user. The vulnerability allows an attacker to bypass command authorization restrictions assigned to their specific user account and execute commands that are available to the privilege level for which the user is assigned. For example, a user that i... • https://kb.juniper.net/JSA11221 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 89EXPL: 0CVE-2021-31354 – Junos OS and Junos OS Evolved: A vulnerability in the Juniper Agile License Client may allow an attacker to perform Remote Code Execution (RCE)
https://notcve.org/view.php?id=CVE-2021-31354
19 Oct 2021 — An Out Of Bounds (OOB) access vulnerability in the handling of responses by a Juniper Agile License (JAL) Client in Juniper Networks Junos OS and Junos OS Evolved, configured in Network Mode (to use Juniper Agile License Manager) may allow an attacker to cause a partial Denial of Service (DoS), or lead to remote code execution (RCE). The vulnerability exists in the packet parsing logic on the client that processes the response from the server using a custom protocol. An attacker with control of a JAL Licens... • https://kb.juniper.net/JSA11219 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 22EXPL: 1CVE-2021-31353 – Junos OS and Junos OS Evolved: RPD core upon receipt of specific BGP update
https://notcve.org/view.php?id=CVE-2021-31353
19 Oct 2021 — An Improper Handling of Exceptional Conditions vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an attacker to inject a specific BGP update, causing the routing protocol daemon (RPD) to crash and restart, leading to a Denial of Service (DoS). Continued receipt and processing of the BGP update will create a sustained Denial of Service (DoS) condition. This issue affects very specific versions of Juniper Networks Junos OS: 19.3R3-S2; 19.4R3-S3; 20.2 versions 20.2R2-S3 and later, prior to... • https://kb.juniper.net/JSA11218 • CWE-755: Improper Handling of Exceptional Conditions •