CVSS: 7.5EPSS: 0%CPEs: 170EXPL: 0CVE-2021-31374 – Junos OS and Junos OS Evolved: RPD crash while processing a specially crafted BGP UPDATE or KEEPALIVE message.
https://notcve.org/view.php?id=CVE-2021-31374
19 Oct 2021 — On Juniper Networks Junos OS and Junos OS Evolved devices processing a specially crafted BGP UPDATE or KEEPALIVE message can lead to a routing process daemon (RPD) crash and restart, causing a Denial of Service (DoS). Continued receipt and processing of this message will create a sustained Denial of Service (DoS) condition. This issue affects both IBGP and EBGP deployments over IPv4 or IPv6. This issue affects: Juniper Networks Junos OS: 17.3 versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R2-S13, ... • https://kb.juniper.net/JSA11239 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 47EXPL: 0CVE-2021-31363 – Junos OS and Junos OS Evolved: Receipt of a specific LDP message will cause a Denial of Service
https://notcve.org/view.php?id=CVE-2021-31363
19 Oct 2021 — In an MPLS P2MP environment a Loop with Unreachable Exit Condition vulnerability in the routing protocol daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause high load on RPD which in turn may lead to routing protocol flaps. If a system with sensor-based-stats enabled receives a specific LDP FEC this can lead to the above condition. Continued receipted of such an LDP FEC will create a sustained Denial of Service (DoS) condition. This issue affec... • https://kb.juniper.net/JSA11225 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 6.5EPSS: 0%CPEs: 152EXPL: 0CVE-2021-31362 – Junos OS and Junos OS Evolved: An IS-IS adjacency might be taken down if a bad hello PDU is received for an existing adjacency causing a DoS
https://notcve.org/view.php?id=CVE-2021-31362
19 Oct 2021 — A Protection Mechanism Failure vulnerability in RPD (routing protocol daemon) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent unauthenticated attacker to cause established IS-IS adjacencies to go down by sending a spoofed hello PDU leading to a Denial of Service (DoS) condition. Continued receipted of these spoofed PDUs will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS All versions prior to 18.2R3-S8; 18.3 versions prior to 18.3R3-S... • https://kb.juniper.net/JSA11224 • CWE-693: Protection Mechanism Failure •
CVSS: 7.1EPSS: 0%CPEs: 221EXPL: 0CVE-2021-31360 – Junos OS and Junos OS Evolved: Denial of Service vulnerability in local file processing
https://notcve.org/view.php?id=CVE-2021-31360
19 Oct 2021 — An improper privilege management vulnerability in the Juniper Networks Junos OS and Junos OS Evolved command-line interpreter (CLI) allows a low-privileged user to overwrite local files as root, possibly leading to a system integrity issue or Denial of Service (DoS). Depending on the files overwritten, exploitation of this vulnerability could lead to a sustained Denial of Service (DoS) condition, requiring manual user intervention to recover. Systems are only vulnerable if jdhcpd is running, which can be co... • https://kb.juniper.net/JSA11222 • CWE-20: Improper Input Validation CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 221EXPL: 0CVE-2021-31359 – Junos OS and Junos OS Evolved: Local Privilege Escalation vulnerability
https://notcve.org/view.php?id=CVE-2021-31359
19 Oct 2021 — A local privilege escalation vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged user to cause the Juniper DHCP daemon (jdhcpd) process to crash, resulting in a Denial of Service (DoS), or execute arbitrary commands as root. Continued processing of malicious input will repeatedly crash the system and sustain the Denial of Service (DoS) condition. Systems are only vulnerable if jdhcpd is running, which can be confirmed via the 'show system processes' command. For ex... • https://kb.juniper.net/JSA11222 • CWE-121: Stack-based Buffer Overflow CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2021-31358 – Junos OS Evolved: shell-injection vulnerabilities in evo_sftp UI wrapper script
https://notcve.org/view.php?id=CVE-2021-31358
19 Oct 2021 — A command injection vulnerability in sftp command processing on Juniper Networks Junos OS Evolved allows an attacker with authenticated CLI access to be able to bypass configured access protections to execute arbitrary shell commands within the context of the current user. The vulnerability allows an attacker to bypass command authorization restrictions assigned to their specific user account and execute commands that are available to the privilege level for which the user is assigned. For example, a user t... • https://kb.juniper.net/JSA11221 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2021-31357 – Junos OS Evolved: shell-injection vulnerabilities in evo_tcpdump UI wrapper script
https://notcve.org/view.php?id=CVE-2021-31357
19 Oct 2021 — A command injection vulnerability in tcpdump command processing on Juniper Networks Junos OS Evolved allows an attacker with authenticated CLI access to be able to bypass configured access protections to execute arbitrary shell commands within the context of the current user. The vulnerability allows an attacker to bypass command authorization restrictions assigned to their specific user account and execute commands that are available to the privilege level for which the user is assigned. For example, a use... • https://kb.juniper.net/JSA11221 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2021-31356 – Junos OS Evolved: Multiple shell-injection vulnerabilities in EVO UI wrapper scripts
https://notcve.org/view.php?id=CVE-2021-31356
19 Oct 2021 — A command injection vulnerability in command processing on Juniper Networks Junos OS Evolved allows an attacker with authenticated CLI access to be able to bypass configured access protections to execute arbitrary shell commands within the context of the current user. The vulnerability allows an attacker to bypass command authorization restrictions assigned to their specific user account and execute commands that are available to the privilege level for which the user is assigned. For example, a user that i... • https://kb.juniper.net/JSA11221 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 89EXPL: 0CVE-2021-31354 – Junos OS and Junos OS Evolved: A vulnerability in the Juniper Agile License Client may allow an attacker to perform Remote Code Execution (RCE)
https://notcve.org/view.php?id=CVE-2021-31354
19 Oct 2021 — An Out Of Bounds (OOB) access vulnerability in the handling of responses by a Juniper Agile License (JAL) Client in Juniper Networks Junos OS and Junos OS Evolved, configured in Network Mode (to use Juniper Agile License Manager) may allow an attacker to cause a partial Denial of Service (DoS), or lead to remote code execution (RCE). The vulnerability exists in the packet parsing logic on the client that processes the response from the server using a custom protocol. An attacker with control of a JAL Licens... • https://kb.juniper.net/JSA11219 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 22EXPL: 1CVE-2021-31353 – Junos OS and Junos OS Evolved: RPD core upon receipt of specific BGP update
https://notcve.org/view.php?id=CVE-2021-31353
19 Oct 2021 — An Improper Handling of Exceptional Conditions vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an attacker to inject a specific BGP update, causing the routing protocol daemon (RPD) to crash and restart, leading to a Denial of Service (DoS). Continued receipt and processing of the BGP update will create a sustained Denial of Service (DoS) condition. This issue affects very specific versions of Juniper Networks Junos OS: 19.3R3-S2; 19.4R3-S3; 20.2 versions 20.2R2-S3 and later, prior to... • https://kb.juniper.net/JSA11218 • CWE-755: Improper Handling of Exceptional Conditions •