CVSS: 7.5EPSS: 0%CPEs: 170EXPL: 0CVE-2021-31374 – Junos OS and Junos OS Evolved: RPD crash while processing a specially crafted BGP UPDATE or KEEPALIVE message.
https://notcve.org/view.php?id=CVE-2021-31374
19 Oct 2021 — On Juniper Networks Junos OS and Junos OS Evolved devices processing a specially crafted BGP UPDATE or KEEPALIVE message can lead to a routing process daemon (RPD) crash and restart, causing a Denial of Service (DoS). Continued receipt and processing of this message will create a sustained Denial of Service (DoS) condition. This issue affects both IBGP and EBGP deployments over IPv4 or IPv6. This issue affects: Juniper Networks Junos OS: 17.3 versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R2-S13, ... • https://kb.juniper.net/JSA11239 • CWE-787: Out-of-bounds Write •
CVSS: 8.0EPSS: 0%CPEs: 166EXPL: 0CVE-2021-31373 – Junos OS: SRX Series: Persistent XSS vulnerability in J-Web
https://notcve.org/view.php?id=CVE-2021-31373
19 Oct 2021 — A persistent Cross-Site Scripting (XSS) vulnerability in Juniper Networks Junos OS on SRX Series, J-Web interface may allow a remote authenticated user to inject persistent and malicious scripts. An attacker can exploit this vulnerability to steal sensitive data and credentials from a web administration session, or hijack another user's active session to perform administrative actions. This issue affects: Juniper Networks Junos OS on SRX Series: 18.2 versions prior to 18.2R3-S8; 18.3 versions prior to 18.3R... • https://kb.juniper.net/JSA11238 • CWE-20: Improper Input Validation CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.0EPSS: 0%CPEs: 132EXPL: 0CVE-2021-31372 – Junos OS: J-Web allows a locally authenticated attacker to escalate their privileges to root.
https://notcve.org/view.php?id=CVE-2021-31372
19 Oct 2021 — An Improper Input Validation vulnerability in J-Web of Juniper Networks Junos OS allows a locally authenticated J-Web attacker to escalate their privileges to root over the target device. This issue affects: Juniper Networks Junos OS All versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R3-S9; 19.1 versions prior to 19.1R3-S6; 19.2 versions prior to 19.2R3-S3; 19.3 versions prior to 19.3R3-S3; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 ve... • https://kb.juniper.net/JSA11237 • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 150EXPL: 0CVE-2021-31371 – Junos OS: QFX5000 Series: Traffic from the network internal to the device (128.0.0.0) may be forwarded to egress interfaces.
https://notcve.org/view.php?id=CVE-2021-31371
19 Oct 2021 — Juniper Networks Junos OS uses the 128.0.0.0/2 subnet for internal communications between the RE and PFEs. It was discovered that packets utilizing these IP addresses may egress an QFX5000 Series switch, leaking configuration information such as heartbeats, kernel versions, etc. out to the Internet, leading to an information exposure vulnerability. This issue affects Juniper Networks Junos OS on QFX5110, QFX5120, QFX5200, QFX5210 Series, and QFX5100 with QFX 5e Series image installed: All versions prior to ... • https://kb.juniper.net/JSA11236 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 195EXPL: 0CVE-2021-31370 – Junos OS: QFX5000 Series and EX4600 Series: Control traffic might be dropped if a high rate of specific multicast traffic is received
https://notcve.org/view.php?id=CVE-2021-31370
19 Oct 2021 — An Incomplete List of Disallowed Inputs vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on QFX5000 Series and EX4600 Series allows an adjacent unauthenticated attacker which sends a high rate of specific multicast traffic to cause control traffic received from the network to be dropped. This will impact control protocols (including but not limited to routing-protocols) and lead to a Denial of Service (DoS). Continued receipt of this specific multicast traffic will create a susta... • https://kb.juniper.net/JSA11232 • CWE-184: Incomplete List of Disallowed Inputs •
CVSS: 5.3EPSS: 0%CPEs: 176EXPL: 0CVE-2021-31369 – Junos OS: MX Series: Traffic drops will be observed if MS-MPC/MS-PIC resources are consumed by certain traffic causing a partial DoS
https://notcve.org/view.php?id=CVE-2021-31369
19 Oct 2021 — On MX Series platforms with MS-MPC/MS-MIC, an Allocation of Resources Without Limits or Throttling vulnerability in Juniper Networks Junos OS allows an unauthenticated network attacker to cause a partial Denial of Service (DoS) with a high rate of specific traffic. If a Class of Service (CoS) rule is attached to the service-set and a high rate of specific traffic is processed by this service-set, for some of the other traffic which has services applied and is being processed by this MS-MPC/MS-MIC drops will... • https://kb.juniper.net/JSA11231 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.8EPSS: 0%CPEs: 170EXPL: 0CVE-2021-31368 – Junos OS: EX2300 Series, EX3400 Series, and ACX710 might become unresponsive if the out-of-band management port receives a flood of traffic
https://notcve.org/view.php?id=CVE-2021-31368
19 Oct 2021 — An Uncontrolled Resource Consumption vulnerability in the kernel of Juniper Networks JUNOS OS allows an unauthenticated network based attacker to cause 100% CPU load and the device to become unresponsive by sending a flood of traffic to the out-of-band management ethernet port. Continued receipted of a flood will create a sustained Denial of Service (DoS) condition. Once the flood subsides the system will recover by itself. An indication that the system is affected by this issue would be that kernel and net... • https://kb.juniper.net/JSA11230 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.5EPSS: 0%CPEs: 115EXPL: 0CVE-2021-31367 – Junos OS: PTX Series: An FPC heap memory leak will be triggered by certain Flowspec route operations which can lead to an FPC crash
https://notcve.org/view.php?id=CVE-2021-31367
19 Oct 2021 — A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on PTX Series allows an adjacent attacker to cause a Denial of Service (DoS) by sending genuine BGP flowspec packets which cause an FPC heap memory leak. Once having run out of memory the FPC will crash and restart along with a core dump. Continued receipted of these packets will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos ... • https://kb.juniper.net/JSA11229 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 283EXPL: 0CVE-2021-31366 – Junos OS: MX Series: In subscriber management / BBE configuration authd can crash if a subscriber with a specific username tries to login leading to a DoS
https://notcve.org/view.php?id=CVE-2021-31366
19 Oct 2021 — An Unchecked Return Value vulnerability in the authd (authentication daemon) of Juniper Networks Junos OS on MX Series configured for subscriber management / BBE allows an adjacent attacker to cause a crash by sending a specific username. This impacts authentication, authorization, and accounting (AAA) services on the MX devices and leads to a Denial of Service (DoS) condition. Continued receipted of these PPP login request will create a sustained Denial of Service (DoS) condition. This issue affects: Junip... • https://kb.juniper.net/JSA11228 • CWE-252: Unchecked Return Value •
CVSS: 6.5EPSS: 0%CPEs: 532EXPL: 0CVE-2021-31365 – Junos OS: EX2300, EX3400 and EX4300 Series: An Aggregated Ethernet (AE) interface will go down due to a stream of specific layer 2 frames
https://notcve.org/view.php?id=CVE-2021-31365
19 Oct 2021 — An Uncontrolled Resource Consumption vulnerability in Juniper Networks Junos OS on EX2300, EX3400 and EX4300 Series platforms allows an adjacent attacker sending a stream of layer 2 frames will trigger an Aggregated Ethernet (AE) interface to go down and thereby causing a Denial of Service (DoS). By continuously sending a stream of specific layer 2 frames an attacker will sustain the Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS EX4300 Series All versions prior to 15.1R7-S... • https://kb.juniper.net/JSA11227 • CWE-400: Uncontrolled Resource Consumption •