Page 14 of 80 results (0.007 seconds)

CVSS: 8.8EPSS: 0%CPEs: 102EXPL: 0

An Unchecked Return Value vulnerability in the user interfaces to the Juniper Networks Junos OS and Junos OS Evolved, the CLI, the XML API, the XML Management Protocol, the NETCONF Management Protocol, the gNMI interfaces, and the J-Web User Interfaces causes unintended effects such as demotion or elevation of privileges associated with an operators actions to occur. Multiple scenarios may occur; for example: privilege escalation over the device or another account, access to files that should not otherwise be accessible, files not being accessible where they should be accessible, code expected to run as non-root may run as root, and so forth. This issue affects: Juniper Networks Junos OS * All versions prior to 20.4R3-S7; * 21.1 versions prior to 21.1R3-S5; * 21.2 versions prior to 21.2R3-S5; * 21.3 versions prior to 21.3R3-S4; * 21.4 versions prior to 21.4R3-S3; * 22.1 versions prior to 22.1R3-S2; * 22.2 versions prior to 22.2R2-S2, 22.2R3; * 22.3 versions prior to 22.3R1-S2, 22.3R2. Juniper Networks Junos OS Evolved * All versions prior to 21.4R3-S3-EVO; * 22.1-EVO version 22.1R1-EVO and later versions prior to 22.2R2-S2-EVO, 22.2R3-EVO; * 22.3-EVO versions prior to 22.3R1-S2-EVO, 22.3R2-EVO. Una vulnerabilidad de valor de retorno no verificado en las interfaces de usuario de Juniper Networks Junos OS y Junos OS Evolved, el CLI, la API XML, el protocolo de administración XML, el protocolo de administración NETCONF, las interfaces gNMI y las interfaces de usuario J-Web provoca causas no deseadas. Se producirán efectos tales como degradación o elevación de privilegios asociados con las acciones de un operador. Pueden ocurrir múltiples escenarios; por ejemplo: escalada de privilegios sobre el dispositivo u otra cuenta, acceso a archivos que de otro modo no deberían ser accesibles, archivos que no son accesibles donde deberían serlo, código que se espera que se ejecute como no root puede ejecutarse como root, etc. Este problema afecta a: Juniper Networks Junos OS * Todas las versiones anteriores a 20.4R3-S7; * Versiones 21.1 anteriores a 21.1R3-S5; * Versiones 21.2 anteriores a 21.2R3-S5; * Versiones 21.3 anteriores a 21.3R3-S4; * Versiones 21.4 anteriores a 21.4R3-S3; * Versiones 22.1 anteriores a 22.1R3-S2; * Versiones 22.2 anteriores a 22.2R2-S2, 22.2R3; * Versiones 22.3 anteriores a 22.3R1-S2, 22.3R2. • https://supportportal.juniper.net/JSA73149 https://www.juniper.net/documentation/en_US/junos/topics/concept/junos-software-user-interfaces-overview.html https://www.juniper.net/documentation/us/en/software/junos/interfaces-telemetry/topics/concept/junos-telemetry-interface-grpc-sensors.html • CWE-252: Unchecked Return Value •

CVSS: 5.5EPSS: 0%CPEs: 151EXPL: 0

A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos OS allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Repeated actions by the attacker will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks: Junos OS * All versions prior to 19.1R3-S10; * 19.2 versions prior to 19.2R3-S7; * 19.3 versions prior to 19.3R3-S8; * 19.4 versions prior to 19.4R3-S12; * 20.2 versions prior to 20.2R3-S8; * 20.4 versions prior to 20.4R3-S8; * 21.2 versions prior to 21.2R3-S6; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S5; * 22.1 versions prior to 22.1R3-S3; * 22.2 versions prior to 22.2R3-S2; * 22.3 versions prior to 22.3R3-S1; * 22.4 versions prior to 22.4R2-S1; * 23.2 versions prior to 23.2R2. Una vulnerabilidad de desbordamiento de búfer en el comando CLI de Juniper Networks Junos OS permite a un atacante con pocos privilegios ejecutar comandos CLI específicos que conducen a una Denegación de Servicio. Las acciones repetidas del atacante crearán una condición sostenida de Denegación de Servicio (DoS). Este problema afecta a Juniper Networks: Junos OS * Todas las versiones anteriores a 19.1R3-S10; * Versiones 19.2 anteriores a 19.2R3-S7; * Versiones 19.3 anteriores a 19.3R3-S8; * Versiones 19.4 anteriores a 19.4R3-S12; * Versiones 20.2 anteriores a 20.2R3-S8; * Versiones 20.4 anteriores a 20.4R3-S8; * Versiones 21.2 anteriores a 21.2R3-S6; * Versiones 21.3 anteriores a 21.3R3-S5; * Versiones 21.4 anteriores a 21.4R3-S5; * Versiones 22.1 anteriores a 22.1R3-S3; * Versiones 22.2 anteriores a 22.2R3-S2; * Versiones 22.3 anteriores a 22.3R3-S1; * Versiones 22.4 anteriores a 22.4R2-S1; * Versiones 23.2 anteriores a 23.2R2. • https://supportportal.juniper.net/JSA73140 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 5.5EPSS: 0%CPEs: 150EXPL: 0

A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos OS allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Repeated actions by the attacker will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks: Junos OS: * All versions prior to 20.4R3-S8; * 21.2 versions prior to 21.2R3-S6; * 21.3 versions prior to 21.3R3-S5; * 22.1 versions prior to 22.1R3-S3; * 22.3 versions prior to 22.3R3; * 22.4 versions prior to 22.4R3. Una vulnerabilidad de desbordamiento de búfer en el comando CLI de Juniper Networks Junos OS permite a un atacante con pocos privilegios ejecutar comandos CLI específicos que conducen a una Denegación de Servicio. Las acciones repetidas del atacante crearán una condición sostenida de Denegación de Servicio (DoS). Este problema afecta a Juniper Networks: Junos OS: * Todas las versiones anteriores a 20.4R3-S8; * Versiones 21.2 anteriores a 21.2R3-S6; * Versiones 21.3 anteriores a 21.3R3-S5; * Versiones 22.1 anteriores a 22.1R3-S3; * Versiones 22.3 anteriores a 22.3R3; * Versiones 22.4 anteriores a 22.4R3. • https://supportportal.juniper.net/JSA73140 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 5.5EPSS: 0%CPEs: 151EXPL: 0

A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos and Junos EVO allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Repeated actions by the attacker will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks: Junos OS: * All versions prior to 19.1R3-S10; * 19.2 versions prior to 19.2R3-S7; * 19.3 versions prior to 19.3R3-S8; * 19.4 versions prior to 19.4R3-S12; * 20.2 versions prior to 20.2R3-S8; * 20.4 versions prior to 20.4R3-S8; * 21.2 versions prior to 21.2R3-S6; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S4; * 22.1 versions prior to 22.1R3-S3; * 22.2 versions prior to 22.2R3-S1; * 22.3 versions prior to 22.3R3; * 22.4 versions prior to 22.4R2. Junos OS Evolved: * All versions prior to 20.4R3-S8-EVO; * 21.2 versions prior to 21.2R3-S6-EVO; * 21.3 versions prior to 21.3R3-S5-EVO; * 21.4 versions prior to 21.4R3-S4-EVO; * 22.1 versions prior to 22.1R3-S3-EVO; * 22.2 versions prior to 22.2R3-S1-EVO; * 22.3 versions prior to 22.3R3-EVO; * 22.4 versions prior to 22.4R2-EVO. Una vulnerabilidad de desbordamiento de búfer en el comando CLI de Juniper Networks Junos y Junos EVO permite a un atacante con pocos privilegios ejecutar comandos CLI específicos que conducen a una Denegación de Servicio. Las acciones repetidas del atacante crearán una condición sostenida de Denegación de Servicio (DoS). Este problema afecta a Juniper Networks: Junos OS: * Todas las versiones anteriores a 19.1R3-S10; * Versiones 19.2 anteriores a 19.2R3-S7; * Versiones 19.3 anteriores a 19.3R3-S8; * Versiones 19.4 anteriores a 19.4R3-S12; * Versiones 20.2 anteriores a 20.2R3-S8; * Versiones 20.4 anteriores a 20.4R3-S8; * Versiones 21.2 anteriores a 21.2R3-S6; * Versiones 21.3 anteriores a 21.3R3-S5; * Versiones 21.4 anteriores a 21.4R3-S4; * Versiones 22.1 anteriores a 22.1R3-S3; * Versiones 22.2 anteriores a 22.2R3-S1; * Versiones 22.3 anteriores a 22.3R3; * Versiones 22.4 anteriores a 22.4R2. Junos OS Evolved: * Todas las versiones anteriores a 20.4R3-S8-EVO; * Versiones 21.2 anteriores a 21.2R3-S6-EVO; * Versiones 21.3 anteriores a 21.3R3-S5-EVO; * Versiones 21.4 anteriores a 21.4R3-S4-EVO; * Versiones 22.1 anteriores a 22.1R3-S3-EVO; * Versiones 22.2 anteriores a 22.2R3-S1-EVO; * Versiones 22.3 anteriores a 22.3R3-EVO; * Versiones 22.4 anteriores a 22.4R2-EVO. • https://supportportal.juniper.net/JSA73140 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 7.5EPSS: 0%CPEs: 85EXPL: 0

A Reachable Assertion vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows to send specific genuine PIM packets to the device resulting in rpd to crash causing a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. Note: This issue is not noticed when all the devices in the network are Juniper devices. This issue affects Juniper Networks: Junos OS: * All versions prior to 20.4R3-S7; * 21.2 versions prior to 21.2R3-S5; * 21.3 versions prior to 21.3R3-S4; * 21.4 versions prior to 21.4R3-S4; * 22.1 versions prior to 22.1R3-S4; * 22.2 versions prior to 22.2R3; * 22.3 versions prior to 22.3R3; * 22.4 versions prior to 22.4R3. Junos OS Evolved: * All versions prior to 22.3R3-EVO; * 22.4-EVO versions prior to 22.4R3-EVO; * 23.2-EVO versions prior to 23.2R1-EVO. Una vulnerabilidad de aserción accesible en Routing Protocol Daemon (rpd) de Juniper Networks Junos OS y Junos OS Evolved permite enviar paquetes PIM genuinos específicos al dispositivo, lo que provoca que rpd falle y provoque una Denegación de Servicio (DoS). La recepción y procesamiento continuo de este paquete creará una condición sostenida de Denegación de Servicio (DoS). Nota: Este problema no se detecta cuando todos los dispositivos de la red son dispositivos Juniper. Este problema afecta a Juniper Networks: Junos OS: * Todas las versiones anteriores a 20.4R3-S7; * Versiones 21.2 anteriores a 21.2R3-S5; * Versiones 21.3 anteriores a 21.3R3-S4; * Versiones 21.4 anteriores a 21.4R3-S4; * Versiones 22.1 anteriores a 22.1R3-S4; * Versiones 22.2 anteriores a 22.2R3; * Versiones 22.3 anteriores a 22.3R3; * Versiones 22.4 anteriores a 22.4R3. • https://supportportal.juniper.net/JSA73141 • CWE-617: Reachable Assertion •