Page 15 of 163 results (0.003 seconds)

CVSS: 5.5EPSS: 0%CPEs: 184EXPL: 0

An Improper Preservation of Consistency Between Independent Representations of Shared State vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). If the device is very busy for example while executing a series of show commands on the CLI one or more SFPs might not be detected anymore. The system then changes its state to "unplugged" which is leading to traffic impact and at least a partial DoS. Once the system is less busy the port states return to their actual value. Indicators of compromise are log messages about unplugged SFPs and corresponding syspld messages without any physical or environmental cause. • https://kb.juniper.net/JSA69890 • CWE-1250: Improper Preservation of Consistency Between Independent Representations of Shared State •

CVSS: 6.5EPSS: 0%CPEs: 125EXPL: 0

An Improper Check or Handling of Exceptional Conditions vulnerability in the processing of a malformed OSPF TLV in Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause the periodic packet management daemon (PPMD) process to go into an infinite loop, which in turn can cause protocols and functions reliant on PPMD such as OSPF neighbor reachability to be impacted, resulting in a sustained Denial of Service (DoS) condition. The DoS condition persists until the PPMD process is manually restarted. This issue affects: Juniper Networks Junos OS: All versions prior to 19.1R3-S9; 19.2 versions prior to 19.2R3-S5; 19.3 versions prior to 19.3R3-S3; 19.4 versions prior to 19.4R3-S9; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R3-S1; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2. Juniper Networks Junos OS Evolved: All versions prior to 20.4R3-S3-EVO; 21.1 versions prior to 21.1R2-EVO. Una vulnerabilidad de comprobación o administración inapropiada de condiciones excepcionales en el procesamiento de un TLV OSPF malformado en Juniper Networks Junos OS y Junos OS Evolved permite a un atacante adyacente no autenticado causar que el proceso del demonio de administración de paquetes periódicos (PPMD) entre en un bucle infinito, lo que a su vez puede causar que los protocolos y las funciones que dependen de PPMD, como la accesibilidad de los vecinos de OSPF, estén afectados, resultando en una condición de Denegación de Servicio (DoS) sostenida. • https://kb.juniper.net/JSA69874 • CWE-703: Improper Check or Handling of Exceptional Conditions •

CVSS: 7.5EPSS: 0%CPEs: 225EXPL: 1

On QFX10000 Series devices using Juniper Networks Junos OS when configured as transit IP/MPLS penultimate hop popping (PHP) nodes with link aggregation group (LAG) interfaces, an Improper Validation of Specified Index, Position, or Offset in Input weakness allows an attacker sending certain IP packets to cause multiple interfaces in the LAG to detach causing a Denial of Service (DoS) condition. Continued receipt and processing of these packets will sustain the Denial of Service. This issue affects IPv4 and IPv6 packets. Packets of either type can cause and sustain the DoS event. These packets can be destined to the device or be transit packets. • https://kb.juniper.net/JSA69873 • CWE-20: Improper Input Validation CWE-1285: Improper Validation of Specified Index, Position, or Offset in Input •

CVSS: 5.9EPSS: 0%CPEs: 92EXPL: 0

A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Routing Protocol Daemon (rpd) of Juniper Networks Junos OS, Junos OS Evolved allows a network-based unauthenticated attacker to cause a Denial of Service (DoS). When a BGP flow route with redirect IP extended community is received, and the reachability to the next-hop of the corresponding redirect IP is flapping, the rpd process might crash. Whether the crash occurs depends on the timing of the internally processing of these two events and is outside the attackers control. Please note that this issue also affects Route-Reflectors unless 'routing-options flow firewall-install-disable' is configured. This issue affects: Juniper Networks Junos OS: 18.4 versions prior to 18.4R2-S10, 18.4R3-S10; 19.1 versions prior to 19.1R3-S7; 19.2 versions prior to 19.2R1-S8, 19.2R3-S4; 19.4 versions prior to 19.4R3-S8; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S2; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2. • https://kb.juniper.net/JSA69902 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •

CVSS: 7.5EPSS: 0%CPEs: 164EXPL: 0

On SRX Series devices, an Improper Check for Unusual or Exceptional Conditions when using Certificate Management Protocol Version 2 (CMPv2) auto re-enrollment, allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS) by crashing the pkid process. The pkid process cannot handle an unexpected response from the Certificate Authority (CA) server, leading to crash. A restart is required to restore services. This issue affects: Juniper Networks Junos OS on SRX Series: All versions prior to 19.1R3-S9; 19.2 versions prior to 19.2R3-S6; 19.3 versions prior to 19.3R3-S7; 19.4 versions prior to 19.4R3-S9; 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S4; 20.4 versions prior to 20.4R3-S4; 21.1 versions prior to 21.1R3-S1; 21.2 versions prior to 21.2R3; 21.3 versions prior to 21.3R2; 21.4 versions prior to 21.4R2. En los dispositivos de la serie SRX, una comprobación inadecuada de condiciones inusuales o excepcionales cuando se utiliza la reinscripción automática del Protocolo de gestión de certificados versión 2 (CMPv2), permite que un atacante no autenticado basado en la red provoque una denegación de servicio (DoS) al bloquear el proceso pkid. • https://kb.juniper.net/JSA69901 • CWE-754: Improper Check for Unusual or Exceptional Conditions •