CVSS: 7.5EPSS: 0%CPEs: 181EXPL: 0CVE-2022-22185 – Junos OS: SRX Series: Denial of service vulnerability in flowd daemon upon receipt of a specific fragmented packet
https://notcve.org/view.php?id=CVE-2022-22185
14 Apr 2022 — A vulnerability in Juniper Networks Junos OS on SRX Series, allows a network-based unauthenticated attacker to cause a Denial of Service (DoS) by sending a specific fragmented packet to the device, resulting in a flowd process crash, which is responsible for packet forwarding. Continued receipt and processing of this specific packet will create a sustained DoS condition. This issue only affects SRX Series when 'preserve-incoming-fragment-size' feature is enabled. This issue affects Juniper Networks Junos OS... • https://kb.juniper.net/JSA69493 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2022-22183 – Junos OS Evolved: A remote attacker may cause a CPU Denial of Service by sending genuine traffic to a device on a specific IPv4 port.
https://notcve.org/view.php?id=CVE-2022-22183
14 Apr 2022 — An Improper Access Control vulnerability in Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker who is able to connect to a specific open IPv4 port, which in affected releases should otherwise be unreachable, to cause the CPU to consume all resources as more traffic is sent to the port to create a Denial of Service (DoS) condition. Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Ju... • https://kb.juniper.net/JSA69516 • CWE-16: Configuration CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-284: Improper Access Control •
CVSS: 8.8EPSS: 0%CPEs: 213EXPL: 0CVE-2022-22182 – Junos OS: A XSS vulnerability allows an attacker to execute commands on a target J-Web session
https://notcve.org/view.php?id=CVE-2022-22182
14 Apr 2022 — A Cross-site Scripting (XSS) vulnerability in Juniper Networks Junos OS J-Web allows an attacker to construct a URL that when visited by another user enables the attacker to execute commands with the target's permissions, including an administrator. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S19; 15.1 versions prior to 15.1R7-S10; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R2-S10, 18.4R3-S9; 19.1 versions prior to 19.1R2-S3, 19.1R3-S6; 19.2 versions prior ... • https://kb.juniper.net/JSA69519 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.0EPSS: 0%CPEs: 142EXPL: 0CVE-2022-22181 – Junos OS: J-Web can be compromised through reflected XSS attacks
https://notcve.org/view.php?id=CVE-2022-22181
14 Apr 2022 — A reflected Cross-site Scripting (XSS) vulnerability in J-Web of Juniper Networks Junos OS allows a network-based authenticated attacker to run malicious scripts reflected off J-Web to the victim's browser in the context of their session within J-Web. This may allow the attacker to gain control of the device or attack other authenticated user sessions. This issue affects: Juniper Networks Junos OS All versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R3-S9; 19.1 versions prior to 19.1R3-S6; 19.2 versi... • https://kb.juniper.net/JSA69517 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 166EXPL: 0CVE-2021-25220 – DNS forwarders - cache poisoning vulnerability
https://notcve.org/view.php?id=CVE-2021-25220
17 Mar 2022 — BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL. The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. BIND versiones 9.11... • https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 7.5EPSS: 0%CPEs: 138EXPL: 0CVE-2022-22180 – Junos OS: EX2300 Series, EX2300-MP Series, EX3400 Series: A slow memory leak due to processing of specific IPv6 packets
https://notcve.org/view.php?id=CVE-2022-22180
19 Jan 2022 — An Improper Check for Unusual or Exceptional Conditions vulnerability in the processing of specific IPv6 packets on certain EX Series devices may lead to exhaustion of DMA memory causing a Denial of Service (DoS). Over time, exploitation of this vulnerability may cause traffic to stop being forwarded, or a crash of the fxpc process. An indication of the issue occurring may be observed through the following log messages: Sep 13 17:14:59 hostname : %PFE-3: fpc0 (buf alloc) failed allocating packet buffer Sep ... • https://kb.juniper.net/JSA11286 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 6.5EPSS: 0%CPEs: 222EXPL: 0CVE-2022-22179 – Junos OS: jdhcpd crashes upon receiving a specific DHCP packet
https://notcve.org/view.php?id=CVE-2022-22179
19 Jan 2022 — A Improper Validation of Specified Index, Position, or Offset in Input vulnerability in the Juniper DHCP daemon (jdhcpd) of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to cause a crash of jdhcpd and thereby a Denial of Service (DoS). In a scenario where DHCP relay or local server is configured the problem can be triggered if a DHCPv4 packet with specific options is received leading to a corruption of the options read from the packet. This corruption can then lead to jdhcpd crash an... • https://kb.juniper.net/JSA11285 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 57EXPL: 0CVE-2022-22178 – Junos OS: MX and SRX series: Flowd core observed if the SIP ALG is enabled and a specific Session Initiation Protocol (SIP) packet is received
https://notcve.org/view.php?id=CVE-2022-22178
19 Jan 2022 — A Stack-based Buffer Overflow vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on MX Series and SRX series allows an unauthenticated networked attacker to cause a flowd crash and thereby a Denial of Service (DoS). Continued receipt of these specific packets will cause a sustained Denial of Service condition. This issue can be triggered by a specific Session Initiation Protocol (SIP) invite packet if the SIP ALG is enabled. Due to this, the PIC will be rebooted and all traffic... • https://kb.juniper.net/JSA11284 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.5EPSS: 0%CPEs: 236EXPL: 0CVE-2022-22177 – Junos OS and Junos OS Evolved: After receiving a specific number of crafted packets snmpd will segmentation fault (SIGSEGV) requiring a manual restart.
https://notcve.org/view.php?id=CVE-2022-22177
19 Jan 2022 — A release of illegal memory vulnerability in the snmpd daemon of Juniper Networks Junos OS, Junos OS Evolved allows an attacker to halt the snmpd daemon causing a sustained Denial of Service (DoS) to the service until it is manually restarted. This issue impacts any version of SNMP – v1,v2, v3 This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S20; 15.1 versions prior to 15.1R7-S11; 18.3 versions prior to 18.3R3-S6; 18.4 versions prior to 18.4R2-S9, 18.4R3-S10; 19.1 versions prior ... • https://kb.juniper.net/JSA11283 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.4EPSS: 0%CPEs: 320EXPL: 0CVE-2022-22176 – Junos OS: In a scenario with dhcp-security and option-82 configured jdhcpd crashes upon receipt of a malformed DHCP packet
https://notcve.org/view.php?id=CVE-2022-22176
19 Jan 2022 — An Improper Validation of Syntactic Correctness of Input vulnerability in the Juniper DHCP daemon (jdhcpd) of Juniper Networks Junos OS allows an adjacent unauthenticated attacker sending a malformed DHCP packet to cause a crash of jdhcpd and thereby a Denial of Service (DoS). If option-82 is configured in a DHCP snooping / -security scenario, jdhcpd crashes if a specific malformed DHCP request packet is received. The DHCP functionality is impacted while jdhcpd restarts, and continued exploitation of the vu... • https://kb.juniper.net/JSA11282 • CWE-20: Improper Input Validation CWE-1286: Improper Validation of Syntactic Correctness of Input •