Page 19 of 243 results (0.009 seconds)

CVSS: 7.5EPSS: 0%CPEs: 86EXPL: 0

An Uncontrolled Resource Consumption vulnerability in TCP processing on the Routing Engine (RE) of Juniper Networks Junos OS allows an unauthenticated network-based attacker to send crafted TCP packets destined to the device, resulting in an MBUF leak that ultimately leads to a Denial of Service (DoS). The system does not recover automatically and must be manually restarted to restore service. This issue occurs when crafted TCP packets are sent directly to a configured IPv4 or IPv6 interface on the device. Transit traffic will not trigger this issue. MBUF usage can be monitored through the use of the 'show system buffers' command. • https://kb.juniper.net/JSA70192 • CWE-400: Uncontrolled Resource Consumption •

CVSS: 6.5EPSS: 0%CPEs: 81EXPL: 0

An Improper Preservation of Consistency Between Independent Representations of Shared State vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS) to device due to out of resources. When a device is configured with "service-provider/SP style" switching, and mac-limiting is configured on an Aggregated Ethernet (ae) interface, and then a PFE is restarted or the device is rebooted, mac-limiting doesn't work anymore. Please note that the issue might not be apparent as traffic will continue to flow through the device although the mac table and respective logs will indicate that mac limit is reached. Functionality can be restored by removing and re-adding the MAC limit configuration. This issue affects Juniper Networks Junos OS on QFX5k Series, EX46xx Series: All versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S5; 20.4 versions prior to 20.4R3-S4; 21.1 versions prior to 21.1R3-S3; 21.2 versions prior to 21.2R3-S1; 21.3 versions prior to 21.3R3 on; 21.4 versions prior to 21.4R3 on; 22.1 versions prior to 22.1R2 on. • https://kb.juniper.net/JSA70201 • CWE-1250: Improper Preservation of Consistency Between Independent Representations of Shared State •

CVSS: 5.5EPSS: 0%CPEs: 193EXPL: 0

An Access of Uninitialized Pointer vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). When an MPLS ping is performed on BGP LSPs, the RPD might crash. Repeated execution of this operation will lead to a sustained DoS. This issue affects: Juniper Networks Junos OS: 15.1 versions prior to 15.1R7-S12; 19.1 versions prior to 19.1R3-S9; 19.2 versions prior to 19.2R1-S9, 19.2R3-S5; 19.3 versions prior to 19.3R3-S6; 19.4 versions prior to 19.4R2-S7, 19.4R3-S8; 20.1 versions prior to 20.1R3-S4; 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S5; 20.4 versions prior to 20.4R3-S4; 21.1 versions prior to 21.1R1-S1, 21.1R2; Juniper Networks Junos OS Evolved: All versions prior to 20.4R3-S4; 21.1 versions prior to 21.1R2-EVO. Una vulnerabilidad de acceso de puntero no inicializado en el demonio de protocolo de enrutamiento (rpd) de Juniper Networks Junos OS y Junos OS Evolved permite que un atacante autenticado localmente con privilegios bajos provoque una denegación de servicio (DoS). • https://kb.juniper.net/JSA70181 • CWE-824: Access of Uninitialized Pointer •

CVSS: 7.5EPSS: 0%CPEs: 142EXPL: 0

An Out-of-Bounds Write vulnerability in Flow Processing Daemon (flowd) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service (DoS). On SRX Series devices using Unified Policies with IPv6, when a specific IPv6 packet goes through a dynamic-application filter which will generate an ICMP deny message, the flowd core is observed and the PFE is restarted. This issue affects: Juniper Networks Junos OS on SRX Series: 19.2 versions prior to 19.2R3-S6; 19.3 versions prior to 19.3R3-S6; 19.4 versions prior to 19.4R3-S9; 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S4; 20.4 versions prior to 20.4R3-S3; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R3; 21.3 versions prior to 21.3R2; 21.4 versions prior to 21.4R2. Una vulnerabilidad de escritura fuera de los límites en el Flow Processing Daemon (flowd) de Juniper Networks Junos OS permite que un atacante no autenticado basado en la red provoque una denegación de servicio (DoS). En los dispositivos de la serie SRX que utilizan políticas unificadas con IPv6, cuando un paquete IPv6 específico pasa por un filtro de aplicación dinámica que generará un mensaje de denegación de ICMP, se observa el núcleo fluido y se reinicia el PFE. • https://kb.juniper.net/JSA70207 • CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

On cSRX Series devices software permission issues in the container filesystem and stored files combined with storing passwords in a recoverable format in Juniper Networks Junos OS allows a local, low-privileged attacker to elevate their permissions to take control of any instance of a cSRX software deployment. This issue affects Juniper Networks Junos OS 20.2 version 20.2R1 and later versions prior to 21.2R1 on cSRX Series. En los dispositivos cSRX Series, los problemas de permisos de software en el sistema de archivos del contenedor y los archivos almacenados, combinados con el almacenamiento de contraseñas en un formato recuperable en Junos OS de Juniper Networks, permiten a un atacante local poco privilegiado elevar sus permisos para tomar el control de cualquier instancia de una implementación de software cSRX. Este problema afecta a Juniper Networks Junos OS 20.2 versión 20.2R1 y versiones posteriores anteriores a 21.2R1 en cSRX Series • https://kb.juniper.net/JSA69908 • CWE-257: Storing Passwords in a Recoverable Format CWE-275: Permission Issues CWE-522: Insufficiently Protected Credentials •