CVE-2023-22407 – Junos OS and Junos OS Evolved: An RPD crash can happen due to an MPLS TE tunnel configuration change on a directly connected router
https://notcve.org/view.php?id=CVE-2023-22407
An Incomplete Cleanup vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS). An rpd crash can occur when an MPLS TE tunnel configuration change occurs on a directly connected router. This issue affects: Juniper Networks Junos OS All versions prior to 18.4R2-S7; 19.1 versions prior to 19.1R3-S2; 19.2 versions prior to 19.2R3; 19.3 versions prior to 19.3R3; 19.4 versions prior to 19.4R3; 20.1 versions prior to 20.1R2; 20.2 versions prior to 20.2R2. Juniper Networks Junos OS Evolved All versions prior to 19.2R3-EVO; 19.3 versions prior to 19.3R3-EVO; 19.4 versions prior to 19.4R3-EVO; 20.1 versions prior to 20.1R3-EVO; 20.2 versions prior to 20.2R2-EVO. Una vulnerabilidad de limpieza incompleta en el Routing Protocol Daemon (rpd) de Juniper Networks Junos OS y Junos OS Evolved permite que un atacante adyacente no autenticado provoque una denegación de servicio (DoS). • https://kb.juniper.net/JSA70203 • CWE-459: Incomplete Cleanup •
CVE-2023-22398 – Junos OS and Junos OS Evolved: RPD might crash when MPLS ping is performed on BGP LSPs
https://notcve.org/view.php?id=CVE-2023-22398
An Access of Uninitialized Pointer vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). When an MPLS ping is performed on BGP LSPs, the RPD might crash. Repeated execution of this operation will lead to a sustained DoS. This issue affects: Juniper Networks Junos OS: 15.1 versions prior to 15.1R7-S12; 19.1 versions prior to 19.1R3-S9; 19.2 versions prior to 19.2R1-S9, 19.2R3-S5; 19.3 versions prior to 19.3R3-S6; 19.4 versions prior to 19.4R2-S7, 19.4R3-S8; 20.1 versions prior to 20.1R3-S4; 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S5; 20.4 versions prior to 20.4R3-S4; 21.1 versions prior to 21.1R1-S1, 21.1R2; Juniper Networks Junos OS Evolved: All versions prior to 20.4R3-S4; 21.1 versions prior to 21.1R2-EVO. Una vulnerabilidad de acceso de puntero no inicializado en el demonio de protocolo de enrutamiento (rpd) de Juniper Networks Junos OS y Junos OS Evolved permite que un atacante autenticado localmente con privilegios bajos provoque una denegación de servicio (DoS). • https://kb.juniper.net/JSA70181 • CWE-824: Access of Uninitialized Pointer •
CVE-2022-22250 – Junos OS and Junos OS Evolved: An FPC crash might be seen due to an EVPN MAC entry moving from local to remote
https://notcve.org/view.php?id=CVE-2022-22250
An Improper Control of a Resource Through its Lifetime vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS and Junos OS Evolved allows unauthenticated adjacent attacker to cause a Denial of Service (DoS). In an EVPN-MPLS scenario, if MAC is learned locally on an access interface but later a request to delete is received indicating that the MAC was learnt remotely, this can lead to memory corruption which can result in line card crash and reload. This issue affects: Juniper Networks Junos OS All versions 17.3R1 and later versions prior to 19.2R3-S5; 19.3 versions prior to 19.3R3-S5; 19.4 versions prior to 19.4R2-S6, 19.4R3-S8; 20.1 version 20.1R1 and later versions; 20.2 versions prior to 20.2R3-S4; 20.3 versions prior to 20.3R3-S3; 20.4 versions prior to 20.4R3-S3; 21.1 versions prior to 21.1R3-S1; 21.2 versions prior to 21.2R3; 21.3 versions prior to 21.3R2; 21.4 versions prior to 21.4R1-S1, 21.4R2. Juniper Networks Junos OS Evolved All versions prior to 20.4R3-S3-EVO; 21.1-EVO version 21.1R1-EVO and later versions; 21.2-EVO versions prior to 21.2R3-EVO; 21.3-EVO versions prior to 21.3R2-EVO; 21.4-EVO versions prior to 21.4R1-S1-EVO, 21.4R2-EVO. This issue does not affect Juniper Networks Junos OS versions prior to 17.3R1. • https://kb.juniper.net/JSA69907 • CWE-664: Improper Control of a Resource Through its Lifetime •
CVE-2022-22248 – Junos OS Evolved: Incorrect file permissions can allow low-privileged user to cause another user to execute arbitrary commands
https://notcve.org/view.php?id=CVE-2022-22248
An Incorrect Permission Assignment vulnerability in shell processing of Juniper Networks Junos OS Evolved allows a low-privileged local user to modify the contents of a configuration file which could cause another user to execute arbitrary commands within the context of the follow-on user's session. If the follow-on user is a high-privileged administrator, the attacker could leverage this vulnerability to take complete control of the target system. While this issue is triggered by a user, other than the attacker, accessing the Junos shell, an attacker simply requires Junos CLI access to exploit this vulnerability. This issue affects Juniper Networks Junos OS Evolved: 20.4-EVO versions prior to 20.4R3-S1-EVO; All versions of 21.1-EVO; 21.2-EVO versions prior to 21.2R3-EVO; 21.3-EVO versions prior to 21.3R2-EVO. This issue does not affect Juniper Networks Junos OS Evolved versions prior to 19.2R1-EVO. • https://kb.juniper.net/JSA69905 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2022-22247 – Junos OS Evolved: Kernel processing of unvalidated TCP segments could lead to a Denial of Service (DoS)
https://notcve.org/view.php?id=CVE-2022-22247
An Improper Input Validation vulnerability in ingress TCP segment processing of Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker to send a crafted TCP segment to the device, triggering a kernel panic, leading to a Denial of Service (DoS) condition. Continued receipt and processing of this TCP segment could create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS Evolved: 21.3 versions prior to 21.3R3-EVO; 21.4 versions prior to 21.4R2-EVO; 22.1 versions prior to 22.1R2-EVO. This issue does not affect Juniper Networks Junos OS Evolved versions prior to 21.3R1-EVO. Una vulnerabilidad de Comprobación de Entrada Inapropiada en el procesamiento de segmentos TCP de entrada de Juniper Networks Junos OS Evolved permite a un atacante no autenticado basado en la red enviar un segmento TCP diseñado al dispositivo, desencadenando un pánico del núcleo, conllevando a una condición de Denegación de Servicio (DoS). • https://kb.juniper.net/JSA69904 • CWE-20: Improper Input Validation •