CVSS: 7.8EPSS: 0%CPEs: 71EXPL: 0CVE-2023-44199 – Junos OS: MX Series: In a PTP scenario a prolonged routing protocol churn can trigger an FPC reboot
https://notcve.org/view.php?id=CVE-2023-44199
12 Oct 2023 — An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). On Junos MX Series platforms with Precision Time Protocol (PTP) configured, a prolonged routing protocol churn can lead to an FPC crash and restart. This issue affects Juniper Networks Junos OS on MX Series: * All versions prior to 20.4R3-S4; * 21.1 version 21.1R1 and later ve... • https://supportportal.juniper.net/JSA73165 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 7.8EPSS: 0%CPEs: 98EXPL: 0CVE-2023-44198 – Junos OS: SRX Series and MX Series: SIP ALG doesn't drop specifically malformed retransmitted SIP packets
https://notcve.org/view.php?id=CVE-2023-44198
12 Oct 2023 — An Improper Check for Unusual or Exceptional Conditions vulnerability in the SIP ALG of Juniper Networks Junos OS on SRX Series and MX Series allows an unauthenticated network-based attacker to cause an integrity impact in connected networks. If the SIP ALG is configured and a device receives a specifically malformed SIP packet, the device prevents this packet from being forwarded, but any subsequently received retransmissions of the same packet are forwarded as if they were valid. This issue affects Junipe... • https://supportportal.juniper.net/JSA73164 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 7.8EPSS: 0%CPEs: 110EXPL: 0CVE-2023-44197 – Junos OS and Junos OS Evolved: An rpd crash may occur when BGP is processing newly learned routes
https://notcve.org/view.php?id=CVE-2023-44197
12 Oct 2023 — An Out-of-Bounds Write vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). On all Junos OS and Junos OS Evolved devices an rpd crash and restart can occur while processing BGP route updates received over an established BGP session. This specific issue is observed for BGP routes learned via a peer which is configured with a BGP import policy that has hundreds of terms matchin... • https://supportportal.juniper.net/JSA73163 • CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 50EXPL: 0CVE-2023-44194 – Junos OS: An unauthenticated attacker with local access to the device can create a backdoor with root privileges
https://notcve.org/view.php?id=CVE-2023-44194
12 Oct 2023 — An Incorrect Default Permissions vulnerability in Juniper Networks Junos OS allows an unauthenticated attacker with local access to the device to create a backdoor with root privileges. The issue is caused by improper directory permissions on a certain system directory, allowing an attacker with access to this directory to create a backdoor with root privileges. This issue affects Juniper Networks Junos OS: * All versions prior to 20.4R3-S5; * 21.1 versions prior to 21.1R3-S4; * 21.2 versions prior to 21.2R... • https://supportportal.juniper.net/JSA73158 • CWE-276: Incorrect Default Permissions •
CVSS: 5.5EPSS: 0%CPEs: 81EXPL: 0CVE-2023-44193 – Junos OS: MX Series: An FPC crash is observed when CFM is enabled in a VPLS scenario and a specific LDP related command is run
https://notcve.org/view.php?id=CVE-2023-44193
12 Oct 2023 — An Improper Release of Memory Before Removing Last Reference vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows a local, low privileged attacker to cause an FPC crash, leading to Denial of Service (DoS). On all Junos MX Series with MPC1 - MPC9, LC480, LC2101, MX10003, and MX80, when Connectivity-Fault-Management (CFM) is enabled in a VPLS scenario, and a specific LDP related command is run, an FPC will crash and reboot. Continued execution of this specific LDP command can le... • https://supportportal.juniper.net/JSA73157 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 86EXPL: 0CVE-2023-44192 – Junos OS: QFX5000 Series: DMA memory leak is observed when specific DHCP packets are transmitted over pseudo-VTEP
https://notcve.org/view.php?id=CVE-2023-44192
12 Oct 2023 — An Improper Input Validation vulnerability in the Packet Forwarding Engine of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause memory leak, leading to Denial of Service (DoS). On all Junos OS QFX5000 Series platforms, when pseudo-VTEP (Virtual Tunnel End Point) is configured under EVPN-VXLAN scenario, and specific DHCP packets are transmitted, DMA memory leak is observed. Continuous receipt of these specific DHCP packets will cause memory leak to reach 99% and then cause ... • https://supportportal.juniper.net/JSA73156 • CWE-20: Improper Input Validation CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 129EXPL: 0CVE-2023-44185 – Junos OS and Junos OS Evolved: In an BGP scenario RPD crashes upon receiving and processing a specific malformed ISO VPN BGP UPDATE packet
https://notcve.org/view.php?id=CVE-2023-44185
12 Oct 2023 — An Improper Input Validation vulnerability in the routing protocol daemon (rpd) of Juniper Networks allows an attacker to cause a Denial of Service (DoS )to the device upon receiving and processing a specific malformed ISO VPN BGP UPDATE packet. Continued receipt of this packet will cause a sustained Denial of Service condition. This issue affects: * Juniper Networks Junos OS: * All versions prior to 20.4R3-S6; * 21.1 versions prior to 21.1R3-S5; * 21.2 versions prior to 21.2R3-S4; * 21.3 versions prior to ... • https://supportportal.juniper.net/JSA73146 • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 109EXPL: 0CVE-2023-44184 – Junos OS and Junos OS Evolved: High CPU load due to specific NETCONF command
https://notcve.org/view.php?id=CVE-2023-44184
12 Oct 2023 — An Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in the management daemon (mgd) process of Juniper Networks Junos OS and Junos OS Evolved allows a network-based authenticated low-privileged attacker, by executing a specific command via NETCONF, to cause a CPU Denial of Service to the device's control plane. This issue affects: Juniper Networks Junos OS * All versions prior to 20.4R3-S7; * 21.2 versions prior to 21.2R3-S5; * 21.3 versions prior to 21.3R3-S5; * 21.4 ver... • https://supportportal.juniper.net/JSA73147 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 250EXPL: 0CVE-2023-44183 – Junos OS: QFX5000 Series, EX4600 Series: In a VxLAN scenario an adjacent attacker within the VxLAN sending genuine packets may cause a DMA memory leak to occur.
https://notcve.org/view.php?id=CVE-2023-44183
12 Oct 2023 — An Improper Input Validation vulnerability in the VxLAN packet forwarding engine (PFE) of Juniper Networks Junos OS on QFX5000 Series, EX4600 Series devices allows an unauthenticated, adjacent attacker, sending two or more genuine packets in the same VxLAN topology to possibly cause a DMA memory leak to occur under various specific operational conditions. The scenario described here is the worst-case scenario. There are other scenarios that require operator action to occur. An indicator of compromise may be... • https://supportportal.juniper.net/JSA73148 • CWE-20: Improper Input Validation CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 9.0EPSS: 0%CPEs: 102EXPL: 0CVE-2023-44182 – Junos OS and Junos OS Evolved: An Unchecked Return Value in multiple users interfaces affects confidentiality and integrity of device operations
https://notcve.org/view.php?id=CVE-2023-44182
12 Oct 2023 — An Unchecked Return Value vulnerability in the user interfaces to the Juniper Networks Junos OS and Junos OS Evolved, the CLI, the XML API, the XML Management Protocol, the NETCONF Management Protocol, the gNMI interfaces, and the J-Web User Interfaces causes unintended effects such as demotion or elevation of privileges associated with an operators actions to occur. Multiple scenarios may occur; for example: privilege escalation over the device or another account, access to files that should not otherwise ... • https://supportportal.juniper.net/JSA73149 • CWE-252: Unchecked Return Value •