CVSS: 7.8EPSS: 0%CPEs: 32EXPL: 0CVE-2024-21602 – Junos OS Evolved: ACX7024, ACX7100-32C and ACX7100-48L: Traffic stops when a specific IPv4 UDP packet is received by the RE
https://notcve.org/view.php?id=CVE-2024-21602
12 Jan 2024 — A NULL Pointer Dereference vulnerability in Juniper Networks Junos OS Evolved on ACX7024, ACX7100-32C and ACX7100-48L allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). If a specific IPv4 UDP packet is received and sent to the Routing Engine (RE) packetio crashes and restarts which causes a momentary traffic interruption. Continued receipt of such packets will lead to a sustained DoS. This issue does not happen with IPv6 packets. This issue affects Juniper Networks Junos O... • https://supportportal.juniper.net/JSA75743 • CWE-476: NULL Pointer Dereference •
CVSS: 5.9EPSS: 0%CPEs: 64EXPL: 0CVE-2024-21601 – Junos OS: SRX Series: Due to an error in processing TCP events flowd will crash
https://notcve.org/view.php?id=CVE-2024-21601
12 Jan 2024 — A Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in the Flow-processing Daemon (flowd) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (Dos). On SRX Series devices when two different threads try to simultaneously process a queue which is used for TCP events flowd will crash. One of these threads can not be triggered externally, so the exploitation of this race condition is out... • https://supportportal.juniper.net/JSA75742 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 55EXPL: 0CVE-2024-21597 – Junos OS: MX Series: In an AF scenario traffic can bypass configured lo0 firewall filters
https://notcve.org/view.php?id=CVE-2024-21597
12 Jan 2024 — An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to bypass the intended access restrictions. In an Abstracted Fabric (AF) scenario if routing-instances (RI) are configured, specific valid traffic destined to the device can bypass the configured lo0 firewall filters as it's received in the wrong RI context. This issue affects Juniper Networks Junos OS on MX Series: * All vers... • https://supportportal.juniper.net/JSA75738 • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 5.3EPSS: 0%CPEs: 152EXPL: 0CVE-2024-21596 – Junos OS and Junos OS Evolved: A specific BGP UPDATE message will cause a crash in the backup Routing Engine in NSR-enabled devices
https://notcve.org/view.php?id=CVE-2024-21596
12 Jan 2024 — A Heap-based Buffer Overflow vulnerability in the Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network based attacker to cause a Denial of Service (DoS). If an attacker sends a specific BGP UPDATE message to the device, this will cause a memory overwrite and therefore an RPD crash and restart in the backup Routing Engine (RE). Continued receipt of these packets will cause a sustained Denial of Service (DoS) condition in the backup RE. The primary... • https://supportportal.juniper.net/JSA75735 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 37EXPL: 0CVE-2024-21595 – Junos OS: EX4100, EX4400, EX4600, QFX5000 Series: A high rate of specific ICMP traffic will cause the PFE to hang
https://notcve.org/view.php?id=CVE-2024-21595
12 Jan 2024 — An Improper Validation of Syntactic Correctness of Input vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). If an attacker sends high rate of specific ICMP traffic to a device with VXLAN configured, this causes a deadlock of the PFE and results in the device becoming unresponsive. A manual restart will be required to recover the device. This issue only affects EX4100, EX4400, EX4600, QFX5000 Se... • https://advisory.juniper.net/JSA75734 • CWE-1286: Improper Validation of Syntactic Correctness of Input •
CVSS: 5.5EPSS: 0%CPEs: 74EXPL: 0CVE-2024-21594 – Junos OS: SRX 5000 Series: Repeated execution of a specific CLI command causes a flowd crash
https://notcve.org/view.php?id=CVE-2024-21594
12 Jan 2024 — A Heap-based Buffer Overflow vulnerability in the Network Services Daemon (NSD) of Juniper Networks Junos OS allows authenticated, low privileged, local attacker to cause a Denial of Service (DoS). On an SRX 5000 Series device, when executing a specific command repeatedly, memory is corrupted, which leads to a Flow Processing Daemon (flowd) crash. The NSD process has to be restarted to restore services. If this issue occurs, it can be checked with the following command: user@host> request security policies ... • https://supportportal.juniper.net/JSA75733 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 6%CPEs: 91EXPL: 0CVE-2024-21591 – Junos OS: SRX Series and EX Series: Security Vulnerability in J-web allows a preAuth Remote Code Execution
https://notcve.org/view.php?id=CVE-2024-21591
12 Jan 2024 — An Out-of-bounds Write vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS), or Remote Code Execution (RCE) and obtain root privileges on the device. This issue is caused by use of an insecure function allowing an attacker to overwrite arbitrary memory. This issue affects Juniper Networks Junos OS SRX Series and EX Series: * Junos OS versions earlier than 20.4R3-S9; * Junos OS 21.2 versions earlie... • https://curesec.com/blog/article/CVE-2024-21591_Juniper_Remote_Code_Exec.html • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 109EXPL: 0CVE-2024-21587 – Junos OS: MX Series: Memory leak in bbe-smgd process if BFD liveness detection for DHCP subscribers is enabled
https://notcve.org/view.php?id=CVE-2024-21587
12 Jan 2024 — An Improper Handling of Exceptional Conditions vulnerability in the broadband edge subscriber management daemon (bbe-smgd) of Juniper Networks Junos OS on MX Series allows an attacker directly connected to the vulnerable system who repeatedly flaps DHCP subscriber sessions to cause a slow memory leak, ultimately leading to a Denial of Service (DoS). Memory can only be recovered by manually restarting bbe-smgd. This issue only occurs if BFD liveness detection for DHCP subscribers is enabled. Systems without ... • https://supportportal.juniper.net/JSA75725 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 5.9EPSS: 0%CPEs: 148EXPL: 0CVE-2024-21585 – Junos OS and Junos OS Evolved: BGP session flaps on NSR-enabled devices can cause rpd crash
https://notcve.org/view.php?id=CVE-2024-21585
12 Jan 2024 — An Improper Handling of Exceptional Conditions vulnerability in BGP session processing of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker, using specific timing outside the attacker's control, to flap BGP sessions and cause the routing protocol daemon (rpd) process to crash and restart, leading to a Denial of Service (DoS) condition. Continued BGP session flapping will create a sustained Denial of Service (DoS) condition. This issue only affects routers config... • https://supportportal.juniper.net/JSA75723 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 6.5EPSS: 0%CPEs: 93EXPL: 0CVE-2023-36842 – Junos OS: jdhcpd will hang on receiving a specific DHCP packet
https://notcve.org/view.php?id=CVE-2023-36842
12 Jan 2024 — An Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper DHCP Daemon (jdhcpd) of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause the jdhcpd to consume all the CPU cycles resulting in a Denial of Service (DoS). On Junos OS devices with forward-snooped-client configured, if an attacker sends a specific DHCP packet to a non-configured interface, this will cause an infinite loop. The DHCP process will have to be restarted to recover the service. This issue... • https://supportportal.juniper.net/JSA75730 • CWE-703: Improper Check or Handling of Exceptional Conditions CWE-755: Improper Handling of Exceptional Conditions •