CVSS: 7.8EPSS: 0%CPEs: 170EXPL: 0CVE-2023-28976 – Junos OS: MX Series: If a specific traffic rate goes above the DDoS threshold it will lead to an FPC crash
https://notcve.org/view.php?id=CVE-2023-28976
17 Apr 2023 — An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). If specific traffic is received on MX Series and its rate exceeds the respective DDoS protection limit the ingress PFE will crash and restart. Continued receipt of this traffic will create a sustained DoS condition. This issue affects Juniper Networks Junos OS on MX Series: A... • https://supportportal.juniper.net/JSA70601 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 5.5EPSS: 0%CPEs: 167EXPL: 0CVE-2023-22409 – Junos OS: SRX Series, MX Series with SPC3: When an inconsistent NAT configuration exists and a specific CLI command is issued the SPC will reboot
https://notcve.org/view.php?id=CVE-2023-22409
12 Jan 2023 — An Unchecked Input for Loop Condition vulnerability in a NAT library of Juniper Networks Junos OS allows a local authenticated attacker with low privileges to cause a Denial of Service (DoS). When an inconsistent "deterministic NAT" configuration is present on an SRX, or MX with SPC3 and then a specific CLI command is issued the SPC will crash and restart. Repeated execution of this command will lead to a sustained DoS. Such a configuration is characterized by the total number of port blocks being greater t... • https://kb.juniper.net/JSA70205 • CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 6.8EPSS: 0%CPEs: 154EXPL: 0CVE-2023-22404 – Junos OS: SRX Series and MX Series with SPC3: When IPsec VPN is configured iked will core when a specifically formatted payload is received
https://notcve.org/view.php?id=CVE-2023-22404
12 Jan 2023 — An Out-of-bounds Write vulnerability in the Internet Key Exchange Protocol daemon (iked) of Juniper Networks Junos OS on SRX series and MX with SPC3 allows an authenticated, network-based attacker to cause a Denial of Service (DoS). iked will crash and restart, and the tunnel will not come up when a peer sends a specifically formatted payload during the negotiation. This will impact other IKE negotiations happening at the same time. Continued receipt of this specifically formatted payload will lead to conti... • https://kb.juniper.net/JSA70200 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 90EXPL: 0CVE-2023-22412 – Junos OS: MX Series and SRX Series: The flow processing daemon (flowd) will crash if the SIP ALG is enabled and specific SIP messages are processed
https://notcve.org/view.php?id=CVE-2023-22412
12 Jan 2023 — An Improper Locking vulnerability in the SIP ALG of Juniper Networks Junos OS on MX Series with MS-MPC or MS-MIC card and SRX Series allows an unauthenticated, network-based attacker to cause a flow processing daemon (flowd) crash and thereby a Denial of Service (DoS). Continued receipt of these specific packets will cause a sustained Denial of Service condition. This issue occurs when SIP ALG is enabled and specific SIP messages are processed simultaneously. This issue affects: Juniper Networks Junos OS on... • https://kb.juniper.net/JSA70208 • CWE-667: Improper Locking •
CVSS: 7.5EPSS: 0%CPEs: 45EXPL: 1CVE-2023-22410 – Junos OS: MX Series with MPC10/MPC11: When Suspicious Control Flow Detection (scfd) is enabled and an attacker is sending specific traffic, this causes a memory leak.
https://notcve.org/view.php?id=CVE-2023-22410
12 Jan 2023 — A Missing Release of Memory after Effective Lifetime vulnerability in the Juniper Networks Junos OS on MX Series platforms with MPC10/MPC11 line cards, allows an unauthenticated adjacent attacker to cause a Denial of Service (DoS). Devices are only vulnerable when the Suspicious Control Flow Detection (scfd) feature is enabled. Upon enabling this specific feature, an attacker sending specific traffic is causing memory to be allocated dynamically and it is not freed. Memory is not freed even after deactivati... • https://kb.juniper.net/JSA70206 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 94EXPL: 0CVE-2023-22416 – Junos OS: MX Series and SRX Series: The flow processing daemon (flowd) will crash if SIP ALG is enabled and a malformed SIP packet is received
https://notcve.org/view.php?id=CVE-2023-22416
12 Jan 2023 — A Buffer Overflow vulnerability in SIP ALG of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). On all MX Series and SRX Series platform with SIP ALG enabled, when a malformed SIP packet is received, the flow processing daemon (flowd) will crash and restart. This issue affects: Juniper Networks Junos OS on MX Series and SRX Series 20.4 versions prior to 20.4R3-S5; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3-S2; 21.3 versions pr... • https://kb.juniper.net/JSA70212 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 172EXPL: 0CVE-2023-22394 – Junos OS: SRX Series and MX Series: Memory leak due to receipt of specially crafted SIP calls
https://notcve.org/view.php?id=CVE-2023-22394
12 Jan 2023 — An Improper Handling of Unexpected Data Type vulnerability in the handling of SIP calls in Juniper Networks Junos OS on SRX Series and MX Series platforms allows an attacker to cause a memory leak leading to Denial of Services (DoS). This issue occurs on all MX Series platforms with MS-MPC or MS-MIC card and all SRX Series platforms where SIP ALG is enabled. Successful exploitation of this vulnerability prevents additional SIP calls and applications from succeeding. The SIP ALG needs to be enabled, either i... • https://kb.juniper.net/JSA70190 • CWE-911: Improper Update of Reference Count •
CVSS: 7.8EPSS: 0%CPEs: 109EXPL: 0CVE-2023-22413 – Junos OS: MX Series: The Multiservices PIC Management Daemon (mspmand) will crash when an IPsec6 tunnel processes specific IPv4 packets
https://notcve.org/view.php?id=CVE-2023-22413
12 Jan 2023 — An Improper Check or Handling of Exceptional Conditions vulnerability in the IPsec library of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause Denial of Service (DoS). On all MX platforms with MS-MPC or MS-MIC card, when specific IPv4 packets are processed by an IPsec6 tunnel, the Multiservices PIC Management Daemon (mspmand) process will core and restart. This will lead to FPC crash. Traffic flow is impacted while mspmand restarts. Continued receipt of these specific pack... • https://kb.juniper.net/JSA70209 • CWE-703: Improper Check or Handling of Exceptional Conditions •
CVSS: 7.8EPSS: 0%CPEs: 150EXPL: 1CVE-2023-22415 – Junos OS: MX Series and SRX Series: The flow processing daemon (flowd) will crash when specific H.323 packets are received
https://notcve.org/view.php?id=CVE-2023-22415
12 Jan 2023 — An Out-of-Bounds Write vulnerability in the H.323 ALG of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service (DoS). On all MX Series and SRX Series platform, when H.323 ALG is enabled and specific H.323 packets are received simultaneously, a flow processing daemon (flowd) crash will occur. Continued receipt of these specific packets will cause a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS on MX Series and SRX S... • https://kb.juniper.net/JSA70211 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 214EXPL: 1CVE-2022-22249 – Junos OS: MX Series: An FPC crash might be seen due to mac-moves within the same bridge domain
https://notcve.org/view.php?id=CVE-2022-22249
18 Oct 2022 — An Improper Control of a Resource Through its Lifetime vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series allows an unauthenticated adjacent attacker to cause a Denial of Service (DoS). When there is a continuous mac move a memory corruption causes one or more FPCs to crash and reboot. These MAC moves can be between two local interfaces or between core/EVPN and local interface. The below error logs can be seen in PFE syslog when this issue happens: xss_event_handle... • https://kb.juniper.net/JSA69906 • CWE-664: Improper Control of a Resource Through its Lifetime •