CVSS: 8.7EPSS: 0%CPEs: 12EXPL: 0CVE-2024-47491 – Junos OS and Junos OS Evolved: Receipt of a specific malformed BGP path attribute leads to an RPD crash
https://notcve.org/view.php?id=CVE-2024-47491
11 Oct 2024 — An Improper Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated attacker to cause Denial of Service (DoS). When a BGP UPDATE with malformed path attribute is received over an established BGP session, rpd crashes and restarts. Continuous receipt of a BGP UPDATE with a specifically malformed path attribute will create a sustained Denial of Service (DoS) condition for impacted devices. Th... • https://supportportal.juniper.net • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 8.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-47490 – Junos OS Evolved: ACX 7000 Series: Receipt of specific transit MPLS packets causes resources to be exhausted
https://notcve.org/view.php?id=CVE-2024-47490
11 Oct 2024 — An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved on ACX 7000 Series allows an unauthenticated, network based attacker to cause increased consumption of resources, ultimately resulting in a Denial of Service (DoS). When specific transit MPLS packets are received by the PFE, these packets are internally forwarded to the Routing Engine (RE), rather than being handled appropriately. Continuous receipt ... • https://supportportal.juniper.net/JSA83009 • CWE-923: Improper Restriction of Communication Channel to Intended Endpoints •
CVSS: 6.9EPSS: 0%CPEs: 8EXPL: 0CVE-2024-47489 – Junos OS Evolved: ACX Series: Receipt of specific transit protocol packets is incorrectly processed by the RE
https://notcve.org/view.php?id=CVE-2024-47489
11 Oct 2024 — An Improper Handling of Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of the Juniper Networks Junos OS Evolved on ACX Series devices allows an unauthenticated, network based attacker sending specific transit protocol traffic to cause a partial Denial of Service (DoS) to downstream devices. Receipt of specific transit protocol packets is incorrectly processed by the Routing Engine (RE), filling up the DDoS protection queue which is shared between routing protocols. This influx of... • https://supportportal.juniper.net • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 8.7EPSS: 0%CPEs: 13EXPL: 0CVE-2024-39547 – Junos OS and Junos OS Evolved: cRPD: Receipt of crafted TCP traffic can trigger high CPU utilization
https://notcve.org/view.php?id=CVE-2024-39547
11 Oct 2024 — An Improper Handling of Exceptional Conditions vulnerability in the rpd-server of Juniper Networks Junos OS and Junos OS Evolved within cRPD allows an unauthenticated network-based attacker sending crafted TCP traffic to the routing engine (RE) to cause a CPU-based Denial of Service (DoS). If specially crafted TCP traffic is received by the control plane, or a TCP session terminates unexpectedly, it will cause increased control plane CPU utilization by the rpd-server process. While not explicitly required, ... • https://supportportal.juniper.net/JSA88108 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 5.1EPSS: 0%CPEs: 9EXPL: 0CVE-2024-39544 – Junos OS Evolved: Low privileged local user able to view NETCONF traceoptions files
https://notcve.org/view.php?id=CVE-2024-39544
11 Oct 2024 — An Incorrect Default Permissions vulnerability in the command line interface (CLI) of Juniper Networks Junos OS Evolved allows a low privileged local attacker to view NETCONF traceoptions files, representing an exposure of sensitive information. On all Junos OS Evolved platforms, when NETCONF traceoptions are configured, NETCONF traceoptions files get created with an incorrect group permission, which allows a low-privileged user can access sensitive information compromising the confidentiality of the system... • https://supportportal.juniper.net/JSA88106 • CWE-276: Incorrect Default Permissions •
CVSS: 5.4EPSS: 0%CPEs: 7EXPL: 0CVE-2024-39534 – Junos OS Evolved: Connections to the network and broadcast address accepted
https://notcve.org/view.php?id=CVE-2024-39534
11 Oct 2024 — An Incorrect Comparison vulnerability in the local address verification API of Juniper Networks Junos OS Evolved allows an unauthenticated network-adjacent attacker to create sessions or send traffic to the device using the network and broadcast address of the subnet assigned to an interface. This is unintended and unexpected behavior and can allow an attacker to bypass certain compensating controls, such as stateless firewall filters. This issue affects Junos OS Evolved: * All versions before 21.4R3-S8-EVO... • https://supportportal.juniper.net/JSA88105 • CWE-697: Incorrect Comparison •
CVSS: 7.1EPSS: 0%CPEs: 13EXPL: 0CVE-2024-39526 – Junos OS and Junos OS Evolved: MX Series with MPC10/MPC11/LC9600, MX304, EX9200, PTX Series: Receipt of malformed DHCP packets causes interfaces to stop processing packets
https://notcve.org/view.php?id=CVE-2024-39526
11 Oct 2024 — An Improper Handling of Exceptional Conditions vulnerability in packet processing of Juniper Networks Junos OS on MX Series with MPC10/MPC11/LC9600 line cards, EX9200 with EX9200-15C lines cards, MX304 devices, and Juniper Networks Junos OS Evolved on PTX Series, allows an attacker sending malformed DHCP packets to cause ingress packet processing to stop, leading to a Denial of Service (DoS). Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. This is... • https://supportportal.juniper.net/JSA88103 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 8.7EPSS: 0%CPEs: 14EXPL: 0CVE-2024-39525 – Junos OS and Junos OS Evolved: When BGP traceoptions is enabled, receipt of specially crafted BGP packet causes RPD crash
https://notcve.org/view.php?id=CVE-2024-39525
09 Oct 2024 — An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker sending a specific BGP packet to cause rpd to crash and restart, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue only affects systems with BGP traceoptions enabled and requires a BGP session to be already ... • https://supportportal.juniper.net/JSA88102 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 8.7EPSS: 0%CPEs: 12EXPL: 0CVE-2024-39516 – Junos OS and Junos OS Evolved: With certain BGP options enabled, receipt of specifically malformed BGP update causes RPD crash
https://notcve.org/view.php?id=CVE-2024-39516
09 Oct 2024 — An Out-of-Bounds Read vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker sending a specifically malformed BGP packet to cause rpd to crash and restart, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue only affects systems with BGP traceoptions enabled. Systems without BGP traceoptions enabled are not af... • https://supportportal.juniper.net/JSA88100 • CWE-125: Out-of-bounds Read •
CVSS: 8.7EPSS: 0%CPEs: 12EXPL: 0CVE-2024-39515 – Junos OS and Junos OS Evolved: With BGP traceoptions enabled, receipt of specifically malformed BGP update causes RPD crash
https://notcve.org/view.php?id=CVE-2024-39515
09 Oct 2024 — An Improper Validation of Consistency within Input vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker sending a specifically malformed BGP packet to cause rpd to crash and restart, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. In some cases, rpd fails to restart requiring a manual restart via the 'restart routi... • https://supportportal.juniper.net/JSA88099 • CWE-1288: Improper Validation of Consistency within Input •