CVSS: 7.1EPSS: 0%CPEs: 221EXPL: 0CVE-2021-31360 – Junos OS and Junos OS Evolved: Denial of Service vulnerability in local file processing
https://notcve.org/view.php?id=CVE-2021-31360
19 Oct 2021 — An improper privilege management vulnerability in the Juniper Networks Junos OS and Junos OS Evolved command-line interpreter (CLI) allows a low-privileged user to overwrite local files as root, possibly leading to a system integrity issue or Denial of Service (DoS). Depending on the files overwritten, exploitation of this vulnerability could lead to a sustained Denial of Service (DoS) condition, requiring manual user intervention to recover. Systems are only vulnerable if jdhcpd is running, which can be co... • https://kb.juniper.net/JSA11222 • CWE-20: Improper Input Validation CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 221EXPL: 0CVE-2021-31359 – Junos OS and Junos OS Evolved: Local Privilege Escalation vulnerability
https://notcve.org/view.php?id=CVE-2021-31359
19 Oct 2021 — A local privilege escalation vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged user to cause the Juniper DHCP daemon (jdhcpd) process to crash, resulting in a Denial of Service (DoS), or execute arbitrary commands as root. Continued processing of malicious input will repeatedly crash the system and sustain the Denial of Service (DoS) condition. Systems are only vulnerable if jdhcpd is running, which can be confirmed via the 'show system processes' command. For ex... • https://kb.juniper.net/JSA11222 • CWE-121: Stack-based Buffer Overflow CWE-269: Improper Privilege Management •
CVSS: 8.0EPSS: 0%CPEs: 132EXPL: 0CVE-2021-31355 – Junos OS: Stored Cross-Site Scripting (XSS) vulnerability in captive portal
https://notcve.org/view.php?id=CVE-2021-31355
19 Oct 2021 — A persistent cross-site scripting (XSS) vulnerability in the captive portal graphical user interface of Juniper Networks Junos OS may allow a remote authenticated user to inject web script or HTML and steal sensitive data and credentials from a web administration session, possibly tricking a follow-on administrative user to perform administrative actions on the device. This issue affects Juniper Networks Junos OS: All versions, including the following supported releases: 12.3X48 versions prior to 12.3X48-D1... • https://kb.juniper.net/JSA11220 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 89EXPL: 0CVE-2021-31354 – Junos OS and Junos OS Evolved: A vulnerability in the Juniper Agile License Client may allow an attacker to perform Remote Code Execution (RCE)
https://notcve.org/view.php?id=CVE-2021-31354
19 Oct 2021 — An Out Of Bounds (OOB) access vulnerability in the handling of responses by a Juniper Agile License (JAL) Client in Juniper Networks Junos OS and Junos OS Evolved, configured in Network Mode (to use Juniper Agile License Manager) may allow an attacker to cause a partial Denial of Service (DoS), or lead to remote code execution (RCE). The vulnerability exists in the packet parsing logic on the client that processes the response from the server using a custom protocol. An attacker with control of a JAL Licens... • https://kb.juniper.net/JSA11219 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 22EXPL: 1CVE-2021-31353 – Junos OS and Junos OS Evolved: RPD core upon receipt of specific BGP update
https://notcve.org/view.php?id=CVE-2021-31353
19 Oct 2021 — An Improper Handling of Exceptional Conditions vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an attacker to inject a specific BGP update, causing the routing protocol daemon (RPD) to crash and restart, leading to a Denial of Service (DoS). Continued receipt and processing of the BGP update will create a sustained Denial of Service (DoS) condition. This issue affects very specific versions of Juniper Networks Junos OS: 19.3R3-S2; 19.4R3-S3; 20.2 versions 20.2R2-S3 and later, prior to... • https://kb.juniper.net/JSA11218 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.5EPSS: 0%CPEs: 47EXPL: 0CVE-2021-31351 – Junos OS: MX Series: Receipt of specific packet on MS-MPC/MS-MIC causes line card reset
https://notcve.org/view.php?id=CVE-2021-31351
19 Oct 2021 — An Improper Check for Unusual or Exceptional Conditions in packet processing on the MS-MPC/MS-MIC utilized by Juniper Networks Junos OS allows a malicious attacker to send a specific packet, triggering the MS-MPC/MS-MIC to reset, causing a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue only affects specific versions of Juniper Networks Junos OS on MX Series: 17.3R3-S11; 17.4R2-S13; 17.4R3 prior to 17.4R3-S5; 18.1... • https://kb.juniper.net/JSA11216 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 9.0EPSS: 0%CPEs: 93EXPL: 0CVE-2021-31350 – Junos OS and Junos OS Evolved: Privilege escalation vulnerability in Juniper Extension Toolkit (JET)
https://notcve.org/view.php?id=CVE-2021-31350
19 Oct 2021 — An Improper Privilege Management vulnerability in the gRPC framework, used by the Juniper Extension Toolkit (JET) API on Juniper Networks Junos OS and Junos OS Evolved, allows a network-based, low-privileged authenticated attacker to perform operations as root, leading to complete compromise of the targeted system. The issue is caused by the JET service daemon (jsd) process authenticating the user, then passing configuration operations directly to the management daemon (mgd) process, which runs as root. Thi... • https://kb.juniper.net/JSA11215 • CWE-269: Improper Privilege Management •
CVSS: 7.5EPSS: 0%CPEs: 18EXPL: 0CVE-2021-0299 – Junos OS: Kernel crash (vmcore) upon receipt of a malformed IPv6 packet
https://notcve.org/view.php?id=CVE-2021-0299
19 Oct 2021 — An Improper Handling of Exceptional Conditions vulnerability in the processing of a transit or directly received malformed IPv6 packet in Juniper Networks Junos OS results in a kernel crash, causing the device to restart, leading to a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue only affects systems with IPv6 configured. Devices with only IPv4 configured are not vulnerable to this issue. This issue affects Juni... • https://kb.juniper.net/JSA11213 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.8EPSS: 0%CPEs: 195EXPL: 0CVE-2021-0284 – Junos OS: Upon receipt of specific sequences of genuine packets destined to the device the kernel will crash and restart (vmcore)
https://notcve.org/view.php?id=CVE-2021-0284
17 Aug 2021 — A buffer overflow vulnerability in the TCP/IP stack of Juniper Networks Junos OS allows an attacker to send specific sequences of packets to the device thereby causing a Denial of Service (DoS). By repeatedly sending these sequences of packets to the device, an attacker can sustain the Denial of Service (DoS) condition. The device will abnormally shut down as a result of these sent packets. A potential indicator of compromise will be the following message in the log files: "eventd[13955]: SYSTEM_ABNORMAL_SH... • https://kb.juniper.net/JSA11200 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.1EPSS: 0%CPEs: 204EXPL: 0CVE-2021-0295 – Junos OS: QFX10K Series: Denial of Service (DoS) upon receipt of DVMRP packets received on multi-homing ESI in VXLAN.
https://notcve.org/view.php?id=CVE-2021-0295
15 Jul 2021 — A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) of Juniper Networks Junos OS on the QFX10K Series switches allows an attacker to trigger a packet forwarding loop, leading to a partial Denial of Service (DoS). The issue is caused by DVMRP packets looping on a multi-homed Ethernet Segment Identifier (ESI) when VXLAN is configured. DVMRP packets received on a multi-homed ESI are sent to the peer, and then incorrectly forwarded out the same ESI, violating the split horizon rule. This i... • https://kb.juniper.net/JSA11208 • CWE-697: Incorrect Comparison •