CVSS: 5.9EPSS: 0%CPEs: 41EXPL: 0CVE-2022-22213 – Junos OS and Junos OS Evolved: Denial of Service (DoS) vulnerability in RPD upon receipt of specific BGP update
https://notcve.org/view.php?id=CVE-2022-22213
A vulnerability in Handling of Undefined Values in the routing protocol daemon (RPD) process of Juniper Networks Junos OS and Junos OS Evolved may allow an unauthenticated network-based attacker to crash the RPD process by sending a specific BGP update while the system is under heavy load, leading to a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. Malicious exploitation of this issue requires a very specific combination of load, timing, and configuration of the vulnerable system which is beyond the direct control of the attacker. Internal reproduction has only been possible through artificially created load and specially instrumented source code. Systems are only vulnerable to this issue if BGP multipath is enabled. • https://kb.juniper.net/JSA69717 • CWE-232: Improper Handling of Undefined Values •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2022-22212 – Junos OS Evolved: A high rate of specific hostbound traffic will cause unexpected hostbound traffic delays or drops
https://notcve.org/view.php?id=CVE-2022-22212
An Allocation of Resources Without Limits or Throttling vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved allows unauthenticated network based attacker to cause a Denial of Service (DoS). On all Junos Evolved platforms hostbound protocols will be impacted by a high rate of specific hostbound traffic from ports on a PFE. Continued receipt of this amount of traffic will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS Evolved: 21.2 versions prior to 21.2R3-EVO; 21.3 versions prior to 21.3R2-EVO. This issue does not affect Juniper Networks Junos OS Evolved versions prior to 21.2R1. • https://kb.juniper.net/JSA69716 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2022-22195 – Junos OS Evolved: Specific packets reaching the RE lead to a counter overflow and eventually a crash
https://notcve.org/view.php?id=CVE-2022-22195
An Improper Update of Reference Count vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to trigger a counter overflow, eventually causing a Denial of Service (DoS). This issue affects Juniper Networks Junos OS Evolved: All versions prior to 20.4R3-S1-EVO; 21.1 versions prior to 21.1R3-EVO; 21.2 versions prior to 21.2R3-EVO; 21.3 versions prior to 21.3R2-EVO. This issue does not affect Juniper Networks Junos OS. Una vulnerabilidad de Actualización Inapropiada del Recuento de Referencias en el kernel de Juniper Networks Junos OS Evolved permite a un atacante no autenticado y basado en la red desencadenar un desbordamiento del contador, causando eventualmente una Denegación de Servicio (DoS). Este problema afecta a Juniper Networks Junos OS Evolved: Todas las versiones anteriores a 20.4R3-S1-EVO; versiones 21.1 anteriores a 21.1R3-EVO; versiones 21.2 anteriores a 21.2R3-EVO; versiones 21.3 anteriores a 21.3R2-EVO. • https://kb.juniper.net/JSA69508 • CWE-911: Improper Update of Reference Count •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2022-22183 – Junos OS Evolved: A remote attacker may cause a CPU Denial of Service by sending genuine traffic to a device on a specific IPv4 port.
https://notcve.org/view.php?id=CVE-2022-22183
An Improper Access Control vulnerability in Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker who is able to connect to a specific open IPv4 port, which in affected releases should otherwise be unreachable, to cause the CPU to consume all resources as more traffic is sent to the port to create a Denial of Service (DoS) condition. Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS Evolved 20.4 versions prior to 20.4R3-S2-EVO; 21.1 versions prior to 21.1R3-S1-EVO; 21.2 versions prior to 21.2R3-EVO; 21.3 versions prior to 21.3R2-EVO; 21.4 versions prior to 21.4R2-EVO. This issue does not affect Junos OS. Una vulnerabilidad de Control de Acceso Inapropiado en Juniper Networks Junos OS Evolved permite que un atacante no autenticado basado en la red que sea capaz de conectarse a un puerto IPv4 abierto específico, que en las versiones afectadas debería ser inalcanzable de otro modo, cause que la CPU consuma todos los recursos a medida que es enviado más tráfico al puerto para crear una condición de Denegación de Servicio (DoS). • https://kb.juniper.net/JSA69516 • CWE-16: Configuration CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-284: Improper Access Control •
CVSS: 7.5EPSS: 0%CPEs: 236EXPL: 0CVE-2022-22177 – Junos OS and Junos OS Evolved: After receiving a specific number of crafted packets snmpd will segmentation fault (SIGSEGV) requiring a manual restart.
https://notcve.org/view.php?id=CVE-2022-22177
A release of illegal memory vulnerability in the snmpd daemon of Juniper Networks Junos OS, Junos OS Evolved allows an attacker to halt the snmpd daemon causing a sustained Denial of Service (DoS) to the service until it is manually restarted. This issue impacts any version of SNMP – v1,v2, v3 This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S20; 15.1 versions prior to 15.1R7-S11; 18.3 versions prior to 18.3R3-S6; 18.4 versions prior to 18.4R2-S9, 18.4R3-S10; 19.1 versions prior to 19.1R2-S3, 19.1R3-S7; 19.2 versions prior to 19.2R1-S8, 19.2R3-S4; 19.3 versions prior to 19.3R3-S4; 19.4 versions prior to 19.4R2-S5, 19.4R3-S6; 20.1 versions prior to 20.1R3-S2; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2-S2, 21.1R3; 21.2 versions prior to 21.2R1-S2, 21.2R2. Juniper Networks Junos OS Evolved 21.2 versions prior to 21.2R3-EVO; 21.3 versions prior to 21.3R2-EVO. Una vulnerabilidad de liberación de memoria ilegal en el demonio snmpd de Juniper Networks Junos OS, Junos OS Evolved permite a un atacante detener el demonio snmpd causando una denegación de servicio (DoS) sostenida al servicio hasta que sea reiniciada manualmente. Este problema afecta a cualquier versión de SNMP: v1, v2, v3: Juniper Networks Junos OS 12.3 versiones anteriores a 12.3R12-S20; 15.1 versiones anteriores a 15.1R7-S11; 18.3 versiones anteriores a 18.3R3-S6; 18.4 versiones anteriores a 18.4R2-S9, 18.4R3-S10; 19.1 versiones anteriores a 19.1R2-S3, 19.1R3-S7; 19.2 versiones anteriores a 19.2R1-S8, 19.2R3-S4; 19. 3 versiones anteriores a 19.3R3-S4; 19.4 versiones anteriores a 19.4R2-S5, 19.4R3-S6; 20.1 versiones anteriores a 20.1R3-S2; versiones 20.2 anteriores a 20.2R3-S3; versiones 20.3 anteriores a 20.3R3-S1; versiones 20.4 anteriores a 20.4R3; versiones 21.1 anteriores a 21.1R2-S2, 21.1R3; 21.2 versiones anteriores a 21.2R1-S2, 21.2R2. • https://kb.juniper.net/JSA11283 https://www.juniper.net/documentation/us/en/software/junos/network-mgmt/topics/ref/statement/client-list-edit-snmp.html • CWE-755: Improper Handling of Exceptional Conditions •