CVSS: 7.4EPSS: 0%CPEs: 73EXPL: 1CVE-2021-0217 – Junos OS: EX Series and QFX Series: Memory leak issue processing specific DHCP packets
https://notcve.org/view.php?id=CVE-2021-0217
15 Jan 2021 — A vulnerability in processing of certain DHCP packets from adjacent clients on EX Series and QFX Series switches running Juniper Networks Junos OS with DHCP local/relay server configured may lead to exhaustion of DMA memory causing a Denial of Service (DoS). Over time, exploitation of this vulnerability may cause traffic to stop being forwarded, or to crashing of the fxpc process. When Packet DMA heap utilization reaches 99%, the system will become unstable. Packet DMA heap utilization can be monitored thro... • https://kb.juniper.net/JSA11107 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 0%CPEs: 155EXPL: 0CVE-2021-0207 – NFX250, NFX350, QFX5K Series, EX2300 Series, EX3400 Series, EX4300 Multigigabit, EX4600 Series: Certain genuine traffic received by the Junos OS device will be discarded instead of forwarded.
https://notcve.org/view.php?id=CVE-2021-0207
15 Jan 2021 — An improper interpretation conflict of certain data between certain software components within the Juniper Networks Junos OS devices does not allow certain traffic to pass through the device upon receipt from an ingress interface filtering certain specific types of traffic which is then being redirected to an egress interface on a different VLAN. This causes a Denial of Service (DoS) to those clients sending these particular types of traffic. Such traffic being sent by a client may appear genuine, but is no... • https://kb.juniper.net/JSA11097 • CWE-115: Misinterpretation of Input CWE-436: Interpretation Conflict •
CVSS: 8.6EPSS: 0%CPEs: 208EXPL: 0CVE-2021-0203 – Junos OS: EX and QFX5K Series: Storm Control does not work as expected when Redundant Trunk Group is configured
https://notcve.org/view.php?id=CVE-2021-0203
15 Jan 2021 — On Juniper Networks EX and QFX5K Series platforms configured with Redundant Trunk Group (RTG), Storm Control profile applied on the RTG interface might not take affect when it reaches the threshold condition. Storm Control enables the device to monitor traffic levels and to drop broadcast, multicast, and unknown unicast packets when a specified traffic level is exceeded, thus preventing packets from proliferating and degrading the LAN. Note: this issue does not affect EX2200, EX3300, EX4200, and EX9200 Seri... • https://kb.juniper.net/JSA11093 • CWE-794: Incomplete Filtering of Multiple Instances of Special Elements •
CVSS: 6.5EPSS: 0%CPEs: 135EXPL: 0CVE-2020-1689 – Junos OS: EX4300-MP/EX4600/QFX5K Series: High CPU load due to receipt of specific layer 2 frames when deployed in a Virtual Chassis configuration
https://notcve.org/view.php?id=CVE-2020-1689
16 Oct 2020 — On Juniper Networks EX4300-MP Series, EX4600 Series and QFX5K Series deployed in a Virtual Chassis configuration, receipt of a stream of specific layer 2 frames can cause high CPU load, which could lead to traffic interruption. This issue does not occur when the device is deployed in Stand Alone configuration. The offending layer 2 frame packets can originate only from within the broadcast domain where the device is connected. This issue affects Juniper Networks Junos OS on EX4300-MP Series, EX4600 Series a... • https://kb.juniper.net/JSA11086 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.8EPSS: 0%CPEs: 64EXPL: 0CVE-2020-1685 – Junos OS: EX4600, QFX5K Series: Stateless firewall filter matching 'user-vlan-id' will cause incomplete discard action
https://notcve.org/view.php?id=CVE-2020-1685
16 Oct 2020 — When configuring stateless firewall filters in Juniper Networks EX4600 and QFX 5000 Series devices using Virtual Extensible LAN protocol (VXLAN), the discard action will fail to discard traffic under certain conditions. Given a firewall filter configuration similar to: family ethernet-switching { filter L2-VLAN { term ALLOW { from { user-vlan-id 100; } then { accept; } } term NON-MATCH { then { discard; } } when there is only one term containing a 'user-vlan-id' match condition, and no other terms in the fi... • https://kb.juniper.net/JSA11082 • CWE-203: Observable Discrepancy •
CVSS: 7.5EPSS: 0%CPEs: 122EXPL: 0CVE-2020-1679 – Junos OS: PTX/QFX Series: Kernel Routing Table (KRT) queue stuck after packet sampling a malformed packet when the tunnel-observation mpls-over-udp configuration is enabled.
https://notcve.org/view.php?id=CVE-2020-1679
16 Oct 2020 — On Juniper Networks PTX and QFX Series devices with packet sampling configured using tunnel-observation mpls-over-udp, sampling of a malformed packet can cause the Kernel Routing Table (KRT) queue to become stuck. KRT is the module within the Routing Process Daemon (RPD) that synchronized the routing tables with the forwarding tables in the kernel. This table is then synchronized to the Packet Forwarding Engine (PFE) via the KRT queue. Thus, when KRT queue become stuck, it can lead to unexpected packet forw... • https://kb.juniper.net/JSA11076 • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 237EXPL: 0CVE-2020-1661 – Junos OS: jdhcpd process crash when forwarding a malformed DHCP packet.
https://notcve.org/view.php?id=CVE-2020-1661
16 Oct 2020 — On Juniper Networks Junos OS devices configured as a DHCP forwarder, the Juniper Networks Dynamic Host Configuration Protocol Daemon (jdhcp) process might crash when receiving a malformed DHCP packet. This issue only affects devices configured as DHCP forwarder with forward-only option, that forward specified DHCP client packets, without creating a new subscriber session. The jdhcpd daemon automatically restarts without intervention, but continuous receipt of the malformed DHCP packet will repeatedly crash ... • https://kb.juniper.net/JSA11056 •
CVSS: 6.9EPSS: 0%CPEs: 218EXPL: 0CVE-2020-1618 – Junos OS: EX and QFX Series: Console port authentication bypass vulnerability
https://notcve.org/view.php?id=CVE-2020-1618
08 Apr 2020 — On Juniper Networks EX and QFX Series, an authentication bypass vulnerability may allow a user connected to the console port to login as root without any password. This issue might only occur in certain scenarios: • At the first reboot after performing device factory reset using the command “request system zeroize”; or • A temporary moment during the first reboot after the software upgrade when the device configured in Virtual Chassis mode. This issue affects Juniper Networks Junos OS on EX and QFX Series: ... • https://kb.juniper.net/JSA11001 • CWE-287: Improper Authentication CWE-288: Authentication Bypass Using an Alternate Path or Channel •
CVSS: 8.6EPSS: 0%CPEs: 344EXPL: 0CVE-2020-1613 – Junos OS: BGP session termination upon receipt of specific BGP FlowSpec advertisement.
https://notcve.org/view.php?id=CVE-2020-1613
08 Apr 2020 — A vulnerability in the BGP FlowSpec implementation may cause a Juniper Networks Junos OS device to terminate an established BGP session upon receiving a specific BGP FlowSpec advertisement. The BGP NOTIFICATION message that terminates an established BGP session is sent toward the peer device that originally sent the specific BGP FlowSpec advertisement. This specific BGP FlowSpec advertisement received from a BGP peer might get propagated from a Junos OS device running the fixed release to another device tha... • https://kb.juniper.net/JSA10996 • CWE-710: Improper Adherence to Coding Standards •
CVSS: 7.5EPSS: 0%CPEs: 278EXPL: 0CVE-2020-1607 – Junos OS: Cross-Site Scripting (XSS) in J-Web
https://notcve.org/view.php?id=CVE-2020-1607
15 Jan 2020 — Insufficient Cross-Site Scripting (XSS) protection in J-Web may potentially allow a remote attacker to inject web script or HTML, hijack the target user's J-Web session and perform administrative actions on the Junos device as the targeted user. This issue affects Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S15; 12.3X48 versions prior to 12.3X48-D86, 12.3X48-D90 on SRX Series; 14.1X53 versions prior to 14.1X53-D51 on EX and QFX Series; 15.1F6 versions prior to 15.1F6-S13; 15.1 versions prior to... • https://kb.juniper.net/JSA10986 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •