CVSS: 8.7EPSS: 0%CPEs: 9EXPL: 0CVE-2024-39551 – Junos OS: SRX Series and MX Series with SPC3 and MS-MPC/MIC: Receipt of specific packets in H.323 ALG causes traffic drop
https://notcve.org/view.php?id=CVE-2024-39551
11 Jul 2024 — An Uncontrolled Resource Consumption vulnerability in the H.323 ALG (Application Layer Gateway) of Juniper Networks Junos OS on SRX Series and MX Series with SPC3 and MS-MPC/MIC, allows an unauthenticated network-based attacker to send specific packets causing traffic loss leading to Denial of Service (DoS). Continued receipt and processing of these specific packets will sustain the Denial of Service condition. The memory usage can be monitored using the below command. user@host> show usp memory segment sha... • https://supportportal.juniper.net/JSA83013 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.7EPSS: 0%CPEs: 16EXPL: 0CVE-2024-39549 – Junos OS and Junos OS Evolved: Receipt of malformed BGP path attributes leads to a memory leak
https://notcve.org/view.php?id=CVE-2024-39549
11 Jul 2024 — A Missing Release of Memory after Effective Lifetime vulnerability in the routing process daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a malformed BGP Path attribute update which allocates memory used to log the bad path attribute. This memory is not properly freed in all circumstances, leading to a Denial of Service (DoS). Consumed memory can be freed by manually restarting Routing Protocol Daemon (rpd). Memory utilization could be monitored by: user@host> show ... • https://supportportal.juniper.net/JSA83011 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 8.7EPSS: 0%CPEs: 9EXPL: 0CVE-2024-39545 – Junos OS: SRX Series, MX Series with SPC3 and NFX350: When VPN tunnels parameters are not configured in specific way the iked process will crash
https://notcve.org/view.php?id=CVE-2024-39545
11 Jul 2024 — An Improper Check for Unusual or Exceptional Conditions vulnerability in the the IKE daemon (iked) of Juniper Networks Junos OS on SRX Series, MX Series with SPC3 and NFX350 allows allows an unauthenticated, network-based attacker sending specific mismatching parameters as part of the IPsec negotiation to trigger an iked crash leading to Denial of Service (DoS). This issue is applicable to all platforms that run iked. This issue affects Junos OS on SRX Series, MX Series with SPC3 and NFX350: * All versions ... • https://supportportal.juniper.net/JSA83007 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 7.1EPSS: 0%CPEs: 14EXPL: 0CVE-2024-39543 – Junos OS and Junos OS Evolved: Receipt of a large RPKI-RTR PDU packet can cause rpd to crash
https://notcve.org/view.php?id=CVE-2024-39543
11 Jul 2024 — A Buffer Copy without Checking Size of Input vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Juniper Networks Junos OS Evolved allows an unauthenticated, adjacent attacker to send specific RPKI-RTR packets resulting in a crash, creating a Denial of Service (DoS) condition. Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects Junos OS: * All versions before 21.2R3-S8, * from 21.4 before 21.4R3-S8, * f... • https://supportportal.juniper.net/JSA83004 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.7EPSS: 0%CPEs: 6EXPL: 0CVE-2024-39542 – Junos OS and Junos OS Evolved: A malformed CFM packet or specific transit traffic leads to FPC crash
https://notcve.org/view.php?id=CVE-2024-39542
11 Jul 2024 — An Improper Validation of Syntactic Correctness of Input vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series with MPC10/11 or LC9600, MX304, and Junos OS Evolved on ACX Series and PTX Series allows an unauthenticated, network based attacker to cause a Denial-of-Service (DoS). This issue can occur in two scenarios: 1. If a device, which is configured with SFLOW and ECMP, receives specific valid transit traffic, which is subject to sampling, the packetio process crash... • https://supportportal.juniper.net/JSA83002 • CWE-1286: Improper Validation of Syntactic Correctness of Input •
CVSS: 6.0EPSS: 0%CPEs: 7EXPL: 0CVE-2024-39539 – Junos OS: MX Series: Continuous subscriber logins will lead to a memory leak and eventually an FPC crash
https://notcve.org/view.php?id=CVE-2024-39539
11 Jul 2024 — A Missing Release of Memory after Effective Lifetime vulnerability in Juniper Networks Junos OS on MX Series allows an unauthenticated adjacent attacker to cause a Denial-of-Service (DoS). In a subscriber management scenario continuous subscriber logins will trigger a memory leak and eventually lead to an FPC crash and restart. This issue affects Junos OS on MX Series: * All version before 21.2R3-S6, * 21.4 versions before 21.4R3-S6, * 22.1 versions before 22.1R3-S5, * 22.2 versions before 22.2R3-S3, * 22.3... • https://supportportal.juniper.net/JSA82999 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.0EPSS: 0%CPEs: 13EXPL: 0CVE-2024-39536 – Junos OS and Junos OS Evolved: Flaps of BFD sessions with authentication cause a ppmd memory leak
https://notcve.org/view.php?id=CVE-2024-39536
11 Jul 2024 — A Missing Release of Memory after Effective Lifetime vulnerability in the Periodic Packet Management Daemon (ppmd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause a Denial-of-Service (DoS). When a BFD session configured with authentication flaps, ppmd memory can leak. Whether the leak happens depends on a race condition which is outside the attackers control. This issue only affects BFD operating in distributed aka delegated (which is the default behavi... • https://supportportal.juniper.net/JSA82996 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.9EPSS: 0%CPEs: 7EXPL: 0CVE-2024-39533 – Junos OS: QFX5000 Series and EX4600 Series: Output firewall filter is not applied if certain match criteria are used
https://notcve.org/view.php?id=CVE-2024-39533
11 Jul 2024 — An Unimplemented or Unsupported Feature in the UI vulnerability in Juniper Networks Junos OS on QFX5000 Series and EX4600 Series allows an unauthenticated, network-based attacker to cause a minor integrity impact to downstream networks.If one or more of the following match conditions ip-source-address ip-destination-address arp-type which are not supported for this type of filter, are used in an ethernet switching filter, and then this filter is applied as an output filter, the configuration can be committe... • https://supportportal.juniper.net/JSA82993 • CWE-447: Unimplemented or Unsupported Feature in UI •
CVSS: 6.3EPSS: 0%CPEs: 11EXPL: 0CVE-2024-39532 – Junos OS and Junos OS Evolved: Confidential information in logs can be accessed by another user
https://notcve.org/view.php?id=CVE-2024-39532
11 Jul 2024 — An Insertion of Sensitive Information into Log File vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows a local, authenticated attacker with high privileges to access sensitive information. When another user performs a specific operation, sensitive information is stored as plain text in a specific log file, so that a high-privileged attacker has access to this information. This issue affects: Junos OS: * All versions before 21.2R3-S9; * 21.4 versions before 21.4R3-S9; * 22.2 versions befo... • https://supportportal.juniper.net/JSA82992 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 8.7EPSS: 0%CPEs: 5EXPL: 0CVE-2024-39529 – Junos OS: SRX Series: If DNS traceoptions are configured in a DGA or tunnel detection scenario specific DNS traffic leads to a PFE crash
https://notcve.org/view.php?id=CVE-2024-39529
11 Jul 2024 — A Use of Externally-Controlled Format String vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). If DNS Domain Generation Algorithm (DGA) detection or tunnel detection, and DNS-filtering traceoptions are configured, and specific valid transit DNS traffic is received this causes a PFE crash and restart, leading to a Denial of Service. This issue affects Junos OS: * All versions bef... • https://supportportal.juniper.net/JSA82988 • CWE-134: Use of Externally-Controlled Format String •