CVSS: 8.7EPSS: 0%CPEs: 18EXPL: 0CVE-2024-39552 – Junos OS and Junos OS Evolved: Malformed BGP UPDATE causes RPD crash
https://notcve.org/view.php?id=CVE-2024-39552
11 Jul 2024 — An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows a network based, unauthenticated attacker to cause the RPD process to crash leading to a Denial of Service (DoS). When a malformed BGP UPDATE packet is received over an established BGP session, RPD crashes and restarts. Continuous receipt of the malformed BGP UPDATE messages will create a sustained Denial of Service (DoS) condition for impacted devices. T... • https://supportportal.juniper.net/JSA75726 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 8.7EPSS: 0%CPEs: 9EXPL: 0CVE-2024-39551 – Junos OS: SRX Series and MX Series with SPC3 and MS-MPC/MIC: Receipt of specific packets in H.323 ALG causes traffic drop
https://notcve.org/view.php?id=CVE-2024-39551
11 Jul 2024 — An Uncontrolled Resource Consumption vulnerability in the H.323 ALG (Application Layer Gateway) of Juniper Networks Junos OS on SRX Series and MX Series with SPC3 and MS-MPC/MIC, allows an unauthenticated network-based attacker to send specific packets causing traffic loss leading to Denial of Service (DoS). Continued receipt and processing of these specific packets will sustain the Denial of Service condition. The memory usage can be monitored using the below command. user@host> show usp memory segment sha... • https://supportportal.juniper.net/JSA83013 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2024-39550 – Junos OS: MX Series with SPC3 line card: Port flaps causes rtlogd memory leak leading to Denial of Service
https://notcve.org/view.php?id=CVE-2024-39550
11 Jul 2024 — A Missing Release of Memory after Effective Lifetime vulnerability in the rtlogd process of Juniper Networks Junos OS on MX Series with SPC3 allows an unauthenticated, adjacent attacker to trigger internal events cause ( which can be done by repeated port flaps) to cause a slow memory leak, ultimately leading to a Denial of Service (DoS). Memory can only be recovered by manually restarting rtlogd process. The memory usage can be monitored using the below command. user@host> show system processes extensive |... • https://supportportal.juniper.net/JSA83012 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 8.7EPSS: 0%CPEs: 16EXPL: 0CVE-2024-39549 – Junos OS and Junos OS Evolved: Receipt of malformed BGP path attributes leads to a memory leak
https://notcve.org/view.php?id=CVE-2024-39549
11 Jul 2024 — A Missing Release of Memory after Effective Lifetime vulnerability in the routing process daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a malformed BGP Path attribute update which allocates memory used to log the bad path attribute. This memory is not properly freed in all circumstances, leading to a Denial of Service (DoS). Consumed memory can be freed by manually restarting Routing Protocol Daemon (rpd). Memory utilization could be monitored by: user@host> show ... • https://supportportal.juniper.net/JSA83011 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.1EPSS: 0%CPEs: 14EXPL: 0CVE-2024-39543 – Junos OS and Junos OS Evolved: Receipt of a large RPKI-RTR PDU packet can cause rpd to crash
https://notcve.org/view.php?id=CVE-2024-39543
11 Jul 2024 — A Buffer Copy without Checking Size of Input vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Juniper Networks Junos OS Evolved allows an unauthenticated, adjacent attacker to send specific RPKI-RTR packets resulting in a crash, creating a Denial of Service (DoS) condition. Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects Junos OS: * All versions before 21.2R3-S8, * from 21.4 before 21.4R3-S8, * f... • https://supportportal.juniper.net/JSA83004 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2024-39541 – Junos OS and Junos OS Evolved: Inconsistent information in the TE database can lead to an rpd crash
https://notcve.org/view.php?id=CVE-2024-39541
11 Jul 2024 — An Improper Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS). When conflicting information (IP or ISO addresses) about a node is added to the Traffic Engineering (TE) database and then a subsequent operation attempts to process these, rpd will crash and restart. This issue affects: Junos OS: * 22.4 versions before 22.4R3-S1, * 23.2 versions be... • https://supportportal.juniper.net/JSA83001 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 6.0EPSS: 0%CPEs: 7EXPL: 0CVE-2024-39539 – Junos OS: MX Series: Continuous subscriber logins will lead to a memory leak and eventually an FPC crash
https://notcve.org/view.php?id=CVE-2024-39539
11 Jul 2024 — A Missing Release of Memory after Effective Lifetime vulnerability in Juniper Networks Junos OS on MX Series allows an unauthenticated adjacent attacker to cause a Denial-of-Service (DoS). In a subscriber management scenario continuous subscriber logins will trigger a memory leak and eventually lead to an FPC crash and restart. This issue affects Junos OS on MX Series: * All version before 21.2R3-S6, * 21.4 versions before 21.4R3-S6, * 22.1 versions before 22.1R3-S5, * 22.2 versions before 22.2R3-S3, * 22.3... • https://supportportal.juniper.net/JSA82999 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.9EPSS: 0%CPEs: 7EXPL: 0CVE-2024-39533 – Junos OS: QFX5000 Series and EX4600 Series: Output firewall filter is not applied if certain match criteria are used
https://notcve.org/view.php?id=CVE-2024-39533
11 Jul 2024 — An Unimplemented or Unsupported Feature in the UI vulnerability in Juniper Networks Junos OS on QFX5000 Series and EX4600 Series allows an unauthenticated, network-based attacker to cause a minor integrity impact to downstream networks.If one or more of the following match conditions ip-source-address ip-destination-address arp-type which are not supported for this type of filter, are used in an ethernet switching filter, and then this filter is applied as an output filter, the configuration can be committe... • https://supportportal.juniper.net/JSA82993 • CWE-447: Unimplemented or Unsupported Feature in UI •
CVSS: 8.7EPSS: 0%CPEs: 5EXPL: 0CVE-2024-39529 – Junos OS: SRX Series: If DNS traceoptions are configured in a DGA or tunnel detection scenario specific DNS traffic leads to a PFE crash
https://notcve.org/view.php?id=CVE-2024-39529
11 Jul 2024 — A Use of Externally-Controlled Format String vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). If DNS Domain Generation Algorithm (DGA) detection or tunnel detection, and DNS-filtering traceoptions are configured, and specific valid transit DNS traffic is received this causes a PFE crash and restart, leading to a Denial of Service. This issue affects Junos OS: * All versions bef... • https://supportportal.juniper.net/JSA82988 • CWE-134: Use of Externally-Controlled Format String •
CVSS: 6.8EPSS: 0%CPEs: 12EXPL: 0CVE-2024-39528 – Junos OS and Junos OS Evolved: Concurrent deletion of a routing-instance and receipt of an SNMP request cause an RPD crash
https://notcve.org/view.php?id=CVE-2024-39528
11 Jul 2024 — A Use After Free vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated, network-based attacker to cause a Denial of Service (DoS).On all Junos OS and Junos Evolved platforms, if a routing-instance deactivation is triggered, and at the same time a specific SNMP request is received, a segmentation fault occurs which causes rpd to crash and restart. This issue affects: Junos OS: * All versions before 21.2R3-S8, * 21.4 versions before 21.4R3... • https://supportportal.juniper.net/JSA82987 • CWE-416: Use After Free •