CVSS: 8.7EPSS: 0%CPEs: 14EXPL: 0CVE-2024-39525 – Junos OS and Junos OS Evolved: When BGP traceoptions is enabled, receipt of specially crafted BGP packet causes RPD crash
https://notcve.org/view.php?id=CVE-2024-39525
09 Oct 2024 — An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker sending a specific BGP packet to cause rpd to crash and restart, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue only affects systems with BGP traceoptions enabled and requires a BGP session to be already ... • https://supportportal.juniper.net/JSA88102 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 8.7EPSS: 0%CPEs: 12EXPL: 0CVE-2024-39516 – Junos OS and Junos OS Evolved: With certain BGP options enabled, receipt of specifically malformed BGP update causes RPD crash
https://notcve.org/view.php?id=CVE-2024-39516
09 Oct 2024 — An Out-of-Bounds Read vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker sending a specifically malformed BGP packet to cause rpd to crash and restart, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue only affects systems with BGP traceoptions enabled. Systems without BGP traceoptions enabled are not af... • https://supportportal.juniper.net/JSA88100 • CWE-125: Out-of-bounds Read •
CVSS: 8.7EPSS: 0%CPEs: 12EXPL: 0CVE-2024-39515 – Junos OS and Junos OS Evolved: With BGP traceoptions enabled, receipt of specifically malformed BGP update causes RPD crash
https://notcve.org/view.php?id=CVE-2024-39515
09 Oct 2024 — An Improper Validation of Consistency within Input vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker sending a specifically malformed BGP packet to cause rpd to crash and restart, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. In some cases, rpd fails to restart requiring a manual restart via the 'restart routi... • https://supportportal.juniper.net/JSA88099 • CWE-1288: Improper Validation of Consistency within Input •
CVSS: 8.7EPSS: 0%CPEs: 18EXPL: 0CVE-2024-39552 – Junos OS and Junos OS Evolved: Malformed BGP UPDATE causes RPD crash
https://notcve.org/view.php?id=CVE-2024-39552
11 Jul 2024 — An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows a network based, unauthenticated attacker to cause the RPD process to crash leading to a Denial of Service (DoS). When a malformed BGP UPDATE packet is received over an established BGP session, RPD crashes and restarts. Continuous receipt of the malformed BGP UPDATE messages will create a sustained Denial of Service (DoS) condition for impacted devices. T... • https://supportportal.juniper.net/JSA75726 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 8.7EPSS: 0%CPEs: 16EXPL: 0CVE-2024-39549 – Junos OS and Junos OS Evolved: Receipt of malformed BGP path attributes leads to a memory leak
https://notcve.org/view.php?id=CVE-2024-39549
11 Jul 2024 — A Missing Release of Memory after Effective Lifetime vulnerability in the routing process daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a malformed BGP Path attribute update which allocates memory used to log the bad path attribute. This memory is not properly freed in all circumstances, leading to a Denial of Service (DoS). Consumed memory can be freed by manually restarting Routing Protocol Daemon (rpd). Memory utilization could be monitored by: user@host> show ... • https://supportportal.juniper.net/JSA83011 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.1EPSS: 0%CPEs: 14EXPL: 0CVE-2024-39543 – Junos OS and Junos OS Evolved: Receipt of a large RPKI-RTR PDU packet can cause rpd to crash
https://notcve.org/view.php?id=CVE-2024-39543
11 Jul 2024 — A Buffer Copy without Checking Size of Input vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Juniper Networks Junos OS Evolved allows an unauthenticated, adjacent attacker to send specific RPKI-RTR packets resulting in a crash, creating a Denial of Service (DoS) condition. Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects Junos OS: * All versions before 21.2R3-S8, * from 21.4 before 21.4R3-S8, * f... • https://supportportal.juniper.net/JSA83004 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2024-39541 – Junos OS and Junos OS Evolved: Inconsistent information in the TE database can lead to an rpd crash
https://notcve.org/view.php?id=CVE-2024-39541
11 Jul 2024 — An Improper Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS). When conflicting information (IP or ISO addresses) about a node is added to the Traffic Engineering (TE) database and then a subsequent operation attempts to process these, rpd will crash and restart. This issue affects: Junos OS: * 22.4 versions before 22.4R3-S1, * 23.2 versions be... • https://supportportal.juniper.net/JSA83001 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2024-39538 – Junos OS Evolved: ACX7000 Series: When multicast traffic with a specific (S,G) is received evo-pfemand crashes
https://notcve.org/view.php?id=CVE-2024-39538
11 Jul 2024 — A Buffer Copy without Checking Size of Input vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved on ACX7000 Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS).When multicast traffic with a specific, valid (S,G) is received, evo-pfemand crashes which leads to an outage of the affected FPC until it is manually recovered. This issue affects Junos OS Evolved on ACX7000 Series: * All versions before 21.2R3-S8-EVO, * 21.4-EVO versions b... • https://supportportal.juniper.net/JSA82998 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.9EPSS: 0%CPEs: 7EXPL: 0CVE-2024-39537 – Junos OS Evolved: ACX7000 Series: Ports which have been inadvertently exposed can be reached over the network
https://notcve.org/view.php?id=CVE-2024-39537
11 Jul 2024 — An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved on ACX 7000 Series allows an unauthenticated, network-based attacker to cause a limited information disclosure and availability impact to the device. Due to a wrong initialization, specific processes which should only be able to communicate internally within the device can be reached over the network via open ports. This issue affects Junos OS Evolved on ACX 7000 Series: * All versions b... • https://supportportal.juniper.net/JSA82997 • CWE-923: Improper Restriction of Communication Channel to Intended Endpoints •
CVSS: 8.7EPSS: 0%CPEs: 8EXPL: 0CVE-2024-39531 – Junos OS Evolved: ACX 7000 Series: Protocol specific DDoS configuration affects other protocols
https://notcve.org/view.php?id=CVE-2024-39531
11 Jul 2024 — An Improper Handling of Values vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved on ACX 7000 Series allows a network-based, unauthenticated attacker to cause a Denial-of-Service (DoS). If a value is configured for DDoS bandwidth or burst parameters for any protocol in a queue, all protocols which share the same queue will have their bandwidth or burst value changed to the new value. If, for example, OSPF was configured with a certain bandwidth value, ISIS would also be... • https://supportportal.juniper.net/JSA82991 • CWE-229: Improper Handling of Values •