CVSS: 7.5EPSS: 0%CPEs: 57EXPL: 0CVE-2022-22178 – Junos OS: MX and SRX series: Flowd core observed if the SIP ALG is enabled and a specific Session Initiation Protocol (SIP) packet is received
https://notcve.org/view.php?id=CVE-2022-22178
19 Jan 2022 — A Stack-based Buffer Overflow vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on MX Series and SRX series allows an unauthenticated networked attacker to cause a flowd crash and thereby a Denial of Service (DoS). Continued receipt of these specific packets will cause a sustained Denial of Service condition. This issue can be triggered by a specific Session Initiation Protocol (SIP) invite packet if the SIP ALG is enabled. Due to this, the PIC will be rebooted and all traffic... • https://kb.juniper.net/JSA11284 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.5EPSS: 0%CPEs: 57EXPL: 0CVE-2022-22175 – Junos OS: MX Series and SRX Series: The flowd daemon will crash if the SIP ALG is enabled and specific SIP messages are processed
https://notcve.org/view.php?id=CVE-2022-22175
19 Jan 2022 — An Improper Locking vulnerability in the SIP ALG of Juniper Networks Junos OS on MX Series and SRX Series allows an unauthenticated networked attacker to cause a flowprocessing daemon (flowd) crash and thereby a Denial of Service (DoS). Continued receipt of these specific packets will cause a sustained Denial of Service condition. This issue can occur in a scenario where the SIP ALG is enabled and specific SIP messages are being processed simultaneously. This issue affects: Juniper Networks Junos OS on MX S... • https://kb.juniper.net/JSA11281 • CWE-667: Improper Locking •
CVSS: 9.8EPSS: 0%CPEs: 160EXPL: 0CVE-2022-22167 – Junos OS: SRX Series: If no-syn-check is enabled, traffic classified as UNKNOWN gets permitted by pre-id-default-policy
https://notcve.org/view.php?id=CVE-2022-22167
19 Jan 2022 — A traffic classification vulnerability in Juniper Networks Junos OS on the SRX Series Services Gateways may allow an attacker to bypass Juniper Deep Packet Inspection (JDPI) rules and access unauthorized networks or resources, when 'no-syn-check' is enabled on the device. While JDPI correctly classifies out-of-state asymmetric TCP flows as the dynamic-application UNKNOWN, this classification is not provided to the policy module properly and hence traffic continues to use the pre-id-default-policy, which is ... • https://kb.juniper.net/JSA11265 • CWE-863: Incorrect Authorization •
CVSS: 7.5EPSS: 0%CPEs: 104EXPL: 0CVE-2022-22153 – SRX Series and MX Series with SPC3: A high percentage of fragments might lead to high latency or packet drops
https://notcve.org/view.php?id=CVE-2022-22153
19 Jan 2022 — An Insufficient Algorithmic Complexity combined with an Allocation of Resources Without Limits or Throttling vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX Series and MX Series with SPC3 allows an unauthenticated network attacker to cause latency in transit packet processing and even packet loss. If transit traffic includes a significant percentage (> 5%) of fragmented packets which need to be reassembled, high latency or packet drops might be observed. This issue af... • https://kb.juniper.net/JSA11261 • CWE-407: Inefficient Algorithmic Complexity CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 8.0EPSS: 0%CPEs: 166EXPL: 0CVE-2021-31373 – Junos OS: SRX Series: Persistent XSS vulnerability in J-Web
https://notcve.org/view.php?id=CVE-2021-31373
19 Oct 2021 — A persistent Cross-Site Scripting (XSS) vulnerability in Juniper Networks Junos OS on SRX Series, J-Web interface may allow a remote authenticated user to inject persistent and malicious scripts. An attacker can exploit this vulnerability to steal sensitive data and credentials from a web administration session, or hijack another user's active session to perform administrative actions. This issue affects: Juniper Networks Junos OS on SRX Series: 18.2 versions prior to 18.2R3-S8; 18.3 versions prior to 18.3R... • https://kb.juniper.net/JSA11238 • CWE-20: Improper Input Validation CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.9EPSS: 0%CPEs: 154EXPL: 0CVE-2021-31364 – Junos OS: SRX Series: The flowd process will crash if log session-close is configured and specific traffic is received
https://notcve.org/view.php?id=CVE-2021-31364
19 Oct 2021 — An Improper Check for Unusual or Exceptional Conditions vulnerability combined with a Race Condition in the flow daemon (flowd) of Juniper Networks Junos OS on SRX300 Series, SRX500 Series, SRX1500, and SRX5000 Series with SPC2 allows an unauthenticated network based attacker sending specific traffic to cause a crash of the flowd/srxpfe process, responsible for traffic forwarding in SRX, which will cause a Denial of Service (DoS). Continued receipt and processing of this specific traffic will create a susta... • https://kb.juniper.net/JSA11226 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 6.5EPSS: 0%CPEs: 359EXPL: 0CVE-2021-0289 – Junos OS: User-defined ARP Policer isn't applied on Aggregated Ethernet (AE) interface until firewall process is restarted
https://notcve.org/view.php?id=CVE-2021-0289
15 Jul 2021 — When user-defined ARP Policer is configured and applied on one or more Aggregated Ethernet (AE) interface units, a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability between the Device Control Daemon (DCD) and firewall process (dfwd) daemons of Juniper Networks Junos OS allows an attacker to bypass the user-defined ARP Policer. In this particular case the User ARP policer is replaced with default ARP policer. To review the desired ARP Policers and actual state one can run the command "show inte... • https://kb.juniper.net/JSA11191 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 9.3EPSS: 0%CPEs: 319EXPL: 0CVE-2021-0275 – Junos OS: J-Web: Cross-site scripting attack allows an attacker to gain control of another users session.
https://notcve.org/view.php?id=CVE-2021-0275
22 Apr 2021 — A Cross-site Scripting (XSS) vulnerability in J-Web on Juniper Networks Junos OS allows an attacker to target another user's session thereby gaining access to the users session. The other user session must be active for the attack to succeed. Once successful, the attacker has the same privileges as the user. If the user has root privileges, the attacker may be able to gain full control of the device. This issue affects: Juniper Networks Junos OS: 12.3 versions prior to 12.3R12-S15 on EX Series; 12.3X48 vers... • https://kb.juniper.net/JSA11166 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 324EXPL: 0CVE-2021-0261 – Junos OS: Denial of Service vulnerability in J-Web and web based (HTTP/HTTPS) services caused by a high number of specific requests
https://notcve.org/view.php?id=CVE-2021-0261
22 Apr 2021 — A vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN (DVPN), Firewall Authentication Pass-Through with Web-Redirect, and Captive Portal allows an unauthenticated attacker to cause an extended Denial of Service (DoS) for these services by sending a high number of specific requests. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S17 on EX Series; 12.3X48 versions prior to 12.3X48-D105 on SRX Series; 15.1 versions prior to 15.1R7-S8; 15.1X49 ver... • https://kb.juniper.net/JSA11152 • CWE-125: Out-of-bounds Read CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 10.0EPSS: 0%CPEs: 127EXPL: 0CVE-2021-0249 – Junos OS: SRX Series: A remote attacker may be able to cause a PFE buffer overflow to arbitrarily remotely execute code or commands on the target device with UTM enabled.
https://notcve.org/view.php?id=CVE-2021-0249
22 Apr 2021 — On SRX Series devices configured with UTM services a buffer overflow vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS may allow an attacker to arbitrarily execute code or commands on the target to take over or otherwise impact the device by sending crafted packets to or through the device. This issue affects: Juniper Networks Junos OS on SRX Series: 15.1X49 versions prior to 15.1X49-D190; 17.4 versions prior to 17.4R2-S9; 17.4R3 and later versions prior to 18.1R3-S9; 18.2 ver... • https://kb.juniper.net/JSA11142 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •