CVSS: 6.8EPSS: 0%CPEs: 12EXPL: 0CVE-2024-39528 – Junos OS and Junos OS Evolved: Concurrent deletion of a routing-instance and receipt of an SNMP request cause an RPD crash
https://notcve.org/view.php?id=CVE-2024-39528
11 Jul 2024 — A Use After Free vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated, network-based attacker to cause a Denial of Service (DoS).On all Junos OS and Junos Evolved platforms, if a routing-instance deactivation is triggered, and at the same time a specific SNMP request is received, a segmentation fault occurs which causes rpd to crash and restart. This issue affects: Junos OS: * All versions before 21.2R3-S8, * 21.4 versions before 21.4R3... • https://supportportal.juniper.net/JSA82987 • CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 17EXPL: 0CVE-2024-39517 – Junos OS and Junos OS Evolved: Upon processing specific L2 traffic, rpd can hang in devices with EVPN/VXLAN configured
https://notcve.org/view.php?id=CVE-2024-39517
10 Jul 2024 — An Improper Check for Unusual or Exceptional Conditions vulnerability in the Layer 2 Address Learning Daemon (l2ald) on Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause Denial of Service (DoS). In an EVPN/VXLAN scenario, when a high amount specific Layer 2 packets are processed by the device, it can cause the Routing Protocol Daemon (rpd) to utilize all CPU resources which causes the device to hang. A manual restart of the rpd is required to restore servic... • https://supportportal.juniper.net/JSA79175 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 7.1EPSS: 0%CPEs: 14EXPL: 0CVE-2024-39514 – Junos OS and Junos OS Evolved: Receiving specific traffic on devices with EVPN-VPWS with IGMP-snooping enabled will cause the rpd to crash
https://notcve.org/view.php?id=CVE-2024-39514
10 Jul 2024 — An Improper Check or Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). An attacker can send specific traffic to the device, which causes the rpd to crash and restart. Continued receipt of this traffic will result in a sustained DoS condition. This issue only affects devices with an EVPN-VPWS instance with IGMP-snooping enabled. This issue affects... • https://supportportal.juniper.net/JSA82980 • CWE-703: Improper Check or Handling of Exceptional Conditions •
CVSS: 6.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-39513 – Junos OS Evolved: Execution of a specific CLI command will cause a crash in the AFT manager
https://notcve.org/view.php?id=CVE-2024-39513
10 Jul 2024 — An Improper Input Validation vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved allows a local, low-privileged attacker to cause a Denial of Service (DoS). When a specific "clear" command is run, the Advanced Forwarding Toolkit manager (evo-aftmand-bt or evo-aftmand-zx) crashes and restarts. The crash impacts all traffic going through the FPCs, causing a DoS. Running the command repeatedly leads to a sustained DoS condition. This issue affects Junos OS Evolved: * All ve... • https://supportportal.juniper.net/JSA82978 • CWE-20: Improper Input Validation •
CVSS: 8.7EPSS: 0%CPEs: 5EXPL: 0CVE-2024-39562 – Junos OS Evolved: A high rate of SSH connections causes a Denial of Service
https://notcve.org/view.php?id=CVE-2024-39562
10 Jul 2024 — A Missing Release of Resource after Effective Lifetime vulnerability the xinetd process, responsible for spawning SSH daemon (sshd) instances, of Juniper Networks Junos OS Evolved allows an unauthenticated network-based attacker to cause a Denial of Service (DoS) by blocking SSH access for legitimate users. Continued receipt of these connections will create a sustained Denial of Service (DoS) condition. The issue is triggered when a high rate of concurrent SSH requests are received and terminated in a speci... • https://supportportal.juniper.net/JSA75724 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.1EPSS: 0%CPEs: 14EXPL: 0CVE-2024-39560 – Junos OS and Junos OS Evolved: Memory leak due to RSVP neighbor persistent error leading to kernel crash
https://notcve.org/view.php?id=CVE-2024-39560
10 Jul 2024 — An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a logically adjacent downstream RSVP neighbor to cause kernel memory exhaustion, leading to a kernel crash, resulting in a Denial of Service (DoS). The kernel memory leak and eventual crash will be seen when the downstream RSVP neighbor has a persistent error which will not be corrected. System kernel memory can be monitored through the use of the 'show s... • https://supportportal.juniper.net/JSA83020 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2024-39557 – Junos OS Evolved: MAC table changes cause a memory leak
https://notcve.org/view.php?id=CVE-2024-39557
10 Jul 2024 — An Uncontrolled Resource Consumption vulnerability in the Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a memory leak, eventually exhausting all system memory, leading to a system crash and Denial of Service (DoS). Certain MAC table updates cause a small amount of memory to leak. Once memory utilization reaches its limit, the issue will result in a system crash and restart. To identify the issue, execute the CLI command: us... • https://supportportal.juniper.net/JSA83017 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.1EPSS: 0%CPEs: 16EXPL: 0CVE-2024-39556 – Junos OS and Junos OS Evolved: Loading a malicious certificate from the CLI may result in a stack-based overflow
https://notcve.org/view.php?id=CVE-2024-39556
10 Jul 2024 — A Stack-Based Buffer Overflow vulnerability in Juniper Networks Junos OS and Juniper Networks Junos OS Evolved may allow a local, low-privileged attacker with access to the CLI the ability to load a malicious certificate file, leading to a limited Denial of Service (DoS) or privileged code execution. By exploiting the 'set security certificates' command with a crafted certificate file, a malicious attacker with access to the CLI could cause a crash of the command management daemon (mgd), limited to the loca... • https://supportportal.juniper.net/JSA83016 • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.7EPSS: 0%CPEs: 14EXPL: 0CVE-2024-39555 – Junos OS and Junos OS Evolved: Receipt of a specific malformed BGP update causes the session to reset
https://notcve.org/view.php?id=CVE-2024-39555
10 Jul 2024 — An Improper Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an attacker sending a specific malformed BGP update message to cause the session to reset, resulting in a Denial of Service (DoS). Continued receipt and processing of these malformed BGP update messages will create a sustained Denial of Service (DoS) condition. Upon receipt of a BGP update message over an established BGP session containing a specifically ... • https://supportportal.juniper.net/JSA83015 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 8.2EPSS: 0%CPEs: 16EXPL: 0CVE-2024-39554 – Junos OS and Junos OS Evolved: BGP multipath incremental calculation is resulting in an rpd crash
https://notcve.org/view.php?id=CVE-2024-39554
10 Jul 2024 — A Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to inject incremental routing updates when BGP multipath is enabled, causing rpd to crash and restart, resulting in a Denial of Service (DoS). Since this is a timing issue (race condition), the successful exploitation of this vulnerability is outside th... • https://supportportal.juniper.net/JSA83014 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •