CVSS: 5.8EPSS: 0%CPEs: 83EXPL: 0CVE-2023-28961 – Junos OS: ACX Series: IPv6 firewall filter is not installed in PFE when "from next-header ah" is used
https://notcve.org/view.php?id=CVE-2023-28961
17 Apr 2023 — An Improper Handling of Unexpected Data Type vulnerability in IPv6 firewall filter processing of Juniper Networks Junos OS on the ACX Series devices will prevent a firewall filter with the term 'from next-header ah' from being properly installed in the packet forwarding engine (PFE). There is no immediate indication of an incomplete firewall filter commit shown at the CLI, which could allow an attacker to send valid packets to or through the device that were explicitly intended to be dropped. An indication ... • https://supportportal.juniper.net/JSA70586 • CWE-241: Improper Handling of Unexpected Data Type •
CVSS: 10.0EPSS: 0%CPEs: 138EXPL: 0CVE-2023-28962 – Junos OS: Unauthenticated access vulnerability in J-Web
https://notcve.org/view.php?id=CVE-2023-28962
17 Apr 2023 — An Improper Authentication vulnerability in upload-file.php, used by the J-Web component of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to upload arbitrary files to temporary folders on the device. This issue affects Juniper Networks Junos OS: All versions prior to 19.4R3-S11; 20.1 version 20.1R1 and later versions; 20.2 versions prior to 20.2R3-S7; 20.3 version 20.3R1 and later versions; 20.4 versions prior to 20.4R3-S6; 21.1 version 21.1R1 and later versions; 21.2 versions ... • https://supportportal.juniper.net/JSA70587 • CWE-287: Improper Authentication CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 5.3EPSS: 0%CPEs: 138EXPL: 0CVE-2023-28963 – Junos OS: User-controlled input vulnerability in J-Web
https://notcve.org/view.php?id=CVE-2023-28963
17 Apr 2023 — An Improper Authentication vulnerability in cert-mgmt.php, used by the J-Web component of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to read arbitrary files from temporary folders on the device. This issue affects Juniper Networks Junos OS: All versions prior to 19.1R3-S10; 19.2 versions prior to 19.2R3-S7; 19.3 versions prior to 19.3R3-S8; 19.4 versions prior to 19.4R3-S11; 20.1 version 20.1R1 and later versions; 20.2 versions prior to 20.2R3-S7; 20.3 version 20.3R1 and lat... • https://supportportal.juniper.net/JSA70587 • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 176EXPL: 0CVE-2023-28964 – Junos OS and Junos OS Evolved: Malformed BGP flowspec update causes RPD crash
https://notcve.org/view.php?id=CVE-2023-28964
17 Apr 2023 — An Improper Handling of Length Parameter Inconsistency vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a network based, unauthenticated attacker to cause an RPD crash leading to a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. Upon receipt of a malformed BGP flowspec update, RPD will crash resulting in a Denial of Service. This issue affects Juniper Networks Junos ... • https://supportportal.juniper.net/JSA70588 • CWE-130: Improper Handling of Length Parameter Inconsistency •
CVSS: 7.8EPSS: 0%CPEs: 102EXPL: 0CVE-2023-28965 – Junos OS: QFX10002: Failure of storm control feature may lead to Denial of Service
https://notcve.org/view.php?id=CVE-2023-28965
17 Apr 2023 — An Improper Check or Handling of Exceptional Conditions within the storm control feature of Juniper Networks Junos OS allows an attacker sending a high rate of traffic to cause a Denial of Service. Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. Storm control monitors the level of applicable incoming traffic and compares it with the level specified. If the combined level of the applicable traffic exceeds the specified level, the switch drops packe... • https://supportportal.juniper.net/JSA70589 • CWE-703: Improper Check or Handling of Exceptional Conditions CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 6.5EPSS: 0%CPEs: 49EXPL: 0CVE-2023-28970 – Junos OS: JRR200: Kernel crash upon receipt of a specific packet
https://notcve.org/view.php?id=CVE-2023-28970
17 Apr 2023 — An Improper Check or Handling of Exceptional Conditions vulnerability in packet processing on the network interfaces of Juniper Networks Junos OS on JRR200 route reflector appliances allows an adjacent, network-based attacker sending a specific packet to the device to cause a kernel crash, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue can only be triggered by an attacker on the local broadcast dom... • https://supportportal.juniper.net/JSA70594 • CWE-703: Improper Check or Handling of Exceptional Conditions CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.4EPSS: 0%CPEs: 122EXPL: 0CVE-2023-28974 – Junos OS: MX Series: In a BBE scenario upon receipt of specific malformed packets from subscribers the process bbe-smgd will crash
https://notcve.org/view.php?id=CVE-2023-28974
17 Apr 2023 — An Improper Check for Unusual or Exceptional Conditions vulnerability in the bbe-smgd of Juniper Networks Junos OS allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). In a Broadband Edge / Subscriber Management scenario on MX Series when a specifically malformed ICMP packet addressed to the device is received from a subscriber the bbe-smgd will crash, affecting the subscriber sessions that are connecting, updating, or terminating. Continued receipt of such packets will lead to a... • https://supportportal.juniper.net/JSA70599 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 4.9EPSS: 0%CPEs: 114EXPL: 0CVE-2023-28975 – Junos OS: The kernel will crash when certain USB devices are inserted
https://notcve.org/view.php?id=CVE-2023-28975
17 Apr 2023 — An Unexpected Status Code or Return Value vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated attacker with physical access to the device to cause a Denial of Service (DoS). When certain USB devices are connected to a USB port of the routing-engine (RE), the kernel will crash leading to a reboot of the device. The device will continue to crash as long as the USB device is connected. This issue affects Juniper Networks Junos OS: All versions prior to 19.4R3-S10; 20.2 versions p... • https://supportportal.juniper.net/JSA70600 • CWE-394: Unexpected Status Code or Return Value CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 7.8EPSS: 0%CPEs: 170EXPL: 0CVE-2023-28976 – Junos OS: MX Series: If a specific traffic rate goes above the DDoS threshold it will lead to an FPC crash
https://notcve.org/view.php?id=CVE-2023-28976
17 Apr 2023 — An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). If specific traffic is received on MX Series and its rate exceeds the respective DDoS protection limit the ingress PFE will crash and restart. Continued receipt of this traffic will create a sustained DoS condition. This issue affects Juniper Networks Junos OS on MX Series: A... • https://supportportal.juniper.net/JSA70601 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 4.7EPSS: 0%CPEs: 118EXPL: 0CVE-2023-28979 – Junos OS: In a 6PE scenario upon receipt of a specific IPv6 packet an integrity check fails
https://notcve.org/view.php?id=CVE-2023-28979
17 Apr 2023 — An Improper Check for Unusual or Exceptional Conditions vulnerability in the kernel of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to bypass an integrity check. In a 6PE scenario and if an additional integrity check is configured, it will fail to drop specific malformed IPv6 packets, and then these packets will be forwarded to other connected networks. This issue affects Juniper Networks Junos OS: All versions prior to 19.3R3-S7; 19.4 versions prior to 19.4R3-S9; 20.2 versions prio... • https://supportportal.juniper.net/JSA70604 • CWE-754: Improper Check for Unusual or Exceptional Conditions •