CVSS: 7.4EPSS: 0%CPEs: 122EXPL: 0CVE-2023-28974 – Junos OS: MX Series: In a BBE scenario upon receipt of specific malformed packets from subscribers the process bbe-smgd will crash
https://notcve.org/view.php?id=CVE-2023-28974
17 Apr 2023 — An Improper Check for Unusual or Exceptional Conditions vulnerability in the bbe-smgd of Juniper Networks Junos OS allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). In a Broadband Edge / Subscriber Management scenario on MX Series when a specifically malformed ICMP packet addressed to the device is received from a subscriber the bbe-smgd will crash, affecting the subscriber sessions that are connecting, updating, or terminating. Continued receipt of such packets will lead to a... • https://supportportal.juniper.net/JSA70599 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 6.5EPSS: 0%CPEs: 83EXPL: 0CVE-2023-28981 – Junos OS and Junos OS Evolved: If malformed IPv6 router advertisements are received, memory corruption will occur which causes an rpd crash
https://notcve.org/view.php?id=CVE-2023-28981
17 Apr 2023 — An Improper Input Validation vulnerability in the kernel of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). If the receipt of router advertisements is enabled on an interface and a specifically malformed RA packet is received, memory corruption will happen which leads to an rpd crash. This issue affects: Juniper Networks Junos OS 20.3 versions prior to 20.3R3-S5; 20.4 versions prior to 20.4R3-S3; 21.1 versions prior to 21.1R3-S4... • https://supportportal.juniper.net/JSA70607 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 170EXPL: 0CVE-2023-28976 – Junos OS: MX Series: If a specific traffic rate goes above the DDoS threshold it will lead to an FPC crash
https://notcve.org/view.php?id=CVE-2023-28976
17 Apr 2023 — An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). If specific traffic is received on MX Series and its rate exceeds the respective DDoS protection limit the ingress PFE will crash and restart. Continued receipt of this traffic will create a sustained DoS condition. This issue affects Juniper Networks Junos OS on MX Series: A... • https://supportportal.juniper.net/JSA70601 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 6.5EPSS: 0%CPEs: 122EXPL: 0CVE-2023-28959 – Junos OS: QFX10002: PFE wedges and restarts upon receipt of specific malformed packets
https://notcve.org/view.php?id=CVE-2023-28959
17 Apr 2023 — An Improper Check or Handling of Exceptional Conditions vulnerability in packet processing of Juniper Networks Junos OS on QFX10002 allows an unauthenticated, adjacent attacker on the local broadcast domain sending a malformed packet to the device, causing all PFEs other than the inbound PFE to wedge and to eventually restart, resulting in a Denial of Service (DoS) condition. Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue can only be tri... • https://supportportal.juniper.net/JSA70584 • CWE-703: Improper Check or Handling of Exceptional Conditions •
CVSS: 5.3EPSS: 0%CPEs: 112EXPL: 0CVE-2023-28984 – Junos OS: QFX Series: The PFE may crash when a lot of MAC addresses are being learned and aged
https://notcve.org/view.php?id=CVE-2023-28984
17 Apr 2023 — A Use After Free vulnerability in the Layer 2 Address Learning Manager (l2alm) of Juniper Networks Junos OS on QFX Series allows an adjacent attacker to cause the Packet Forwarding Engine to crash and restart, leading to a Denial of Service (DoS). The PFE may crash when a lot of MAC learning and aging happens, but due to a Race Condition (Concurrent Execution using Shared Resource with Improper Synchronization) that is outside the attackers direct control. This issue affects: Juniper Networks Junos OS versi... • https://supportportal.juniper.net/JSA70610 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 5.3EPSS: 0%CPEs: 257EXPL: 0CVE-2023-28968 – Junos OS: SRX Series: Policies that rely on JDPI-Decoder actions may fail open
https://notcve.org/view.php?id=CVE-2023-28968
17 Apr 2023 — An Improperly Controlled Sequential Memory Allocation vulnerability in the Juniper Networks Deep Packet Inspection-Decoder (JDPI-Decoder) Application Signature component of Junos OS's AppID service on SRX Series devices will stop the JDPI-Decoder from identifying dynamic application traffic, allowing an unauthenticated network-based attacker to send traffic to the target device using the JDPI-Decoder, designed to inspect dynamic application traffic and take action upon this traffic, to instead begin to not ... • https://supportportal.juniper.net/JSA70592 • CWE-770: Allocation of Resources Without Limits or Throttling CWE-1325: Improperly Controlled Sequential Memory Allocation •
CVSS: 4.7EPSS: 0%CPEs: 118EXPL: 0CVE-2023-28979 – Junos OS: In a 6PE scenario upon receipt of a specific IPv6 packet an integrity check fails
https://notcve.org/view.php?id=CVE-2023-28979
17 Apr 2023 — An Improper Check for Unusual or Exceptional Conditions vulnerability in the kernel of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to bypass an integrity check. In a 6PE scenario and if an additional integrity check is configured, it will fail to drop specific malformed IPv6 packets, and then these packets will be forwarded to other connected networks. This issue affects Juniper Networks Junos OS: All versions prior to 19.3R3-S7; 19.4 versions prior to 19.4R3-S9; 20.2 versions prio... • https://supportportal.juniper.net/JSA70604 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 7.8EPSS: 0%CPEs: 176EXPL: 0CVE-2023-28964 – Junos OS and Junos OS Evolved: Malformed BGP flowspec update causes RPD crash
https://notcve.org/view.php?id=CVE-2023-28964
17 Apr 2023 — An Improper Handling of Length Parameter Inconsistency vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a network based, unauthenticated attacker to cause an RPD crash leading to a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. Upon receipt of a malformed BGP flowspec update, RPD will crash resulting in a Denial of Service. This issue affects Juniper Networks Junos ... • https://supportportal.juniper.net/JSA70588 • CWE-130: Improper Handling of Length Parameter Inconsistency •
CVSS: 7.2EPSS: 0%CPEs: 152EXPL: 0CVE-2023-28972 – Junos OS: NFX Series: 'set system ports console insecure' allows root password recovery
https://notcve.org/view.php?id=CVE-2023-28972
17 Apr 2023 — An Improper Link Resolution Before File Access vulnerability in console port access of Juniper Networks Junos OS on NFX Series allows an attacker to bypass console access controls. When "set system ports console insecure" is enabled, root login is disallowed for Junos OS as expected. However, the root password can be changed using "set system root-authentication plain-text-password" on NFX Series systems, leading to a possible administrative bypass with physical access to the console. Password recovery, cha... • https://supportportal.juniper.net/JSA70596 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 6.5EPSS: 0%CPEs: 127EXPL: 0CVE-2023-1697 – Junos OS: QFX10000 Series, PTX1000 Series: The dcpfe process will crash when a malformed ethernet frame is received
https://notcve.org/view.php?id=CVE-2023-1697
17 Apr 2023 — An Improper Handling of Missing Values vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause a dcpfe process core and thereby a Denial of Service (DoS). Continued receipt of these specific frames will cause a sustained Denial of Service condition. This issue occurs when a specific malformed ethernet frame is received. This issue affects Juniper Networks Junos OS on QFX10000 Series, PTX1000 Series Series: All versions prior to 1... • https://supportportal.juniper.net/JSA70612 • CWE-230: Improper Handling of Missing Values •