Page 62 of 491 results (0.005 seconds)

CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0

On EX2300 and EX3400 series, high disk I/O operations may disrupt the communication between the routing engine (RE) and the packet forwarding engine (PFE). In a virtual chassis (VC) deployment, this issue disrupts communication between the VC members. This issue does not affect other Junos platforms. Affected releases are Junos OS on EX2300 and EX3400 series: 15.1X53 versions prior to 15.1X53-D590; 18.1 versions prior to 18.1R2-S2, 18.1R3; 18.2 versions prior to 18.2R2. En las series EX2300 y EX3400, las operaciones high disk I/O podrían interrumpir las comunicaciones entre el motor de enrutamiento (RE) y el motor de reenvío de paquetes (PFE). • http://www.securityfocus.com/bid/106548 https://kb.juniper.net/JSA10909 •

CVSS: 9.8EPSS: 0%CPEs: 20EXPL: 0

On EX2300 and EX3400 series, stateless firewall filter configuration that uses the action 'policer' in combination with other actions might not take effect. When this issue occurs, the output of the command: show pfe filter hw summary will not show the entry for: RACL group Affected releases are Junos OS on EX2300 and EX3400 series: 15.1X53 versions prior to 15.1X53-D590; 18.1 versions prior to 18.1R3; 18.2 versions prior to 18.2R2. This issue affect both IPv4 and IPv6 firewall filter. En las series EX2300 y EX3400, la configuración sin estado del filtro del firewall que emplea la acción "policer" junto con otras acciones podría no aplicarse. Cuando este problema ocurre, el resultado del comando show pfe filter hw summary no mostrará la entrada para: RACL group. • http://www.securityfocus.com/bid/106669 https://kb.juniper.net/JSA10901 https://www.juniper.net/documentation/en_US/junos/topics/reference/command-summary/show-pfe-filter.html • CWE-794: Incomplete Filtering of Multiple Instances of Special Elements •

CVSS: 7.5EPSS: 0%CPEs: 164EXPL: 0

When a specific BGP flowspec configuration is enabled and upon receipt of a specific matching BGP packet meeting a specific term in the flowspec configuration, a reachable assertion failure occurs, causing the routing protocol daemon (rpd) process to crash with a core file being generated. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D77 on SRX Series; 12.3 versions prior to 12.3R12-S10; 12.3X48 versions prior to 12.3X48-D70 on SRX Series; 14.1X53 versions prior to 14.1X53-D47 on EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100; 15.1 versions prior to 15.1R3; 15.1F versions prior to 15.1F3; 15.1X49 versions prior to 15.1X49-D140 on SRX Series; 15.1X53 versions prior to 15.1X53-D59 on EX2300/EX3400. Cuando una configuración BGP flowspec específica está habilitada y se recibe un paquete BGP coincidente determinado que coincide con un término específico en la configuración de flowspec, ocurre un fallo de aserción alcanzable que provoca que el proceso rpd (routing protocol daemon) se cierre inesperadamente y se genere un archivo core. Las versiones afectadas son Juniper Networks Junos OS: 12.1X46 en versiones anteriores a la 12.1X46-D77 en la serie SRX; 12.3 en versiones anteriores a la 12.3R12-S10; 12.3X48 en versiones anteriores a la 12.3X48-D70 en la serie SRX; 14.1X53 en versiones anteriores a la 14.1X53-D47 en EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100; 15.1 en versiones anteriores a la 15.1R3; 15.1F en versiones anteriores a la 15.1F3; 15.1X49 en versiones anteriores a la 15.1X49-D140 en la serie SRX y 15.1X53 en versiones anteriores a la 15.1X53-D59 en EX2300/EX3400. • http://www.securityfocus.com/bid/106544 https://kb.juniper.net/JSA10902 • CWE-617: Reachable Assertion •

CVSS: 5.3EPSS: 0%CPEs: 198EXPL: 0

On EX2300, EX3400, EX4600, QFX3K and QFX5K series, firewall filter configuration cannot perform packet matching on any IPv6 extension headers. This issue may allow IPv6 packets that should have been blocked to be forwarded. IPv4 packet filtering is unaffected by this vulnerability. Affected releases are Juniper Networks Junos OS on EX and QFX series;: 14.1X53 versions prior to 14.1X53-D47; 15.1 versions prior to 15.1R7; 15.1X53 versions prior to 15.1X53-D234 on QFX5200/QFX5110 series; 15.1X53 versions prior to 15.1X53-D591 on EX2300/EX3400 series; 16.1 versions prior to 16.1R7; 17.1 versions prior to 17.1R2-S10, 17.1R3; 17.2 versions prior to 17.2R3; 17.3 versions prior to 17.3R3; 17.4 versions prior to 17.4R2; 18.1 versions prior to 18.1R2. En las series EX2300, EX3400, EX4600, QFX3K y QFX5K, la configuración del filtro del firewall no puede realizar la concordancia de paquetes en ninguna cabecera de extensión IPv6. • http://www.securityfocus.com/bid/106665 https://kb.juniper.net/JSA10905 • CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 9.8EPSS: 7%CPEs: 86EXPL: 0

A certain crafted HTTP packet can trigger an uninitialized function pointer deference vulnerability in the Packet Forwarding Engine manager (fxpc) on all EX, QFX and MX Series devices in a Virtual Chassis configuration. This issue can result in a crash of the fxpc daemon or may potentially lead to remote code execution. This issue only occurs when the crafted packet it destined to the device. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D47 on EX and QFX Virtual Chassis Platforms; 15.1 versions prior to 15.1R7-S3 all Virtual Chassis Platforms 15.1X53 versions prior to 15.1X53-D50 on EX and QFX Virtual Chassis Platforms. Cierto paquete HTTP manipulado puede desencadenar una vulnerabilidad de desreferencia de puntero de función no inicializada en el gestor Packet Forwarding Engine (fxpc) en todos los dispositivos de las series EX, QFX y MX en una configuración de Virtual Chassis. • http://www.securityfocus.com/bid/106666 https://kb.juniper.net/JSA10906 • CWE-908: Use of Uninitialized Resource •