CVSS: 6.5EPSS: 0%CPEs: 80EXPL: 0CVE-2023-44196 – Junos OS Evolved: PTX10003 Series: Packets which are not destined to the router can reach the RE
https://notcve.org/view.php?id=CVE-2023-44196
An Improper Check for Unusual or Exceptional Conditions in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS Evolved on PTX10003 Series allows an unauthenticated adjacent attacker to cause an impact to the integrity of the system. When specific transit MPLS packets are received by the PFE, these packets are internally forwarded to the RE. This issue is a prerequisite for CVE-2023-44195. This issue affects Juniper Networks Junos OS Evolved: * All versions prior to 20.4R3-S8-EVO; * 21.1-EVO version 21.1R1-EVO and later; * 21.2-EVO versions prior to 21.2R3-S6-EVO; * 21.3-EVO version 21.3R1-EVO and later; * 21.4-EVO versions prior to 21.4R3-S3-EVO; * 22.1-EVO versions prior to 22.1R3-S4-EVO; * 22.2-EVO versions prior to 22.2R3-S3-EVO; * 22.3-EVO versions prior to 22.3R2-S2-EVO, 22.3R3-EVO; * 22.4-EVO versions prior to 22.4R2-EVO. Una Verificación Inadecuada de Condiciones Inusuales o Excepcionales en Packet Forwarding Engine (pfe) de Juniper Networks Junos OS Evolved en la serie PTX10003 permite que un atacante adyacente no autenticado cause un impacto en la integridad del sistema. Cuando el PFE recibe paquetes MPLS de tránsito específicos, estos paquetes se reenvían internamente al RE. Este problema es un requisito previo para CVE-2023-44195. • https://supportportal.juniper.net/JSA73162 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 5.4EPSS: 0%CPEs: 39EXPL: 0CVE-2023-44195 – Junos OS Evolved: Packets which are not destined to the router can reach the RE
https://notcve.org/view.php?id=CVE-2023-44195
An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the NetworkStack agent daemon (nsagentd) of Juniper Networks Junos OS Evolved allows an unauthenticated network based attacker to cause limited impact to the availability of the system. If specific packets reach the Routing-Engine (RE) these will be processed normally even if firewall filters are in place which should have prevented this. This can lead to a limited, increased consumption of resources resulting in a Denial-of-Service (DoS), and unauthorized access. CVE-2023-44196 is a prerequisite for this issue. This issue affects Juniper Networks Junos OS Evolved: * 21.3-EVO versions prior to 21.3R3-S5-EVO; * 21.4-EVO versions prior to 21.4R3-S4-EVO; * 22.1-EVO version 22.1R1-EVO and later; * 22.2-EVO version 22.2R1-EVO and later; * 22.3-EVO versions prior to 22.3R2-S2-EVO, 22.3R3-S1-EVO; * 22.4-EVO versions prior to 22.4R3-EVO. This issue doesn't not affected Junos OS Evolved versions prior to 21.3R1-EVO. Una vulnerabilidad de Restricción Inadecuada del Canal de Comunicación a los Endpoints Previstos en el daemon del agente NetworkStack (nsagentd) de Juniper Networks Junos OS Evolved permite que un atacante basado en red no autenticado cause un impacto limitado en la disponibilidad del sistema. Si paquetes específicos llegan al Routing-Engine (RE), se procesarán normalmente incluso si existen filtros de firewall que deberían haberlo impedido. Esto puede provocar un consumo mayor y limitado de recursos, lo que resulta en una Denegación de Servicio (DoS) y un acceso no autorizado. • https://supportportal.juniper.net/JSA73160 • CWE-923: Improper Restriction of Communication Channel to Intended Endpoints •
CVSS: 8.4EPSS: 0%CPEs: 50EXPL: 0CVE-2023-44194 – Junos OS: An unauthenticated attacker with local access to the device can create a backdoor with root privileges
https://notcve.org/view.php?id=CVE-2023-44194
An Incorrect Default Permissions vulnerability in Juniper Networks Junos OS allows an unauthenticated attacker with local access to the device to create a backdoor with root privileges. The issue is caused by improper directory permissions on a certain system directory, allowing an attacker with access to this directory to create a backdoor with root privileges. This issue affects Juniper Networks Junos OS: * All versions prior to 20.4R3-S5; * 21.1 versions prior to 21.1R3-S4; * 21.2 versions prior to 21.2R3-S4; * 21.3 versions prior to 21.3R3-S3; * 21.4 versions prior to 21.4R3-S1. Una vulnerabilidad de permisos predeterminados incorrectos en Juniper Networks Junos OS permite que un atacante no autenticado con acceso local al dispositivo cree un backdoor con privilegios de root. El problema se debe a permisos de directorio inadecuados en un determinado directorio del sistema, lo que permite a un atacante con acceso a este directorio crear un backdoor con privilegios de root. Este problema afecta a Juniper Networks Junos OS: * Todas las versiones anteriores a 20.4R3-S5; * Versiones 21.1 anteriores a 21.1R3-S4; * Versiones 21.2 anteriores a 21.2R3-S4; * Versiones 21.3 anteriores a 21.3R3-S3; * Versiones 21.4 anteriores a 21.4R3-S1. • https://supportportal.juniper.net/JSA73158 • CWE-276: Incorrect Default Permissions •
CVSS: 5.5EPSS: 0%CPEs: 81EXPL: 0CVE-2023-44193 – Junos OS: MX Series: An FPC crash is observed when CFM is enabled in a VPLS scenario and a specific LDP related command is run
https://notcve.org/view.php?id=CVE-2023-44193
An Improper Release of Memory Before Removing Last Reference vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows a local, low privileged attacker to cause an FPC crash, leading to Denial of Service (DoS). On all Junos MX Series with MPC1 - MPC9, LC480, LC2101, MX10003, and MX80, when Connectivity-Fault-Management (CFM) is enabled in a VPLS scenario, and a specific LDP related command is run, an FPC will crash and reboot. Continued execution of this specific LDP command can lead to sustained Denial of Service condition. This issue affects: Juniper Networks Junos OS on MX Series: * All versions prior to 20.4R3-S7; * 21.1 versions prior to 21.1R3-S5; * 21.2 versions prior to 21.2R3-S4; * 21.3 versions prior to 21.3R3-S4; * 21.4 versions prior to 21.4R3-S3; * 22.1 versions prior to 22.1R3-S1; * 22.2 versions prior to 22.2R2-S1, 22.2R3; * 22.3 versions prior to 22.3R1-S2, 22.3R2. Una vulnerabilidad de liberación inadecuada de memoria antes de eliminar la última referencia en Packet Forwarding Engine (PFE) de Juniper Networks Junos OS permite que un atacante local con pocos privilegios provoque una falla del FPC, lo que lleva a una Denegación de Servicio (DoS). En todas las series Junos MX con MPC1 - MPC9, LC480, LC2101, MX10003 y MX80, cuando Connectivity-Fault-Management (CFM) está habilitada en un escenario VPLS y se ejecuta un comando relacionado con LDP específico, un FPC fallará y se reiniciará. La ejecución continua de este comando LDP específico puede provocar una condición sostenida de Denegación de Servicio. • https://supportportal.juniper.net/JSA73157 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 86EXPL: 0CVE-2023-44192 – Junos OS: QFX5000 Series: DMA memory leak is observed when specific DHCP packets are transmitted over pseudo-VTEP
https://notcve.org/view.php?id=CVE-2023-44192
An Improper Input Validation vulnerability in the Packet Forwarding Engine of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause memory leak, leading to Denial of Service (DoS). On all Junos OS QFX5000 Series platforms, when pseudo-VTEP (Virtual Tunnel End Point) is configured under EVPN-VXLAN scenario, and specific DHCP packets are transmitted, DMA memory leak is observed. Continuous receipt of these specific DHCP packets will cause memory leak to reach 99% and then cause the protocols to stop working and traffic is impacted, leading to Denial of Service (DoS) condition. A manual reboot of the system recovers from the memory leak. To confirm the memory leak, monitor for "sheaf:possible leak" and "vtep not found" messages in the logs. This issue affects: Juniper Networks Junos OS QFX5000 Series: * All versions prior to 20.4R3-S6; * 21.1 versions prior to 21.1R3-S5; * 21.2 versions prior to 21.2R3-S5; * 21.3 versions prior to 21.3R3-S4; * 21.4 versions prior to 21.4R3-S3; * 22.1 versions prior to 22.1R3-S2; * 22.2 versions prior to 22.2R2-S2, 22.2R3; * 22.3 versions prior to 22.3R2-S1, 22.3R3; * 22.4 versions prior to 22.4R1-S2, 22.4R2. Una vulnerabilidad de validación de entrada incorrecta en Packet Forwarding Engine (PFE) de Juniper Networks Junos OS permite que un atacante basado en red no autenticado cause una pérdida de memoria, lo que lleva a una Denegación de Servicio (DoS). En todas las plataformas de la serie Junos OS QFX5000, cuando se configura pseudo-VTEP (Virtual Tunnel End Point) en el escenario EVPN-VXLAN y se transmiten paquetes DHCP específicos, se observa una pérdida de memoria DMA. • https://supportportal.juniper.net/JSA73156 • CWE-20: Improper Input Validation CWE-401: Missing Release of Memory after Effective Lifetime •