CVSS: 5.5EPSS: 0%CPEs: 204EXPL: 0CVE-2023-36840 – Junos OS and Junos OS Evolved: An rpd crash occurs when a specific L2VPN command is run
https://notcve.org/view.php?id=CVE-2023-36840
14 Jul 2023 — A Reachable Assertion vulnerability in Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows a locally-based, low-privileged attacker to cause a Denial of Service (DoS). On all Junos OS and Junos OS Evolved, when a specific L2VPN command is run, RPD will crash and restart. Continued execution of this specific command will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS All versions prior to 19.3R3-S10; 20.1 versions prior t... • https://supportportal.juniper.net/JSA71647 • CWE-617: Reachable Assertion •
CVSS: 4.7EPSS: 0%CPEs: 173EXPL: 0CVE-2023-36836 – Junos OS and Junos OS Evolved: In a MoFRR scenario an rpd core may be observed when a low privileged CLI command is executed
https://notcve.org/view.php?id=CVE-2023-36836
14 Jul 2023 — A Use of an Uninitialized Resource vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, authenticated attacker with low privileges to cause a Denial of Service (DoS). On all Junos OS and Junos OS Evolved platforms, in a Multicast only Fast Reroute (MoFRR) scenario, the rpd process can crash when a a specific low privileged CLI command is executed. The rpd crash will impact all routing protocols until the process has automatically been restarted... • https://supportportal.juniper.net/JSA71643 • CWE-908: Use of Uninitialized Resource •
CVSS: 7.8EPSS: 0%CPEs: 80EXPL: 0CVE-2023-36835 – Junos OS: QFX10000 Series: All traffic will be dropped after a specific valid IP packet has been received which needs to be routed over a VXLAN tunnel
https://notcve.org/view.php?id=CVE-2023-36835
14 Jul 2023 — An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on QFX10000 Series allows a network based attacker to cause a Denial of Service (DoS). If a specific valid IP packet is received and that packet needs to be routed over a VXLAN tunnel, this will result in a PFE wedge condition due to which traffic gets impacted. As this is not a crash and restart scenario, this condition will persist until the system is rebooted to recover... • https://supportportal.juniper.net/JSA71642 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 6.5EPSS: 0%CPEs: 61EXPL: 0CVE-2023-36833 – Junos OS Evolved: PTX10001-36MR, and PTX10004, PTX10008, PTX10016 with LC1201/1202: The aftman-bt process will crash in a MoFRR scenario after multiple link flaps
https://notcve.org/view.php?id=CVE-2023-36833
14 Jul 2023 — A Use After Free vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS Evolved on PTX10001-36MR, and PTX10004, PTX10008, PTX10016 with LC1201/1202 allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS). The process 'aftman-bt' will crash after multiple flaps on a multicast-only fast reroute (MoFRR) enabled interface. This will cause the respective FPC to stop forwarding traffic and it needs to be rebooted to restore the service. An indication that the syst... • https://supportportal.juniper.net/JSA71640 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 131EXPL: 0CVE-2023-36838 – Junos OS: SRX Series: A flowd core occurs when running a low privileged CLI command
https://notcve.org/view.php?id=CVE-2023-36838
14 Jul 2023 — An Out-of-bounds Read vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX Series allows a local, authenticated attacker with low privileges, to cause a Denial of Service (DoS). If a low privileged user executes a specific CLI command, flowd which is responsible for traffic forwarding in SRX crashes and generates a core dump. This will cause temporary traffic interruption until the flowd process is restarted automatically. Continued execution of this command will lead to a... • https://supportportal.juniper.net/JSA71645 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 198EXPL: 0CVE-2023-36832 – Junos OS: MX Series: PFE crash upon receipt of specific packet destined to an AMS interface
https://notcve.org/view.php?id=CVE-2023-36832
14 Jul 2023 — An Improper Handling of Exceptional Conditions vulnerability in packet processing of Juniper Networks Junos OS on MX Series allows an unauthenticated network-based attacker to send specific packets to an Aggregated Multiservices (AMS) interface on the device, causing the packet forwarding engine (PFE) to crash, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue is only triggered by packets destined to ... • https://supportportal.juniper.net/JSA71639 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.8EPSS: 0%CPEs: 176EXPL: 0CVE-2023-0026 – 2023-06: Out-of-Cycle Security Bulletin: Junos OS and Junos OS Evolved: A BGP session will flap upon receipt of a specific, optional transitive attribute
https://notcve.org/view.php?id=CVE-2023-0026
21 Jun 2023 — An Improper Input Validation vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When a BGP update message is received over an established BGP session, and that message contains a specific, optional transitive attribute, this session will be torn down with an update message error. This issue cannot propagate beyond an affected system as the processing error occurs as soon as... • https://supportportal.juniper.net/JSA71542 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 127EXPL: 0CVE-2023-1697 – Junos OS: QFX10000 Series, PTX1000 Series: The dcpfe process will crash when a malformed ethernet frame is received
https://notcve.org/view.php?id=CVE-2023-1697
17 Apr 2023 — An Improper Handling of Missing Values vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause a dcpfe process core and thereby a Denial of Service (DoS). Continued receipt of these specific frames will cause a sustained Denial of Service condition. This issue occurs when a specific malformed ethernet frame is received. This issue affects Juniper Networks Junos OS on QFX10000 Series, PTX1000 Series Series: All versions prior to 1... • https://supportportal.juniper.net/JSA70612 • CWE-230: Improper Handling of Missing Values •
CVSS: 6.5EPSS: 0%CPEs: 122EXPL: 0CVE-2023-28959 – Junos OS: QFX10002: PFE wedges and restarts upon receipt of specific malformed packets
https://notcve.org/view.php?id=CVE-2023-28959
17 Apr 2023 — An Improper Check or Handling of Exceptional Conditions vulnerability in packet processing of Juniper Networks Junos OS on QFX10002 allows an unauthenticated, adjacent attacker on the local broadcast domain sending a malformed packet to the device, causing all PFEs other than the inbound PFE to wedge and to eventually restart, resulting in a Denial of Service (DoS) condition. Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue can only be tri... • https://supportportal.juniper.net/JSA70584 • CWE-703: Improper Check or Handling of Exceptional Conditions •
CVSS: 5.8EPSS: 0%CPEs: 83EXPL: 0CVE-2023-28961 – Junos OS: ACX Series: IPv6 firewall filter is not installed in PFE when "from next-header ah" is used
https://notcve.org/view.php?id=CVE-2023-28961
17 Apr 2023 — An Improper Handling of Unexpected Data Type vulnerability in IPv6 firewall filter processing of Juniper Networks Junos OS on the ACX Series devices will prevent a firewall filter with the term 'from next-header ah' from being properly installed in the packet forwarding engine (PFE). There is no immediate indication of an incomplete firewall filter commit shown at the CLI, which could allow an attacker to send valid packets to or through the device that were explicitly intended to be dropped. An indication ... • https://supportportal.juniper.net/JSA70586 • CWE-241: Improper Handling of Unexpected Data Type •