CVSS: 8.7EPSS: 0%CPEs: 7EXPL: 0CVE-2024-30405 – Junos OS: SRX 5000 Series with SPC2: Processing of specific crafted packets when ALG is enabled causes a transit traffic Denial of Service
https://notcve.org/view.php?id=CVE-2024-30405
12 Apr 2024 — An Incorrect Calculation of Buffer Size vulnerability in Juniper Networks Junos OS SRX 5000 Series devices using SPC2 line cards while ALGs are enabled allows an attacker sending specific crafted packets to cause a transit traffic Denial of Service (DoS). Continued receipt and processing of these specific packets will sustain the Denial of Service condition. This issue affects: Juniper Networks Junos OS SRX 5000 Series with SPC2 with ALGs enabled. * All versions earlier than 21.2R3-S7; * 21.4 versions earli... • https://supportportal.juniper.net/JSA79105 • CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 7.1EPSS: 0%CPEs: 14EXPL: 0CVE-2024-21618 – Junos OS and Junos OS Evolved: When LLDP is enabled and a malformed LLDP packet is received, l2cpd crashes
https://notcve.org/view.php?id=CVE-2024-21618
12 Apr 2024 — An Access of Memory Location After End of Buffer vulnerability in the Layer-2 Control Protocols Daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause Denial of Service (DoS). On all Junos OS and Junos OS Evolved platforms, when LLDP is enabled on a specific interface, and a malformed LLDP packet is received, l2cpd crashes and restarts. The impact of the l2cpd crash is reinitialization of STP protocols (RSTP, MSTP or VSTP), and MVRP and ERP. Al... • https://supportportal.juniper.net/JSA75759 • CWE-788: Access of Memory Location After End of Buffer •
CVSS: 5.1EPSS: 0%CPEs: 15EXPL: 0CVE-2024-21615 – Junos OS and Junos OS Evolved: A low-privileged user can access confidential information
https://notcve.org/view.php?id=CVE-2024-21615
12 Apr 2024 — An Incorrect Default Permissions vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker to access confidential information on the system. On all Junos OS and Junos OS Evolved platforms, when NETCONF traceoptions are configured, and a super-user performs specific actions via NETCONF, then a low-privileged user can access sensitive information compromising the confidentiality of the system. This issue affects: Junos OS: * all versions before 21.2R3-S7, * from 2... • https://supportportal.juniper.net/JSA75756 • CWE-276: Incorrect Default Permissions •
CVSS: 5.3EPSS: 0%CPEs: 10EXPL: 0CVE-2024-21610 – Junos OS: MX Series: In a scaled subscriber scenario if CoS information is gathered mgd processes gets stuck
https://notcve.org/view.php?id=CVE-2024-21610
12 Apr 2024 — An Improper Handling of Exceptional Conditions vulnerability in the Class of Service daemon (cosd) of Juniper Networks Junos OS on MX Series allows an authenticated, network-based attacker with low privileges to cause a limited Denial of Service (DoS). In a scaled subscriber scenario when specific low privileged commands, received over NETCONF, SSH or telnet, are handled by cosd on behalf of mgd, the respective child management daemon (mgd) processes will get stuck. In case of (Netconf over) SSH this leads ... • http://supportportal.juniper.net/JSA75751 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.1EPSS: 0%CPEs: 10EXPL: 0CVE-2024-21609 – Junos OS: MX Series with SPC3, and SRX Series: If specific IPsec parameters are negotiated iked will crash due to a memory leak
https://notcve.org/view.php?id=CVE-2024-21609
12 Apr 2024 — A Missing Release of Memory after Effective Lifetime vulnerability in the IKE daemon (iked) of Juniper Networks Junos OS on MX Series with SPC3, and SRX Series allows an administratively adjacent attacker which is able to successfully establish IPsec tunnels to cause a Denial of Service (DoS). If specific values for the IPsec parameters local-ip, remote-ip, remote ike-id, and traffic selectors are sent from the peer, a memory leak occurs during every IPsec SA rekey which is carried out with a specific messa... • http://supportportal.juniper.net/JSA75750 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2024-21605 – Junos OS: SRX 300 Series: Specific link local traffic causes a control plane overload
https://notcve.org/view.php?id=CVE-2024-21605
12 Apr 2024 — An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX 300 Series allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). Specific valid link-local traffic is not blocked on ports in STP blocked state but is instead sent to the control plane of the device. This leads to excessive resource consumption and in turn severe impact on all control and management protocols of the device. This issue affects Juniper Netw... • https://supportportal.juniper.net/JSA75746 • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 8.7EPSS: 0%CPEs: 20EXPL: 0CVE-2024-21598 – Junos OS and Junos OS Evolved: A malformed BGP tunnel encapsulation attribute will lead to an rpd crash
https://notcve.org/view.php?id=CVE-2024-21598
12 Apr 2024 — An Improper Validation of Syntactic Correctness of Input vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). If a BGP update is received over an established BGP session which contains a tunnel encapsulation attribute with a specifically malformed TLV, rpd will crash and restart. This issue affects Juniper Networks Junos OS: * 20.4 versions 20.4R1 and later versions earlier th... • http://supportportal.juniper.net/JSA75739 • CWE-1286: Improper Validation of Syntactic Correctness of Input •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2024-21593 – Junos OS: MX Series with MPC10, MPC11, LC9600, and MX304: A specific MPLS packet will cause a PFE crash
https://notcve.org/view.php?id=CVE-2024-21593
12 Apr 2024 — An Improper Check or Handling of Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). If an attacker sends a specific MPLS packet, which upon processing, causes an internal loop, that leads to a PFE crash and restart. Continued receipt of these packets leads to a sustained Denial of Service (DoS) condition. Circuit cross-connect (CCC) needs to be configured... • https://supportportal.juniper.net/JSA75732 • CWE-703: Improper Check or Handling of Exceptional Conditions •