CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2024-21605 – Junos OS: SRX 300 Series: Specific link local traffic causes a control plane overload
https://notcve.org/view.php?id=CVE-2024-21605
12 Apr 2024 — An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX 300 Series allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). Specific valid link-local traffic is not blocked on ports in STP blocked state but is instead sent to the control plane of the device. This leads to excessive resource consumption and in turn severe impact on all control and management protocols of the device. This issue affects Juniper Netw... • https://supportportal.juniper.net/JSA75746 • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 8.7EPSS: 0%CPEs: 20EXPL: 0CVE-2024-21598 – Junos OS and Junos OS Evolved: A malformed BGP tunnel encapsulation attribute will lead to an rpd crash
https://notcve.org/view.php?id=CVE-2024-21598
12 Apr 2024 — An Improper Validation of Syntactic Correctness of Input vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). If a BGP update is received over an established BGP session which contains a tunnel encapsulation attribute with a specifically malformed TLV, rpd will crash and restart. This issue affects Juniper Networks Junos OS: * 20.4 versions 20.4R1 and later versions earlier th... • http://supportportal.juniper.net/JSA75739 • CWE-1286: Improper Validation of Syntactic Correctness of Input •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2024-21593 – Junos OS: MX Series with MPC10, MPC11, LC9600, and MX304: A specific MPLS packet will cause a PFE crash
https://notcve.org/view.php?id=CVE-2024-21593
12 Apr 2024 — An Improper Check or Handling of Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). If an attacker sends a specific MPLS packet, which upon processing, causes an internal loop, that leads to a PFE crash and restart. Continued receipt of these packets leads to a sustained Denial of Service (DoS) condition. Circuit cross-connect (CCC) needs to be configured... • https://supportportal.juniper.net/JSA75732 • CWE-703: Improper Check or Handling of Exceptional Conditions •