CVSS: 5.4EPSS: 0%CPEs: 39EXPL: 0CVE-2023-44195 – Junos OS Evolved: Packets which are not destined to the router can reach the RE
https://notcve.org/view.php?id=CVE-2023-44195
12 Oct 2023 — An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the NetworkStack agent daemon (nsagentd) of Juniper Networks Junos OS Evolved allows an unauthenticated network based attacker to cause limited impact to the availability of the system. If specific packets reach the Routing-Engine (RE) these will be processed normally even if firewall filters are in place which should have prevented this. This can lead to a limited, increased consumption of resources resulting in a Denia... • https://supportportal.juniper.net/JSA73160 • CWE-923: Improper Restriction of Communication Channel to Intended Endpoints •
CVSS: 6.8EPSS: 0%CPEs: 109EXPL: 0CVE-2023-44184 – Junos OS and Junos OS Evolved: High CPU load due to specific NETCONF command
https://notcve.org/view.php?id=CVE-2023-44184
12 Oct 2023 — An Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in the management daemon (mgd) process of Juniper Networks Junos OS and Junos OS Evolved allows a network-based authenticated low-privileged attacker, by executing a specific command via NETCONF, to cause a CPU Denial of Service to the device's control plane. This issue affects: Juniper Networks Junos OS * All versions prior to 20.4R3-S7; * 21.2 versions prior to 21.2R3-S5; * 21.3 versions prior to 21.3R3-S5; * 21.4 ver... • https://supportportal.juniper.net/JSA73147 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 151EXPL: 0CVE-2023-44178 – Junos OS : Stack overflow vulnerability in CLI command processing
https://notcve.org/view.php?id=CVE-2023-44178
12 Oct 2023 — A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos OS allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Repeated actions by the attacker will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks: Junos OS * All versions prior to 19.1R3-S10; * 19.2 versions prior to 19.2R3-S7; * 19.3 versions prior to 19.3R3-S8; * 19.4 versions prior to 19.4R3-S12; * 20.2 versions prior to 20.2R3-S8; * 2... • https://supportportal.juniper.net/JSA73140 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 150EXPL: 0CVE-2023-44176 – Junos OS : Stack overflow vulnerability in CLI command processing
https://notcve.org/view.php?id=CVE-2023-44176
12 Oct 2023 — A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos OS allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Repeated actions by the attacker will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks: Junos OS: * All versions prior to 20.4R3-S8; * 21.2 versions prior to 21.2R3-S6; * 21.3 versions prior to 21.3R3-S5; * 22.1 versions prior to 22.1R3-S3; * 22.3 versions prior to 22.3R3; * 22.4 ... • https://supportportal.juniper.net/JSA73140 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 151EXPL: 0CVE-2023-44177 – Junos OS and Junos OS Evolved: Stack overflow vulnerability in CLI command processing
https://notcve.org/view.php?id=CVE-2023-44177
12 Oct 2023 — A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos and Junos EVO allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Repeated actions by the attacker will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks: Junos OS: * All versions prior to 19.1R3-S10; * 19.2 versions prior to 19.2R3-S7; * 19.3 versions prior to 19.3R3-S8; * 19.4 versions prior to 19.4R3-S12; * 20.2 versions prior to 20... • https://supportportal.juniper.net/JSA73140 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 85EXPL: 0CVE-2023-44175 – Junos OS and Junos OS Evolved: Receipt of a specific genuine PIM packet causes RPD crash
https://notcve.org/view.php?id=CVE-2023-44175
12 Oct 2023 — A Reachable Assertion vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows to send specific genuine PIM packets to the device resulting in rpd to crash causing a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. Note: This issue is not noticed when all the devices in the network are Juniper devices. This issue affects Juniper Networks: Junos OS: * All versions prior to 20.... • https://supportportal.juniper.net/JSA73141 • CWE-617: Reachable Assertion •
CVSS: 6.5EPSS: 0%CPEs: 155EXPL: 0CVE-2023-36839 – Junos OS and Junos OS Evolved: An l2cpd crash will occur when specific LLDP packets are received
https://notcve.org/view.php?id=CVE-2023-36839
12 Oct 2023 — An Improper Validation of Specified Quantity in Input vulnerability in the Layer-2 control protocols daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker who sends specific LLDP packets to cause a Denial of Service(DoS). This issue occurs when specific LLDP packets are received and telemetry polling is being done on the device. The impact of the l2cpd crash is reinitialization of STP protocols (RSTP, MSTP or VSTP), and MVRP and ERP. Also, if any servic... • https://supportportal.juniper.net/JSA73171 • CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 6.1EPSS: 0%CPEs: 44EXPL: 0CVE-2023-44190 – Junos OS Evolved: PTX10001, PTX10004, PTX10008, PTX10016: MAC address validation bypass vulnerability
https://notcve.org/view.php?id=CVE-2023-44190
11 Oct 2023 — An Origin Validation vulnerability in MAC address validation of Juniper Networks Junos OS Evolved on PTX10001, PTX10004, PTX10008, and PTX10016 devices allows a network-adjacent attacker to bypass MAC address checking, allowing MAC addresses not intended to reach the adjacent LAN to be forwarded to the downstream network. Due to this issue, the router will start forwarding traffic if a valid route is present in forwarding-table, causing a loop and congestion in the downstream layer-2 domain connected to the... • https://supportportal.juniper.net/JSA73154 • CWE-346: Origin Validation Error •
CVSS: 6.1EPSS: 0%CPEs: 42EXPL: 0CVE-2023-44189 – Junos OS Evolved: PTX10003 Series: MAC address validation bypass vulnerability
https://notcve.org/view.php?id=CVE-2023-44189
11 Oct 2023 — An Origin Validation vulnerability in MAC address validation of Juniper Networks Junos OS Evolved on PTX10003 Series allows a network-adjacent attacker to bypass MAC address checking, allowing MAC addresses not intended to reach the adjacent LAN to be forwarded to the downstream network. Due to this issue, the router will start forwarding traffic if a valid route is present in forwarding-table, causing a loop and congestion in the downstream layer-2 domain connected to the device. This issue affects Juniper... • https://supportportal.juniper.net/JSA73153 • CWE-346: Origin Validation Error •
CVSS: 7.8EPSS: 0%CPEs: 183EXPL: 0CVE-2023-44186 – Junos OS and Junos OS Evolved: RPD crash when attempting to send a very long AS PATH to a non-4-byte-AS capable BGP neighbor
https://notcve.org/view.php?id=CVE-2023-44186
11 Oct 2023 — An Improper Handling of Exceptional Conditions vulnerability in AS PATH processing of Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a BGP update message with an AS PATH containing a large number of 4-byte ASes, leading to a Denial of Service (DoS). Continued receipt and processing of these BGP updates will create a sustained Denial of Service (DoS) condition. This issue is hit when the router has Non-Stop Routing (NSR) enabled, has a non-4-byte-AS capable BGP neighbor, receives a... • https://supportportal.juniper.net/JSA73150 • CWE-755: Improper Handling of Exceptional Conditions •