CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2024-47505 – Junos OS Evolved: Specific low privileged CLI commands and SNMP GET requests can trigger a resource leak #1
https://notcve.org/view.php?id=CVE-2024-47505
11 Oct 2024 — An Allocation of Resources Without Limits or Throttling vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved allows an authenticated, network-based attacker to cause an FPC crash leading to a Denial of Service (DoS).When specific SNMP GET operations or specific low-priviledged CLI commands are executed, a GUID resource leak will occur, eventually leading to exhaustion and resulting in FPCs to hang. An Allocation of Resources ... • https://supportportal.juniper.net • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 8.7EPSS: 0%CPEs: 7EXPL: 0CVE-2024-47504 – Junos OS: SRX5000 Series: Receipt of a specific malformed packet will cause a flowd crash
https://notcve.org/view.php?id=CVE-2024-47504
11 Oct 2024 — An Improper Validation of Specified Type of Input vulnerability in the packet forwarding engine (pfe) Juniper Networks Junos OS on SRX5000 Series allows an unauthenticated, network based attacker to cause a Denial of Service (Dos). When a non-clustered SRX5000 device receives a specifically malformed packet this will cause a flowd crash and restart. • https://supportportal.juniper.net/JSA88134 • CWE-1287: Improper Validation of Specified Type of Input •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2024-47503 – Junos OS: SRX4600 and SRX5000 Series: Sequence of specific PIM packets causes a flowd crash
https://notcve.org/view.php?id=CVE-2024-47503
11 Oct 2024 — An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX4600 and SRX5000 Series allows an unauthenticated and logically adjacent attacker to cause a Denial-of-Service (DoS). An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX4600 and SRX5000 Series allows an unauthenticated and logically adjacent attacke... • https://supportportal.juniper.net/JSA88133 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 8.7EPSS: 0%CPEs: 5EXPL: 0CVE-2024-47502 – Junos OS Evolved: TCP session state is not always cleared on the Routing Engine leading to DoS
https://notcve.org/view.php?id=CVE-2024-47502
11 Oct 2024 — An Allocation of Resources Without Limits or Throttling vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network based attacker to cause a Denial of Service (DoS). An Allocation of Resources Without Limits or Throttling vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network based attacker to cause a Denial of Service (DoS). In specific cases the state ... • https://supportportal.juniper.net/JSA88132 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-47501 – Junos OS: MX304, MX with MPC10/11/LC9600, and EX9200 with EX9200-15C: In a VPLS or Junos Fusion scenario specific show commands cause FPCs to crash
https://notcve.org/view.php?id=CVE-2024-47501
11 Oct 2024 — A NULL Pointer Dereference vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on MX304, MX with MPC10/11/LC9600, and EX9200 with EX9200-15C allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). A NULL Pointer Dereference vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on MX304, MX with MPC10/11/LC9600, and EX9200 with EX9200-15C allows a locally authenticated attacker with low... • https://supportportal.juniper.net/JSA88131 • CWE-476: NULL Pointer Dereference •
CVSS: 8.7EPSS: 0%CPEs: 16EXPL: 0CVE-2024-47499 – Junos OS and Junos OS Evolved: In a BMP scenario receipt of a malformed AS PATH attribute can cause an RPD crash
https://notcve.org/view.php?id=CVE-2024-47499
11 Oct 2024 — An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network based attacker to cause a Denial of Service (DoS). In a scenario where BGP Monitoring Protocol (BMP) is configured with rib-in pre-policy monitoring, receiving a BGP update with a specifically malformed AS PATH attribute over an established BGP session, can cause an RPD crash a... • https://supportportal.juniper.net/JSA88129 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2024-47498 – Junos OS Evolved: QFX5000 Series: Configured MAC learning and move limits are not in effect
https://notcve.org/view.php?id=CVE-2024-47498
11 Oct 2024 — An Unimplemented or Unsupported Feature in UI vulnerability in the CLI of Juniper Networks Junos OS Evolved on QFX5000 Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS). Several configuration statements meant to enforce limits on MAC learning and moves can be configured but do not take effect. • https://supportportal.juniper.net/JSA88128 •
CVSS: 8.7EPSS: 0%CPEs: 7EXPL: 0CVE-2024-47497 – Junos OS: SRX Series, QFX Series, MX Series and EX Series: Receiving specific HTTPS traffic causes resource exhaustion
https://notcve.org/view.php?id=CVE-2024-47497
11 Oct 2024 — An Uncontrolled Resource Consumption vulnerability in the http daemon (httpd) of Juniper Networks Junos OS on SRX Series, QFX Series, MX Series and EX Series allows an unauthenticated, network-based attacker to cause Denial-of-Service (DoS). An Uncontrolled Resource Consumption vulnerability in the http daemon (httpd) of Juniper Networks Junos OS on SRX Series, QFX Series, MX Series and EX Series allows an unauthenticated, network-based attacker to cause Denial-of-<... • https://supportportal.juniper.net • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.8EPSS: 0%CPEs: 6EXPL: 0CVE-2024-47496 – Junos OS: MX Series: The PFE will crash on running specific command
https://notcve.org/view.php?id=CVE-2024-47496
11 Oct 2024 — A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS allows a local, low-privileged attacker to cause a Denial-of-Service (DoS). A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS allows a local, low-privileged attacker to cause a Denial-of-Service (DoS). When a specific command is executed, the pfe crashes. ... Repeated executi... • https://supportportal.juniper.net • CWE-476: NULL Pointer Dereference •
CVSS: 8.2EPSS: 0%CPEs: 6EXPL: 0CVE-2024-47494 – Junos OS: Due to a race condition AgentD process causes a memory corruption and FPC reset
https://notcve.org/view.php?id=CVE-2024-47494
11 Oct 2024 — This reaping attempt then leads to memory corruption causing the FPC to crash which is a Denial of Service (DoS). This reaping attempt then leads to memory corruption causing the FPC to crash which is a Denial of Service (DoS). The FPC will recover automatically without user intervention after the crash. The FPC will recover automatically without user intervention after the crash. • https://supportportal.juniper.net/JSA88121 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •