CVSS: 5.9EPSS: 0%CPEs: 131EXPL: 0CVE-2022-22208 – Junos OS and Junos OS Evolved: An rpd crash can occur due to memory corruption caused by flapping BGP sessions
https://notcve.org/view.php?id=CVE-2022-22208
18 Oct 2022 — A Use After Free vulnerability in the Routing Protocol Daemon (rdp) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker to cause Denial of Service (DoS). When a BGP session flap happens, a Use After Free of a memory location that was assigned to another object can occur, which will lead to an rpd crash. This is a race condition that is outside of the attacker's control and cannot be deterministically exploited. Continued flapping of BGP sessions can create a su... • https://kb.juniper.net/JSA69879 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 79EXPL: 0CVE-2022-22201 – SRX5000 Series with SPC3, SRX4000 Series, and vSRX: When PowerMode IPsec is configured, the PFE will crash upon receipt of a malformed ESP packet
https://notcve.org/view.php?id=CVE-2022-22201
18 Oct 2022 — An Improper Validation of Specified Index, Position, or Offset in Input vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated network-based attacker to cause a Denial of Service (DoS). On SRX5000 Series with SPC3, SRX4000 Series, and vSRX, when PowerMode IPsec is configured and a malformed ESP packet matching an established IPsec tunnel is received the PFE crashes. This issue affects Juniper Networks Junos OS on SRX5000 Series with SPC3, SRX4000 Series, a... • https://kb.juniper.net/JSA69900 • CWE-20: Improper Input Validation CWE-1285: Improper Validation of Specified Index, Position, or Offset in Input •
CVSS: 7.8EPSS: 0%CPEs: 200EXPL: 0CVE-2022-22221 – Junos OS: SRX and EX Series: Local privilege escalation flaw in "download" functionality
https://notcve.org/view.php?id=CVE-2022-22221
20 Jul 2022 — An Improper Neutralization of Special Elements vulnerability in the download manager of Juniper Networks Junos OS on SRX Series and EX Series allows a locally authenticated attacker with low privileges to take full control over the device. One aspect of this vulnerability is that the attacker needs to be able to execute any of the "request ..." or "show system download ..." commands. This issue affects Juniper Networks Junos OS on SRX Series and EX Series: All versions prior to 19.2R1-S9, 19.2R3-S5; 19.3 ve... • https://kb.juniper.net/JSA69725 •
CVSS: 6.5EPSS: 0%CPEs: 135EXPL: 0CVE-2022-22217 – Junos OS: QFX10K Series: Denial of Service (DoS) upon receipt of crafted MLD packets on multi-homing ESI in VXLAN
https://notcve.org/view.php?id=CVE-2022-22217
20 Jul 2022 — An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to cause a Denial of Service (DoS). The issue is caused by malformed MLD packets looping on a multi-homed Ethernet Segment Identifier (ESI) when VXLAN is configured. These MLD packets received on a multi-homed ESI are sent to the peer, and then incorrectly forwarded out the same ESI, violating the split horizon rule. This issue o... • https://kb.juniper.net/JSA69721 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 4.3EPSS: 0%CPEs: 319EXPL: 0CVE-2022-22216 – Junos OS: PTX Series and QFX10000 Series: 'Etherleak' memory disclosure in Ethernet padding data
https://notcve.org/view.php?id=CVE-2022-22216
20 Jul 2022 — An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the PFE of Juniper Networks Junos OS on PTX Series and QFX10k Series allows an adjacent unauthenticated attacker to gain access to sensitive information. PTX1000 and PTX10000 Series, and QFX10000 Series and PTX5000 Series devices sometimes do not reliably pad Ethernet packets, and thus some packets can contain fragments of system memory or data from previous packets. This issue is also known as 'Etherleak' and often detected as C... • https://kb.juniper.net/JSA69720 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 142EXPL: 1CVE-2022-22215 – Junos OS and Junos OS Evolved: /var/run/<pid>.env files are potentially not deleted during termination of a gRPC connection causing inode exhaustion
https://notcve.org/view.php?id=CVE-2022-22215
20 Jul 2022 — A Missing Release of File Descriptor or Handle after Effective Lifetime vulnerability in plugable authentication module (PAM) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). It is possible that after the termination of a gRPC connection the respective/var/run/
CVSS: 6.5EPSS: 0%CPEs: 260EXPL: 0CVE-2022-22214 – Junos OS and Junos OS Evolved: In an MPLS scenario upon receipt of a specific IPv6 packet an FPC will crash
https://notcve.org/view.php?id=CVE-2022-22214
20 Jul 2022 — An Improper Input Validation vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent attacker to cause a PFE crash and thereby a Denial of Service (DoS). An FPC will crash and reboot after receiving a specific transit IPv6 packet over MPLS. Continued receipt of this packet will create a sustained Denial of Service (DoS) condition. This issue does not affect systems configured for IPv4 only. This issue affects: Juniper Networks Junos OS All ver... • https://kb.juniper.net/JSA69718 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 156EXPL: 1CVE-2022-22202 – Junos OS: PTX Series: FPCs may restart unexpectedly upon receipt of specific MPLS packets with certain multi-unit interface configurations
https://notcve.org/view.php?id=CVE-2022-22202
20 Jul 2022 — An Improper Handling of Exceptional Conditions vulnerability on specific PTX Series devices, including the PTX1000, PTX3000 (NextGen), PTX5000, PTX10002-60C, PTX10008, and PTX10016 Series, in Juniper Networks Junos OS allows an unauthenticated MPLS-based attacker to cause a Denial of Service (DoS) by triggering the dcpfe process to crash and FPC to restart. On affected PTX Series devices, processing specific MPLS packets received on an interface with multiple units configured may cause FPC to restart unexpe... • https://kb.juniper.net/JSA69706 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.5EPSS: 0%CPEs: 156EXPL: 0CVE-2022-22197 – Junos OS and Junos OS Evolved: An rpd core will be observed with proxy BGP route-target filtering enabled and certain route add and delete event happening
https://notcve.org/view.php?id=CVE-2022-22197
14 Apr 2022 — An Operation on a Resource after Expiration or Release vulnerability in the Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker with an established BGP session to cause a Denial of Service (DoS). This issue occurs when proxy-generate route-target filtering is enabled, and certain proxy-route add and delete events are happening. This issue affects: Juniper Networks Junos OS All versions prior to 17.3R3-S11; 17.4 versions prior to 17... • https://kb.juniper.net/JSA69511 • CWE-672: Operation on a Resource after Expiration or Release •
CVSS: 6.5EPSS: 0%CPEs: 209EXPL: 0CVE-2022-22191 – Junos OS: EX4300: PFE Denial of Service (DoS) upon receipt of a flood of specific ARP traffic
https://notcve.org/view.php?id=CVE-2022-22191
14 Apr 2022 — A Denial of Service (DoS) vulnerability in the processing of a flood of specific ARP traffic in Juniper Networks Junos OS on the EX4300 switch, sent from the local broadcast domain, may allow an unauthenticated network-adjacent attacker to trigger a PFEMAN watchdog timeout, causing the Packet Forwarding Engine (PFE) to crash and restart. After the restart, transit traffic will be temporarily interrupted until the PFE is reprogrammed. In a virtual chassis (VC), the impacted Flexible PIC Concentrator (FPC) ma... • https://kb.juniper.net/JSA69502 • CWE-400: Uncontrolled Resource Consumption CWE-410: Insufficient Resource Pool •