CVSS: 8.2EPSS: 0%CPEs: 16EXPL: 0CVE-2025-21598 – Junos OS and Junos OS Evolved: When BGP traceoptions are configured, receipt of malformed BGP packets causes RPD to crash
https://notcve.org/view.php?id=CVE-2025-21598
09 Jan 2025 — An Out-of-bounds Read vulnerability in Juniper Networks Junos OS and Junos OS Evolved's routing protocol daemon (rpd) allows an unauthenticated, network-based attacker to send malformed BGP packets to a device configured with packet receive trace options enabled to crash rpd. This issue affects: Junos OS: * from 21.2R3-S8 before 21.2R3-S9, * from 21.4R3-S7 before 21.4R3-S9, * from 22.2R3-S4 before 22.2R3-S5, * from 22.3R3-S2 before 22.3R3-S4, * from 22.4R3 before 22.4R3-S5, * from 23.2R2 before 23.2R2-S2, *... • https://supportportal.juniper.net/JSA92867 • CWE-125: Out-of-bounds Read •
CVSS: 7.1EPSS: 0%CPEs: 16EXPL: 0CVE-2025-21600 – Junos OS and Junos OS Evolved: With certain BGP options enabled, receipt of specifically malformed BGP update causes RPD crash
https://notcve.org/view.php?id=CVE-2025-21600
09 Jan 2025 — An Out-of-Bounds Read vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, logically adjacent BGP peer sending a specifically malformed BGP packet to cause rpd to crash and restart, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue only affects systems configured in either of two ways: * systems with BGP traceoptions enabled * ... • https://supportportal.juniper.net/JSA92870 • CWE-125: Out-of-bounds Read •
CVSS: 7.1EPSS: 0%CPEs: 16EXPL: 0CVE-2025-21602 – Junos OS and Junos OS Evolved: Receipt of specially crafted BGP update packet causes RPD crash
https://notcve.org/view.php?id=CVE-2025-21602
09 Jan 2025 — An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker sending a specific BGP update packet to cause rpd to crash and restart, resulting in a Denial of Service (DoS). Continuous receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects iBGP and eBGP, and both IPv4 and IPv6 are affected by this vulnerability. This is... • https://supportportal.juniper.net/JSA92872 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.1EPSS: 0%CPEs: 14EXPL: 0CVE-2025-21593 – Junos OS and Junos OS Evolved: On SRv6 enabled devices, an attacker sending a malformed BGP update can cause the rpd to crash
https://notcve.org/view.php?id=CVE-2025-21593
09 Jan 2025 — An Improper Control of a Resource Through its Lifetime vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker to cause a Denial-of-Service (DoS). On devices with SRv6 (Segment Routing over IPv6) enabled, an attacker can send a malformed BGP UPDATE packet which will cause the rpd to crash and restart. Continued receipt of these UPDATE packets will cause a sustained DoS condition. This issue affects iBGP and eBGP, a... • https://supportportal.juniper.net/JSA92861 • CWE-664: Improper Control of a Resource Through its Lifetime •
CVSS: 6.9EPSS: 0%CPEs: 6EXPL: 0CVE-2024-47507 – Junos OS and Junos OS Evolved: BGP update message containing aggregator attribute with an ASN value of zero (0) is accepted
https://notcve.org/view.php?id=CVE-2024-47507
11 Oct 2024 — An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause an integrity impact to the downstream devices. When a peer sends a BGP update message which contains the aggregator attribute with an ASN value of zero (0), rpd accepts and propagates this attribute, which can cause issues for downstream BGP peers receiving this. This issue affects: Junos OS: * ... • https://supportportal.juniper.net/JSA88138 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2024-47505 – Junos OS Evolved: Specific low privileged CLI commands and SNMP GET requests can trigger a resource leak #1
https://notcve.org/view.php?id=CVE-2024-47505
11 Oct 2024 — An Allocation of Resources Without Limits or Throttling vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved allows an authenticated, network-based attacker to cause an FPC crash leading to a Denial of Service (DoS).When specific SNMP GET operations or specific low-priviledged CLI commands are executed, a GUID resource leak will occur, eventually leading to exhaustion and resulting in FPCs to hang. Affected FPCs need to be manually restarted to recover. GUID exhausti... • https://supportportal.juniper.net • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 8.7EPSS: 0%CPEs: 5EXPL: 0CVE-2024-47502 – Junos OS Evolved: TCP session state is not always cleared on the Routing Engine leading to DoS
https://notcve.org/view.php?id=CVE-2024-47502
11 Oct 2024 — An Allocation of Resources Without Limits or Throttling vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network based attacker to cause a Denial of Service (DoS). In specific cases the state of TCP sessions that are terminated is not cleared, which over time leads to an exhaustion of resources, preventing new connections to the control plane from being established. A continuously increasing number of connections shown by: user@host > show system connections is ind... • https://supportportal.juniper.net/JSA88132 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 8.7EPSS: 0%CPEs: 16EXPL: 0CVE-2024-47499 – Junos OS and Junos OS Evolved: In a BMP scenario receipt of a malformed AS PATH attribute can cause an RPD crash
https://notcve.org/view.php?id=CVE-2024-47499
11 Oct 2024 — An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network based attacker to cause a Denial of Service (DoS). In a scenario where BGP Monitoring Protocol (BMP) is configured with rib-in pre-policy monitoring, receiving a BGP update with a specifically malformed AS PATH attribute over an established BGP session, can cause an RPD crash and restart. This issue affects: Junos OS: ... • https://supportportal.juniper.net/JSA88129 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2024-47498 – Junos OS Evolved: QFX5000 Series: Configured MAC learning and move limits are not in effect
https://notcve.org/view.php?id=CVE-2024-47498
11 Oct 2024 — An Unimplemented or Unsupported Feature in UI vulnerability in the CLI of Juniper Networks Junos OS Evolved on QFX5000 Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS). Several configuration statements meant to enforce limits on MAC learning and moves can be configured but do not take effect. This can lead to control plane overload situations which will severely impact the ability of the device to processes legitimate traffic. This issue affects Junos OS Evolved on QFX5... • https://supportportal.juniper.net/JSA88128 •
CVSS: 8.4EPSS: 0%CPEs: 7EXPL: 0CVE-2024-47495 – Junos OS Evolved: In a dual-RE scenario a locally authenticated attacker with shell privileges can take over the device.
https://notcve.org/view.php?id=CVE-2024-47495
11 Oct 2024 — An Authorization Bypass Through User-Controlled Key vulnerability allows a locally authenticated attacker with shell access to gain full control of the device when Dual Routing Engines (REs) are in use on Juniper Networks Junos OS Evolved devices. This issue affects: Juniper Networks Junos OS Evolved with dual-REs: * All versions before 21.2R3-S8-EVO, * from 21.4-EVO before 21.4R3-S8-EVO, * from 22.2-EVO before 22.2R3-S4-EVO, * from 22.3-EVO before 22.3R3-S4-EVO, * from 22.4-EVO before 22.4R3-S3-EVO, * from... • https://kb.juniper.net/JSA88122 • CWE-639: Authorization Bypass Through User-Controlled Key •