Juniper Junos vulnerabilities

CVE-2023-44203 [MEDIUM] CWE-703 CVE-2023-44203: An Improper Check or Handling of Exceptional Conditions vulnerability in the Packet Forwarding Engi An Improper Check or Handling of Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on QFX5000 Series, EX2300, EX3400, EX4100, EX4400 and EX4600 allows a adjacent attacker to send specific traffic, which leads to packet flooding, resulting in a Denial of Service (DoS). When a specific IGMP packet

CVE-2023-44183 [MEDIUM] CWE-20 CVE-2023-44183: An Improper Input Validation vulnerability in the VxLAN packet forwarding engine (PFE) of Juniper N An Improper Input Validation vulnerability in the VxLAN packet forwarding engine (PFE) of Juniper Networks Junos OS on QFX5000 Series, EX4600 Series devices allows an unauthenticated, adjacent attacker, sending two or more genuine packets in the same VxLAN topology to possibly cause a DMA memory leak to occur under various specific operational condit

CVE-2023-44184 [MEDIUM] CWE-119 CVE-2023-44184: An Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in the man An Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in the management daemon (mgd) process of Juniper Networks Junos OS and Junos OS Evolved allows a network-based authenticated low-privileged attacker, by executing a specific command via NETCONF, to cause a CPU Denial of Service to the device's control plane. T

CVE-2023-44201 [MEDIUM] CWE-732 CVE-2023-44201: An Incorrect Permission Assignment for Critical Resource vulnerability in a specific file of Junipe An Incorrect Permission Assignment for Critical Resource vulnerability in a specific file of Juniper Networks Junos OS and Junos OS Evolved allows a local authenticated attacker to read configuration changes without having the permissions. When a user with the respective permissions commits a configuration change, a specific file is created. That f

CVE-2023-44176 [MEDIUM] CWE-121 CVE-2023-44176: A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos OS allows A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos OS allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Repeated actions by the attacker will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks: Junos OS: * All versions pri

CVE-2023-44178 [MEDIUM] CWE-121 CVE-2023-44178: A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos OS allows A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos OS allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Repeated actions by the attacker will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks: Junos OS * All versions prio

CVE-2023-36843 [HIGH] CWE-168 CVE-2023-36843: An Improper Handling of Inconsistent Special Elements vulnerability in the Junos Services Framework An Improper Handling of Inconsistent Special Elements vulnerability in the Junos Services Framework (jsf) module of Juniper Networks Junos OS allows an unauthenticated network based attacker to cause a crash in the Packet Forwarding Engine (pfe) and thereby resulting in a Denial of Service (DoS). Upon receiving malformed SSL traffic, the PFE crashes.

CVE-2023-36841 [HIGH] CWE-400 CVE-2023-36841: An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engi An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series allows a unauthenticated network-based attacker to cause an infinite loop, resulting in a Denial of Service (DoS). An attacker who sends malformed TCP traffic via an interface configured with PPPoE, cau

CVE-2023-44175 [HIGH] CWE-617 CVE-2023-44175: A Reachable Assertion vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos A Reachable Assertion vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows to send specific genuine PIM packets to the device resulting in rpd to crash causing a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. Not

CVE-2023-22392 [MEDIUM] CWE-401 CVE-2023-22392: A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS). PTX3000, PTX5000, QFX10000, PTX1000, PTX10002, and PTX10004, PTX10008 and PTX10016 with LC110x FPCs do not support certain flow-routes.

CVE-2023-36839 [MEDIUM] CWE-1284 CVE-2023-36839: An Improper Validation of Specified Quantity in Input vulnerability in the Layer-2 control protocol An Improper Validation of Specified Quantity in Input vulnerability in the Layer-2 control protocols daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker who sends specific LLDP packets to cause a Denial of Service(DoS). This issue occurs when specific LLDP packets are received and telemetry

CVE-2023-44186 [HIGH] CWE-755 CVE-2023-44186: An Improper Handling of Exceptional Conditions vulnerability in AS PATH processing of Juniper Netwo An Improper Handling of Exceptional Conditions vulnerability in AS PATH processing of Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a BGP update message with an AS PATH containing a large number of 4-byte ASes, leading to a Denial of Service (DoS). Continued receipt and processing of these BGP updates will create a sustaine

CVE-2023-44188 [MEDIUM] CWE-367 CVE-2023-44188: A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in telemetry processing of Junipe A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in telemetry processing of Juniper Networks Junos OS allows a network-based authenticated attacker to flood the system with multiple telemetry requests, causing the Junos Kernel Debugging Streaming Daemon (jkdsd) process to crash, leading to a Denial of Service (DoS). Continued receip

CVE-2023-36851 [MEDIUM] CWE-306 CVE-2023-36851: A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Ser A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to webauth_operation.php that doesn't require authentication, an attacker is able to upload and download arbitrary

CVE-2023-4481 [HIGH] CWE-20 CVE-2023-4481: An Improper Input Validation vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks An Improper Input Validation vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When certain specific crafted BGP UPDATE messages are received over an established BGP session, one BGP session may be torn down with an UPD

CVE-2023-36845 [CRITICAL] CWE-473 CVE-2023-36845: A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Serie A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series and SRX Series allows an unauthenticated, network-based attacker to remotely execute code. Using a crafted request which sets the variable PHPRC an attacker is able to modify the PHP execution environment allowing the injection und execution of

CVE-2023-36846 [MEDIUM] CWE-306 CVE-2023-36846: A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Ser A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to user.php that doesn't require authentication an attacker is able to upload arbitrary files via J-Web, leading to a

CVE-2023-36847 [MEDIUM] CWE-306 CVE-2023-36847: A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on EX Seri A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on EX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to installAppPackage.php that doesn't require authentication an attacker is able to upload arbitrary files via J-Web,

CVE-2023-36844 [MEDIUM] CWE-473 CVE-2023-36844: A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Serie A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series allows an unauthenticated, network-based attacker to control certain, important environment variables. Using a crafted request an attacker is able to modify certain PHP environment variables leading to partial loss of integrity, which may allow ch

CVE-2023-36835 [HIGH] CWE-754 CVE-2023-36835: An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engin An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on QFX10000 Series allows a network based attacker to cause a Denial of Service (DoS). If a specific valid IP packet is received and that packet needs to be routed over a VXLAN tunnel, this will result in a PFE wedg