Juniper Junos OS Evolved vulnerabilities

CVE-2022-22197 [HIGH] CWE-672 CVE-2022-22197: An Operation on a Resource after Expiration or Release vulnerability in the Routing Protocol Daemon An Operation on a Resource after Expiration or Release vulnerability in the Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker with an established BGP session to cause a Denial of Service (DoS). This issue occurs when proxy-generate route-target filtering is enabled, and cert

CVE-2022-22183 [HIGH] CWE-16 CVE-2022-22183: An Improper Access Control vulnerability in Juniper Networks Junos OS Evolved allows a network-based An Improper Access Control vulnerability in Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker who is able to connect to a specific open IPv4 port, which in affected releases should otherwise be unreachable, to cause the CPU to consume all resources as more traffic is sent to the port to create a Denial of Service (DoS) c

CVE-2022-22193 [MEDIUM] CWE-241 CVE-2022-22193: An Improper Handling of Unexpected Data Type vulnerability in the Routing Protocol Daemon (rpd) of J An Improper Handling of Unexpected Data Type vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). Continued execution of this command might cause a sustained Denial of Service condition. If BGP rib sharding

CVE-2022-22196 [MEDIUM] CWE-754 CVE-2022-22196: An Improper Check for Unusual or Exceptional Conditions vulnerability in the Routing Protocol Daemon An Improper Check for Unusual or Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker with an established ISIS adjacency to cause a Denial of Service (DoS). The rpd CPU spikes to 100% after a malformed ISIS TLV has been received which

CVE-2022-22177 [HIGH] CWE-755 CVE-2022-22177: A release of illegal memory vulnerability in the snmpd daemon of Juniper Networks Junos OS, Junos OS A release of illegal memory vulnerability in the snmpd daemon of Juniper Networks Junos OS, Junos OS Evolved allows an attacker to halt the snmpd daemon causing a sustained Denial of Service (DoS) to the service until it is manually restarted. This issue impacts any version of SNMP – v1,v2, v3 This issue affects: Juniper Networks Junos OS 12.3 version

CVE-2022-22169 [MEDIUM] CWE-665 CVE-2022-22169: An Improper Initialization vulnerability in the routing protocol daemon (rpd) of Juniper Networks Ju An Improper Initialization vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an attacker who sends specific packets in certain orders and at specific timings to force OSPFv3 to unexpectedly enter graceful-restart (GR helper mode) even though there is not any Grace-LSA received in OSPFv3 causi

CVE-2022-22172 [MEDIUM] CWE-401 CVE-2022-22172: A Missing Release of Memory after Effective Lifetime vulnerability in the Layer-2 control protocols A Missing Release of Memory after Effective Lifetime vulnerability in the Layer-2 control protocols daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause a memory leak. Continued exploitation can lead to memory exhaustion and thereby a Denial of Service (DoS). This issue occurs when spec

CVE-2022-22164 [MEDIUM] CWE-665 CVE-2022-22164: An Improper Initialization vulnerability in Juniper Networks Junos OS Evolved may cause a commit ope An Improper Initialization vulnerability in Juniper Networks Junos OS Evolved may cause a commit operation for disabling the telnet service to not take effect as expected, resulting in the telnet service staying enabled. When it is not intended to be operating on the device, an administrator can issue the following command to verify whether telnet i

CVE-2021-31353 [HIGH] CWE-755 CVE-2021-31353: An Improper Handling of Exceptional Conditions vulnerability in Juniper Networks Junos OS and Junos An Improper Handling of Exceptional Conditions vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an attacker to inject a specific BGP update, causing the routing protocol daemon (RPD) to crash and restart, leading to a Denial of Service (DoS). Continued receipt and processing of the BGP update will create a sustained Denial of Serv

CVE-2021-31383 [HIGH] CWE-121 CVE-2021-31383: In Point to MultiPoint (P2MP) scenarios within established sessions between network or adjacent neig In Point to MultiPoint (P2MP) scenarios within established sessions between network or adjacent neighbors the improper use of a source to destination copy write operation combined with a Stack-based Buffer Overflow on certain specific packets processed by the routing protocol daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved sent by a rem

CVE-2021-31354 [HIGH] CWE-125 CVE-2021-31354: An Out Of Bounds (OOB) access vulnerability in the handling of responses by a Juniper Agile License An Out Of Bounds (OOB) access vulnerability in the handling of responses by a Juniper Agile License (JAL) Client in Juniper Networks Junos OS and Junos OS Evolved, configured in Network Mode (to use Juniper Agile License Manager) may allow an attacker to cause a partial Denial of Service (DoS), or lead to remote code execution (RCE). The vulnerability

CVE-2021-31358 [HIGH] CWE-77 CVE-2021-31358: A command injection vulnerability in sftp command processing on Juniper Networks Junos OS Evolved al A command injection vulnerability in sftp command processing on Juniper Networks Junos OS Evolved allows an attacker with authenticated CLI access to be able to bypass configured access protections to execute arbitrary shell commands within the context of the current user. The vulnerability allows an attacker to bypass command authorization restriction

CVE-2021-31357 [HIGH] CWE-77 CVE-2021-31357: A command injection vulnerability in tcpdump command processing on Juniper Networks Junos OS Evolved A command injection vulnerability in tcpdump command processing on Juniper Networks Junos OS Evolved allows an attacker with authenticated CLI access to be able to bypass configured access protections to execute arbitrary shell commands within the context of the current user. The vulnerability allows an attacker to bypass command authorization restrict

CVE-2021-31360 [HIGH] CWE-20 CVE-2021-31360: An improper privilege management vulnerability in the Juniper Networks Junos OS and Junos OS Evolved An improper privilege management vulnerability in the Juniper Networks Junos OS and Junos OS Evolved command-line interpreter (CLI) allows a low-privileged user to overwrite local files as root, possibly leading to a system integrity issue or Denial of Service (DoS). Depending on the files overwritten, exploitation of this vulnerability could lead to a

CVE-2021-31350 [HIGH] CWE-269 CVE-2021-31350: An Improper Privilege Management vulnerability in the gRPC framework, used by the Juniper Extension An Improper Privilege Management vulnerability in the gRPC framework, used by the Juniper Extension Toolkit (JET) API on Juniper Networks Junos OS and Junos OS Evolved, allows a network-based, low-privileged authenticated attacker to perform operations as root, leading to complete compromise of the targeted system. The issue is caused by the JET servic

CVE-2021-31374 [HIGH] CWE-787 CVE-2021-31374: On Juniper Networks Junos OS and Junos OS Evolved devices processing a specially crafted BGP UPDATE On Juniper Networks Junos OS and Junos OS Evolved devices processing a specially crafted BGP UPDATE or KEEPALIVE message can lead to a routing process daemon (RPD) crash and restart, causing a Denial of Service (DoS). Continued receipt and processing of this message will create a sustained Denial of Service (DoS) condition. This issue affects both IBGP

CVE-2021-31356 [HIGH] CWE-77 CVE-2021-31356: A command injection vulnerability in command processing on Juniper Networks Junos OS Evolved allows A command injection vulnerability in command processing on Juniper Networks Junos OS Evolved allows an attacker with authenticated CLI access to be able to bypass configured access protections to execute arbitrary shell commands within the context of the current user. The vulnerability allows an attacker to bypass command authorization restrictions assi

CVE-2021-31359 [HIGH] CWE-121 CVE-2021-31359: A local privilege escalation vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows A local privilege escalation vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged user to cause the Juniper DHCP daemon (jdhcpd) process to crash, resulting in a Denial of Service (DoS), or execute arbitrary commands as root. Continued processing of malicious input will repeatedly crash the system and sustain t

CVE-2021-31363 [MEDIUM] CWE-835 CVE-2021-31363: In an MPLS P2MP environment a Loop with Unreachable Exit Condition vulnerability in the routing prot In an MPLS P2MP environment a Loop with Unreachable Exit Condition vulnerability in the routing protocol daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause high load on RPD which in turn may lead to routing protocol flaps. If a system with sensor-based-stats enabled receives a specific

CVE-2021-0297 [MEDIUM] CWE-755 CVE-2021-0297: A vulnerability in the processing of TCP MD5 authentication in Juniper Networks Junos OS Evolved may A vulnerability in the processing of TCP MD5 authentication in Juniper Networks Junos OS Evolved may allow a BGP or LDP session configured with MD5 authentication to succeed, even if the peer does not have TCP MD5 authentication enabled. This could lead to untrusted or unauthorized sessions being established, resulting in an impact on confidentiality