Juniper Junos OS Evolved vulnerabilities

CVE-2024-39515 [HIGH] CWE-1288 CVE-2024-39515: An Improper Validation of Consistency within Input vulnerability in the routing protocol daemon (rpd An Improper Validation of Consistency within Input vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker sending a specifically malformed BGP packet to cause rpd to crash and restart, resulting in a Denial of Service (DoS). Continued receipt and processing

CVE-2024-39531 [HIGH] CWE-229 CVE-2024-39531: An Improper Handling of Values vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networ An Improper Handling of Values vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved on ACX 7000 Series allows a network-based, unauthenticated attacker to cause a Denial-of-Service (DoS). If a value is configured for DDoS bandwidth or burst parameters for any protocol in a queue, all protocols which share the same

CVE-2024-39538 [HIGH] CWE-120 CVE-2024-39538: A Buffer Copy without Checking Size of Input vulnerability in the PFE management daemon (evo-pfemand A Buffer Copy without Checking Size of Input vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved on ACX7000 Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS).When multicast traffic with a specific, valid (S,G) is received, evo-pfemand crashes which leads to an outage of th

CVE-2024-39522 [HIGH] CWE-78 CVE-2024-39522: An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved co An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved commands allows a local, authenticated attacker with low privileges to escalate their privileges to 'root' leading to a full compromise of the system. The Junos OS Evolved CLI doesn't properly handle command options in some cases, allowing users which exe

CVE-2024-39521 [HIGH] CWE-78 CVE-2024-39521: An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved co An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved commands allows a local, authenticated attacker with low privileges to escalate their privileges to 'root' leading to a full compromise of the system. The Junos OS Evolved CLI doesn't properly handle command options in some cases, allowing users which exe

CVE-2024-39541 [HIGH] CWE-755 CVE-2024-39541: An Improper Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of An Improper Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS). When conflicting information (IP or ISO addresses) about a node is added to the Traffic Engineering (TE) database and then

CVE-2024-39543 [HIGH] CWE-120 CVE-2024-39543: A Buffer Copy without Checking Size of Input vulnerability in the routing protocol daemon (rpd) of J A Buffer Copy without Checking Size of Input vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Juniper Networks Junos OS Evolved allows an unauthenticated, adjacent attacker to send specific RPKI-RTR packets resulting in a crash, creating a Denial of Service (DoS) condition. Continued receipt and processing of this pa

CVE-2024-39523 [HIGH] CWE-78 CVE-2024-39523: An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved co An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved commands allows a local, authenticated attacker with low privileges to escalate their privileges to 'root' leading to a full compromise of the system. The Junos OS Evolved CLI doesn't properly handle command options in some cases, allowing users which exe

CVE-2024-39552 [HIGH] CWE-755 CVE-2024-39552: An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (RPD) of An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows a network based, unauthenticated attacker to cause the RPD process to crash leading to a Denial of Service (DoS). When a malformed BGP UPDATE packet is received over an established BGP session, RPD

CVE-2024-39520 [HIGH] CWE-78 CVE-2024-39520: An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved co An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved commands allows a local, authenticated attacker with low privileges to escalate their privileges to 'root' leading to a full compromise of the system. The Junos OS Evolved CLI doesn't properly handle command options in some cases, allowing users which exe

CVE-2024-39519 [HIGH] CWE-754 CVE-2024-39519: An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engin An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved on ACX7000 Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS). On all ACX 7000 Series platforms running Junos OS Evolved, and configured with IRBs, if a Customer Edge de

CVE-2024-39535 [HIGH] CWE-754 CVE-2024-39535: An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engin An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved on ACX 7000 Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS). When a device has a Layer 3 or an IRB interface configured in a VPLS instance and specific traffic is recei

CVE-2024-39524 [HIGH] CWE-78 CVE-2024-39524: An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved co An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved commands allows a local, authenticated attacker with low privileges to escalate their privileges to 'root' leading to a full compromise of the system. The Junos OS Evolved CLI doesn't properly handle command options in some cases, allowing users which exe

CVE-2024-39549 [HIGH] CWE-401 CVE-2024-39549: A Missing Release of Memory after Effective Lifetime vulnerability in the routing process daemon (rp A Missing Release of Memory after Effective Lifetime vulnerability in the routing process daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a malformed BGP Path attribute update which allocates memory used to log the bad path attribute. This memory is not properly freed in all circumstances, leading to a Denial

CVE-2024-39546 [HIGH] CWE-862 CVE-2024-39546: A Missing Authorization vulnerability in the Socket Intercept (SI) command file interface of Juniper A Missing Authorization vulnerability in the Socket Intercept (SI) command file interface of Juniper Networks Junos OS Evolved allows an authenticated, low-privilege local attacker to modify certain files, allowing the attacker to cause any command to execute with root privileges leading to privilege escalation ultimately compromising the system. Thi

CVE-2024-39542 [HIGH] CWE-1286 CVE-2024-39542: An Improper Validation of Syntactic Correctness of Input vulnerability in the Packet Forwarding Engi An Improper Validation of Syntactic Correctness of Input vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series with MPC10/11 or LC9600, MX304, and Junos OS Evolved on ACX Series and PTX Series allows an unauthenticated, network based attacker to cause a Denial-of-Service (DoS). This issue can occur in two scen

CVE-2024-39548 [HIGH] CWE-400 CVE-2024-39548: An Uncontrolled Resource Consumption vulnerability in the aftmand process of Juniper Networks Junos An Uncontrolled Resource Consumption vulnerability in the aftmand process of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to consume memory resources, resulting in a Denial of Service (DoS) condition. The processes do not recover on their own and must be manually restarted. This issue affects both IPv4 and IPv6.

CVE-2024-39528 [MEDIUM] CWE-416 CVE-2024-39528: A Use After Free vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and A Use After Free vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated, network-based attacker to cause a Denial of Service (DoS).On all Junos OS and Junos Evolved platforms, if a routing-instance deactivation is triggered, and at the same time a specific SNMP request is received

CVE-2024-39536 [MEDIUM] CWE-401 CVE-2024-39536: A Missing Release of Memory after Effective Lifetime vulnerability in the Periodic Packet Management A Missing Release of Memory after Effective Lifetime vulnerability in the Periodic Packet Management Daemon (ppmd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause a Denial-of-Service (DoS). When a BFD session configured with authentication flaps, ppmd memory can leak. Whether the leak happens

CVE-2024-39532 [MEDIUM] CWE-532 CVE-2024-39532: An Insertion of Sensitive Information into Log File vulnerability in Juniper Networks Junos OS and J An Insertion of Sensitive Information into Log File vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows a local, authenticated attacker with high privileges to access sensitive information. When another user performs a specific operation, sensitive information is stored as plain text in a specific log file, so that a high-privile