Juniper Junos OS Evolved vulnerabilities

CVE-2023-28960 [HIGH] CWE-732 CVE-2023-28960: An Incorrect Permission Assignment for Critical Resource vulnerability in Juniper Networks Junos OS An Incorrect Permission Assignment for Critical Resource vulnerability in Juniper Networks Junos OS Evolved allows a local, authenticated low-privileged attacker to copy potentially malicious files into an existing Docker container on the local system. A follow-on administrator could then inadvertently start the Docker container leading to the maliciou

CVE-2023-28967 [HIGH] CWE-908 CVE-2023-28967: A Use of Uninitialized Resource vulnerability in the Border Gateway Protocol (BGP) software of Junip A Use of Uninitialized Resource vulnerability in the Border Gateway Protocol (BGP) software of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker to send specific genuine BGP packets to a device configured with BGP to cause a Denial of Service (DoS) by crashing the Routing Protocol Daemon (rpd). This issue

CVE-2023-28966 [HIGH] CWE-276 CVE-2023-28966: An Incorrect Default Permissions vulnerability in Juniper Networks Junos OS Evolved allows a low-pri An Incorrect Default Permissions vulnerability in Juniper Networks Junos OS Evolved allows a low-privileged local attacker with shell access to modify existing files or execute commands as root. The issue is caused by improper file and directory permissions on certain system files, allowing an attacker with access to these files and folders to inject

CVE-2023-28964 [HIGH] CWE-130 CVE-2023-28964: An Improper Handling of Length Parameter Inconsistency vulnerability in the routing protocol daemon An Improper Handling of Length Parameter Inconsistency vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a network based, unauthenticated attacker to cause an RPD crash leading to a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service

CVE-2023-28983 [HIGH] CWE-78 CVE-2023-28983: An OS Command Injection vulnerability in gRPC Network Operations Interface (gNOI) server module of J An OS Command Injection vulnerability in gRPC Network Operations Interface (gNOI) server module of Juniper Networks Junos OS Evolved allows an authenticated, low privileged, network based attacker to inject shell commands and execute code. This issue affects Juniper Networks Junos OS Evolved 21.4 version 21.4R1-EVO and later versions prior to 22.1R1-EV

CVE-2023-28973 [HIGH] CWE-285 CVE-2023-28973: An Improper Authorization vulnerability in the 'sysmanctl' shell command of Juniper Networks Junos O An Improper Authorization vulnerability in the 'sysmanctl' shell command of Juniper Networks Junos OS Evolved allows a local, authenticated attacker to execute administrative commands that could impact the integrity of the system or system availability. Administrative functions such as daemon restarting, routing engine (RE) switchover, and node shutdo

CVE-2023-28978 [MEDIUM] CWE-1188 CVE-2023-28978: An Insecure Default Initialization of Resource vulnerability in Juniper Networks Junos OS Evolved al An Insecure Default Initialization of Resource vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network based attacker to read certain confidential information. In the default configuration it is possible to read confidential information about locally configured (administrative) users of the affected system. This issue

CVE-2023-28980 [MEDIUM] CWE-416 CVE-2023-28980: A Use After Free vulnerability in the routing protocol daemon of Juniper Networks Junos OS and Junos A Use After Free vulnerability in the routing protocol daemon of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause Denial of Service (DoS). In a rib sharding scenario the rpd process will crash shortly after specific CLI command is issued. This issue is more likely to occur in a scena

CVE-2023-28981 [MEDIUM] CWE-20 CVE-2023-28981: An Improper Input Validation vulnerability in the kernel of Juniper Networks Junos OS and Junos OS E An Improper Input Validation vulnerability in the kernel of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). If the receipt of router advertisements is enabled on an interface and a specifically malformed RA packet is received, memory corruption will happen which leads to

CVE-2023-22401 [HIGH] CWE-129 CVE-2023-22401: An Improper Validation of Array Index vulnerability in the Advanced Forwarding Toolkit Manager daemo An Improper Validation of Array Index vulnerability in the Advanced Forwarding Toolkit Manager daemon (aftmand) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). On the PTX10008 and PTX10016 platforms running Junos OS or Junos OS Evolved, when a specific SNMP MIB is

CVE-2023-22400 [HIGH] CWE-400 CVE-2023-22400: An Uncontrolled Resource Consumption vulnerability in the PFE management daemon (evo-pfemand) of Jun An Uncontrolled Resource Consumption vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause an FPC crash leading to a Denial of Service (DoS). When a specific SNMP GET operation or a specific CLI command is executed this will cause a GUID resource leak, e

CVE-2023-22393 [HIGH] CWE-358 CVE-2023-22393: An Improper Check for Unusual or Exceptional Conditions vulnerability in BGP route processing of Jun An Improper Check for Unusual or Exceptional Conditions vulnerability in BGP route processing of Juniper Networks Junos OS and Junos OS Evolved allows an attacker to cause Routing Protocol Daemon (RPD) crash by sending a BGP route with invalid next-hop resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create

CVE-2023-22407 [MEDIUM] CWE-459 CVE-2023-22407: An Incomplete Cleanup vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos O An Incomplete Cleanup vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS). An rpd crash can occur when an MPLS TE tunnel configuration change occurs on a directly connected router. This issue affects: Juniper Networks Juno

CVE-2023-22398 [MEDIUM] CWE-824 CVE-2023-22398: An Access of Uninitialized Pointer vulnerability in the Routing Protocol Daemon (rpd) of Juniper Net An Access of Uninitialized Pointer vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). When an MPLS ping is performed on BGP LSPs, the RPD might crash. Repeated execution of this operation will lead to a su

CVE-2023-22406 [MEDIUM] CWE-401 CVE-2023-22406: A Missing Release of Memory after Effective Lifetime vulnerability in the kernel of Juniper Networks A Missing Release of Memory after Effective Lifetime vulnerability in the kernel of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS). In a segment-routing scenario with OSPF as IGP, when a peer interface continuously flaps, next-hop churn will happen and a continuous incre

CVE-2023-22397 [MEDIUM] CWE-367 CVE-2023-22397: An Allocation of Resources Without Limits or Throttling weakness in the memory management of the Pac An Allocation of Resources Without Limits or Throttling weakness in the memory management of the Packet Forwarding Engine (PFE) on Juniper Networks Junos OS Evolved PTX10003 Series devices allows an adjacently located attacker who has established certain preconditions and knowledge of the environment to send certain specific genuine packets to begin

CVE-2023-22402 [MEDIUM] CWE-416 CVE-2023-22402: A Use After Free vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthen A Use After Free vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). In a Non Stop Routing (NSR) scenario, an unexpected kernel restart might be observed if "bgp auto-discovery" is enabled and if there is a BGP neighbor flap of auto-discovery sessions

CVE-2022-22184 [HIGH] CWE-20 CVE-2022-22184: An Improper Input Validation vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks An Improper Input Validation vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker to cause a Denial of Service (DoS). If a BGP update message is received over an established BGP session, and that message contains a specific, optional transitive attribute, th

CVE-2022-22211 [HIGH] CWE-770 CVE-2022-22211: A limitless resource allocation vulnerability in FPC resources of Juniper Networks Junos OS Evolved A limitless resource allocation vulnerability in FPC resources of Juniper Networks Junos OS Evolved on PTX Series allows an unprivileged attacker to cause Denial of Service (DoS). Continuously polling the SNMP jnxCosQstatTable causes the FPC to run out of GUID space, causing a Denial of Service to the FPC resources. When the FPC runs out of the GUID sp

CVE-2022-22247 [HIGH] CWE-20 CVE-2022-22247: An Improper Input Validation vulnerability in ingress TCP segment processing of Juniper Networks Jun An Improper Input Validation vulnerability in ingress TCP segment processing of Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker to send a crafted TCP segment to the device, triggering a kernel panic, leading to a Denial of Service (DoS) condition. Continued receipt and processing of this TCP segment could create a sust