Juniper Mx Series vulnerabilities

CVE-2023-44198 [MEDIUM] CWE-754 CVE-2023-44198: An Improper Check for Unusual or Exceptional Conditions vulnerability in the SIP ALG of Juniper Networks Junos OS on SRX Series and MX Series allows CVE-2023-44198: An Improper Check for Unusual or Exceptional Conditions vulnerability in the SIP ALG of Juniper Networks Junos OS on SRX Series and MX Series allows an unauthenticated network-based attacker to cause an integrity impact in connected networks. If the SIP ALG is configured and a device

CVE-2023-36841 [HIGH] CWE-400 CVE-2023-36841: An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series CVE-2023-36841: An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series allows a unauthenticated network-based attacker to cause an infinite loop, resulting in a Denial of Service (DoS). An attacker who sends

CVE-2023-28985 [HIGH] CWE-1286 CVE-2023-28985: An Improper Validation of Syntactic Correctness of Input vulnerability in Intrusion Detection and Prevention (IDP) of Juniper Networks SRX Series and CVE-2023-28985: An Improper Validation of Syntactic Correctness of Input vulnerability in Intrusion Detection and Prevention (IDP) of Juniper Networks SRX Series and MX Series allows an unauthenticated, network-based attacker to cause Denial of Service (DoS). Continued receipt of this specific packet w

CVE-2023-36832 [HIGH] CWE-755 CVE-2023-36832: An Improper Handling of Exceptional Conditions vulnerability in packet processing of Juniper Networks Junos OS on MX Series allows an unauthenticated CVE-2023-36832: An Improper Handling of Exceptional Conditions vulnerability in packet processing of Juniper Networks Junos OS on MX Series allows an unauthenticated network-based attacker to send specific packets to an Aggregated Multiservices (AMS) interface on the device, causing the packet forwardin

CVE-2023-36848 [MEDIUM] CWE-232 CVE-2023-36848: An Improper Handling of Undefined Values vulnerability in the periodic packet management daemon (PPMD) of Juniper Networks Junos OS on MX Series(excep CVE-2023-36848: An Improper Handling of Undefined Values vulnerability in the periodic packet management daemon (PPMD) of Juniper Networks Junos OS on MX Series(except MPC10, MPC11 and LC9600) allows an unauthenticated adjacent attacker to cause a Denial of Service (DoS). When a malformed CFM packet

CVE-2023-36850 [MEDIUM] CWE-1285 CVE-2023-36850: An Improper Validation of Specified Index, Position, or Offset in Input vulnerability in the Connectivity Fault Management(CFM) module of Juniper Netw CVE-2023-36850: An Improper Validation of Specified Index, Position, or Offset in Input vulnerability in the Connectivity Fault Management(CFM) module of Juniper Networks Junos OS on MX Series(except MPC10, MPC11 and LC9600) allows an adjacent attacker on the local broadcast domain to cause a Denial

CVE-2023-28976 [HIGH] CWE-754 CVE-2023-28976: An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on MX Series CVE-2023-28976: An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). If specific traffic is received on MX Series and its

CVE-2023-28974 [HIGH] CWE-754 CVE-2023-28974: An Improper Check for Unusual or Exceptional Conditions vulnerability in the bbe-smgd of Juniper Networks Junos OS allows an unauthenticated, adjacent CVE-2023-28974: An Improper Check for Unusual or Exceptional Conditions vulnerability in the bbe-smgd of Juniper Networks Junos OS allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). In a Broadband Edge / Subscriber Management scenario on MX Series when a specifically malfo

CVE-2023-22413 [HIGH] CWE-703 CVE-2023-22413: An Improper Check or Handling of Exceptional Conditions vulnerability in the IPsec library of Juniper Networks Junos OS allows a network-based, unauth CVE-2023-22413: An Improper Check or Handling of Exceptional Conditions vulnerability in the IPsec library of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause Denial of Service (DoS). On all MX platforms with MS-MPC or MS-MIC card, when specific IPv4 packets are proce

CVE-2023-22416 [HIGH] CWE-120 CVE-2023-22416: A Buffer Overflow vulnerability in SIP ALG of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service CVE-2023-22416: A Buffer Overflow vulnerability in SIP ALG of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). On all MX Series and SRX Series platform with SIP ALG enabled, when a malformed SIP packet is received, the flow processing daemon

CVE-2023-22410 [HIGH] CWE-401 CVE-2023-22410: A Missing Release of Memory after Effective Lifetime vulnerability in the Juniper Networks Junos OS on MX Series platforms with MPC10/MPC11 line cards CVE-2023-22410: A Missing Release of Memory after Effective Lifetime vulnerability in the Juniper Networks Junos OS on MX Series platforms with MPC10/MPC11 line cards, allows an unauthenticated adjacent attacker to cause a Denial of Service (DoS). Devices are only vulnerable when the Suspicious Control

CVE-2023-22415 [HIGH] CWE-787 CVE-2023-22415: An Out-of-Bounds Write vulnerability in the H.323 ALG of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial o CVE-2023-22415: An Out-of-Bounds Write vulnerability in the H.323 ALG of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service (DoS). On all MX Series and SRX Series platform, when H.323 ALG is enabled and specific H.323 packets are received simultaneous

CVE-2023-22408 [HIGH] CWE-129 CVE-2023-22408: An Improper Validation of Array Index vulnerability in the SIP ALG of Juniper Networks Junos OS on SRX 5000 Series allows a network-based, unauthentic CVE-2023-22408: An Improper Validation of Array Index vulnerability in the SIP ALG of Juniper Networks Junos OS on SRX 5000 Series allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). When an attacker sends an SIP packets with a malformed SDP field then the SIP ALG can n

CVE-2023-22394 [HIGH] CWE-911 CVE-2023-22394: An Improper Handling of Unexpected Data Type vulnerability in the handling of SIP calls in Juniper Networks Junos OS on SRX Series and MX Series platf CVE-2023-22394: An Improper Handling of Unexpected Data Type vulnerability in the handling of SIP calls in Juniper Networks Junos OS on SRX Series and MX Series platforms allows an attacker to cause a memory leak leading to Denial of Services (DoS). This issue occurs on all MX Series platforms with MS-

CVE-2023-22412 [HIGH] CWE-667 CVE-2023-22412: An Improper Locking vulnerability in the SIP ALG of Juniper Networks Junos OS on MX Series with MS-MPC or MS-MIC card and SRX Series allows an unauthe CVE-2023-22412: An Improper Locking vulnerability in the SIP ALG of Juniper Networks Junos OS on MX Series with MS-MPC or MS-MIC card and SRX Series allows an unauthenticated, network-based attacker to cause a flow processing daemon (flowd) crash and thereby a Denial of Service (DoS). Continued receipt

CVE-2023-22404 [MEDIUM] CWE-787 CVE-2023-22404: An Out-of-bounds Write vulnerability in the Internet Key Exchange Protocol daemon (iked) of Juniper Networks Junos OS on SRX series and MX with SPC3 a CVE-2023-22404: An Out-of-bounds Write vulnerability in the Internet Key Exchange Protocol daemon (iked) of Juniper Networks Junos OS on SRX series and MX with SPC3 allows an authenticated, network-based attacker to cause a Denial of Service (DoS). iked will crash and restart, and the tunnel will not

CVE-2023-22409 [MEDIUM] CWE-1284 CVE-2023-22409: An Unchecked Input for Loop Condition vulnerability in a NAT library of Juniper Networks Junos OS allows a local authenticated attacker with low privi CVE-2023-22409: An Unchecked Input for Loop Condition vulnerability in a NAT library of Juniper Networks Junos OS allows a local authenticated attacker with low privileges to cause a Denial of Service (DoS). When an inconsistent "deterministic NAT" configuration is present on an SRX, or MX with SPC3

CVE-2022-22236 [HIGH] CWE-824 CVE-2022-22236: An Access of Uninitialized Pointer vulnerability in SIP Application Layer Gateway (ALG) of Juniper Networks Junos OS on SRX Series and MX Series allow CVE-2022-22236: An Access of Uninitialized Pointer vulnerability in SIP Application Layer Gateway (ALG) of Juniper Networks Junos OS on SRX Series and MX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When specific valid SIP packets are received the PFE wil

CVE-2022-22249 [MEDIUM] CWE-664 CVE-2022-22249: An Improper Control of a Resource Through its Lifetime vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series a CVE-2022-22249: An Improper Control of a Resource Through its Lifetime vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series allows an unauthenticated adjacent attacker to cause a Denial of Service (DoS). When there is a continuous mac move a memory corruption

CVE-2022-22207 [HIGH] CWE-416 CVE-2022-22207: A Use After Free vulnerability in the Advanced Forwarding Toolkit (AFT) manager process (aftmand) of Juniper Networks Junos OS allows an unauthenticat CVE-2022-22207: A Use After Free vulnerability in the Advanced Forwarding Toolkit (AFT) manager process (aftmand) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a kernel crash due to intensive polling of Abstracted Fabric (AF) interface statistics and thereby a Denia