Juniper Networks Junos Os vulnerabilities
652 known vulnerabilities affecting juniper_networks/junos_os.
Total CVEs
652
CISA KEV
7
actively exploited
Public exploits
6
Exploited in wild
6
Severity breakdown
CRITICAL34HIGH348MEDIUM270
Vulnerabilities
Page 10 of 33
CVE-2024-21603MEDIUMCVSS 6.5fixed in 20.4R3-S9≥ 21.2, < 21.2R3-S6+5 more2024-01-12
CVE-2024-21603 [MEDIUM] CWE-754 CVE-2024-21603:
An Improper Check for Unusual or Exceptional Conditions vulnerability in the kernel of Juniper Netw
An Improper Check for Unusual or Exceptional Conditions vulnerability in the kernel of Juniper Network Junos OS on MX Series allows a network based attacker with low privileges to cause a denial of service.
If a scaled configuration for Source class usage (SCU) / destination class usage (DCU) (more than 10 route classes) is present and the SCU/DCU
nvd
CVE-2024-21600MEDIUMCVSS 6.5fixed in 20.4R3-S8≥ 21.1, < 21.1R3-S4+5 more2024-01-12
CVE-2024-21600 [MEDIUM] CWE-76 CVE-2024-21600:
An Improper Neutralization of Equivalent Special Elements vulnerability in the Packet Forwarding En
An Improper Neutralization of Equivalent Special Elements vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on PTX Series allows a unauthenticated, adjacent attacker to cause a Denial of Service (DoS).
When MPLS packets are meant to be sent to a flexible tunnel interface (FTI) and if the FTI tunnel is down, these will
nvd
CVE-2023-44197HIGHCVSS 7.5fixed in 20.4R3-S8≥ 21.1R1, < 21.1*+3 more2023-10-13
CVE-2023-44197 [HIGH] CWE-787 CVE-2023-44197:
An Out-of-Bounds Write vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos
An Out-of-Bounds Write vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS).
On all Junos OS and Junos OS Evolved devices an rpd crash and restart can occur while processing BGP route updates received over an establishe
nvd
CVE-2023-44181HIGHCVSS 7.5fixed in 20.2R3-S6≥ 20.3, < 20.3R3-S5+7 more2023-10-13
CVE-2023-44181 [HIGH] CWE-835 CVE-2023-44181:
An Improperly Implemented Security Check for Standard vulnerability in storm control of Juniper Net
An Improperly Implemented Security Check for Standard vulnerability in storm control of Juniper Networks Junos OS QFX5k devices allows packets to be punted to ARP queue causing a l2 loop resulting in a DDOS violations and DDOS syslog.
This issue is triggered when Storm control is enabled and ICMPv6 packets are present on device.
This issue affects J
nvd
CVE-2023-44194HIGHCVSS 7.8fixed in 20.4R3-S5≥ 21.1, < 21.1R3-S4+3 more2023-10-13
CVE-2023-44194 [HIGH] CWE-276 CVE-2023-44194:
An Incorrect Default Permissions vulnerability in Juniper Networks Junos OS allows an unauthenticat
An Incorrect Default Permissions vulnerability in Juniper Networks Junos OS allows an unauthenticated attacker with local access to the device to create a backdoor with root privileges. The issue is caused by improper directory permissions on a certain system directory, allowing an attacker with access to this directory to create a backdoor with root
nvd
CVE-2023-44198HIGHCVSS 7.5≥ 20.4, < 20.4R3-S5≥ 21.1, < 21.1R3-S4+7 more2023-10-13
CVE-2023-44198 [HIGH] CWE-754 CVE-2023-44198:
An Improper Check for Unusual or Exceptional Conditions vulnerability in the SIP ALG of Juniper Net
An Improper Check for Unusual or Exceptional Conditions vulnerability in the SIP ALG of Juniper Networks Junos OS on SRX Series and MX Series allows an unauthenticated network-based attacker to cause an integrity impact in connected networks.
If the SIP ALG is configured and a device receives a specifically malformed SIP packet, the device prevents t
nvd
CVE-2023-44182HIGHCVSS 8.8fixed in 20.4R3-S7≥ 21.1, < 21.1R3-S5+6 more2023-10-13
CVE-2023-44182 [HIGH] CWE-252 CVE-2023-44182:
An Unchecked Return Value vulnerability in the user interfaces to the Juniper Networks Junos OS and
An Unchecked Return Value vulnerability in the user interfaces to the Juniper Networks Junos OS and Junos OS Evolved, the CLI, the XML API, the XML Management Protocol, the NETCONF Management Protocol, the gNMI interfaces, and the J-Web User Interfaces causes unintended effects such as demotion or elevation of privileges associated with an operators a
nvd
CVE-2023-44192HIGHCVSS 7.5fixed in 20.4R3-S6≥ 21.1, < 21.1R3-S5+7 more2023-10-13
CVE-2023-44192 [HIGH] CWE-20 CVE-2023-44192:
An Improper Input Validation vulnerability in the Packet Forwarding Engine of Juniper Networks Juno
An Improper Input Validation vulnerability in the Packet Forwarding Engine of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause memory leak, leading to Denial of Service (DoS).
On all Junos OS QFX5000 Series platforms, when pseudo-VTEP (Virtual Tunnel End Point) is configured under EVPN-VXLAN scenario, and specific D
nvd
CVE-2023-44191HIGHCVSS 7.5≥ 21.1, < 21.1R3-S5≥ 21.2, < 21.2R3-S5+6 more2023-10-13
CVE-2023-44191 [HIGH] CWE-770 CVE-2023-44191:
An Allocation of Resources Without Limits or Throttling vulnerability in Juniper Networks Junos OS
An Allocation of Resources Without Limits or Throttling vulnerability in Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service (DoS).
On all Junos OS QFX5000 Series and EX4000 Series platforms, when a high number of VLANs are configured, a specific DHCP packet will cause PFE hogging which will lead to d
nvd
CVE-2023-44199HIGHCVSS 7.5fixed in 20.4R3-S4≥ 21.1R1, < 21.1*+5 more2023-10-13
CVE-2023-44199 [HIGH] CWE-754 CVE-2023-44199:
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engi
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS).
On Junos MX Series platforms with Precision Time Protocol (PTP) configured, a prolonged routing protocol churn can le
nvd
CVE-2023-44185HIGHCVSS 7.5fixed in 20.4R3-S6≥ 21.1, < 21.1R3-S5+6 more2023-10-13
CVE-2023-44185 [HIGH] CWE-20 CVE-2023-44185:
An Improper Input Validation vulnerability in the routing protocol daemon (rpd) of Juniper Networks
An Improper Input Validation vulnerability in the routing protocol daemon (rpd) of Juniper Networks allows an attacker to cause a Denial of Service (DoS )to the device upon receiving and processing a specific malformed ISO VPN BGP UPDATE packet.
Continued receipt of this packet will cause a sustained Denial of Service condition.
This issue affects:
nvd
CVE-2023-44193MEDIUMCVSS 5.5fixed in 20.4R3-S7≥ 21.1, < 21.1R3-S5+6 more2023-10-13
CVE-2023-44193 [MEDIUM] CWE-401 CVE-2023-44193:
An Improper Release of Memory Before Removing Last Reference vulnerability in Packet Forwarding Eng
An Improper Release of Memory Before Removing Last Reference vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows a local, low privileged attacker to cause an FPC crash, leading to Denial of Service (DoS).
On all Junos MX Series with MPC1 - MPC9, LC480, LC2101, MX10003, and MX80, when Connectivity-Fault-Management (CF
nvd
CVE-2023-44177MEDIUMCVSS 5.5fixed in 19.1R3-S10≥ 19.2, < 19.2R3-S7+11 more2023-10-13
CVE-2023-44177 [MEDIUM] CWE-121 CVE-2023-44177:
A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos and Junos
A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos and Junos EVO allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service.
Repeated actions by the attacker will create a sustained Denial of Service (DoS) condition.
This issue affects Juniper Networks:
Junos OS:
* All v
nvd
CVE-2023-44204MEDIUMCVSS 6.5≥ 21.4, < 21.4R3-S4≥ 22.1, < 22.1R3-S3+4 more2023-10-13
CVE-2023-44204 [MEDIUM] CWE-1286 CVE-2023-44204:
An Improper Validation of Syntactic Correctness of Input vulnerability in Routing Protocol Daemon (
An Improper Validation of Syntactic Correctness of Input vulnerability in Routing Protocol Daemon (rpd) Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network based attacker to cause a Denial of Service (DoS).
When a malformed BGP UPDATE packet is received over an established BGP session, the rpd crashes and restarts.
T
nvd
CVE-2023-44203MEDIUMCVSS 6.5fixed in 20.4R3-S5≥ 21.1, < 21.1R3-S4+6 more2023-10-13
CVE-2023-44203 [MEDIUM] CWE-703 CVE-2023-44203:
An Improper Check or Handling of Exceptional Conditions vulnerability in the Packet Forwarding Engi
An Improper Check or Handling of Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on QFX5000 Series, EX2300, EX3400, EX4100, EX4400 and EX4600 allows a adjacent attacker to send specific traffic, which leads to packet flooding, resulting in a Denial of Service (DoS).
When a specific IGMP packet
nvd
CVE-2023-44183MEDIUMCVSS 5.3≥ 18.4R2, < 18.4*≥ 20.4, < 20.4R3-S8+8 more2023-10-13
CVE-2023-44183 [MEDIUM] CWE-20 CVE-2023-44183:
An Improper Input Validation vulnerability in the VxLAN packet forwarding engine (PFE) of Juniper N
An Improper Input Validation vulnerability in the VxLAN packet forwarding engine (PFE) of Juniper Networks Junos OS on QFX5000 Series, EX4600 Series devices allows an unauthenticated, adjacent attacker, sending two or more genuine packets in the same VxLAN topology to possibly cause a DMA memory leak to occur under various specific operational condit
nvd
CVE-2023-44184MEDIUMCVSS 6.5fixed in 20.4R3-S7≥ 21.1, < 21.1R1+7 more2023-10-13
CVE-2023-44184 [MEDIUM] CWE-119 CVE-2023-44184:
An Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in the man
An Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in the management daemon (mgd) process of Juniper Networks Junos OS and Junos OS Evolved allows a network-based authenticated low-privileged attacker, by executing a specific command via NETCONF, to cause a CPU Denial of Service to the device's control plane.
T
nvd
CVE-2023-44201MEDIUMCVSS 5.5fixed in 20.4R3-S4≥ 21.1, < 21.1R3-S4+3 more2023-10-13
CVE-2023-44201 [MEDIUM] CWE-732 CVE-2023-44201:
An Incorrect Permission Assignment for Critical Resource vulnerability in a specific file of Junipe
An Incorrect Permission Assignment for Critical Resource vulnerability in a specific file of Juniper Networks Junos OS and Junos OS Evolved allows a local authenticated attacker to read configuration changes without having the permissions.
When a user with the respective permissions commits a configuration change, a specific file is created. That f
nvd
CVE-2023-44176MEDIUMCVSS 5.5fixed in 20.4R3-S8≥ 21.2, < 21.2R3-S6+4 more2023-10-13
CVE-2023-44176 [MEDIUM] CWE-121 CVE-2023-44176:
A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos OS allows
A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos OS allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service.
Repeated actions by the attacker will create a sustained Denial of Service (DoS) condition.
This issue affects Juniper Networks:
Junos OS:
* All versions pri
nvd
CVE-2023-44178MEDIUMCVSS 5.5fixed in 19.1R3-S10≥ 19.2, < 19.2R3-S7+12 more2023-10-13
CVE-2023-44178 [MEDIUM] CWE-121 CVE-2023-44178:
A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos OS allows
A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos OS allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service.
Repeated actions by the attacker will create a sustained Denial of Service (DoS) condition.
This issue affects Juniper Networks:
Junos OS
* All versions prio
nvd