Juniper Networks Junos Os vulnerabilities

CVE-2022-22234 [MEDIUM] CWE-1250 Junos OS: EX2300 and EX3400 Series: One of more SFPs might become unavailable when the system is very busy Junos OS: EX2300 and EX3400 Series: One of more SFPs might become unavailable when the system is very busy An Improper Preservation of Consistency Between Independent Representations of Shared State vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows a locally authenticated attacker with low privileges to cause a Denial o

CVE-2022-22240 [MEDIUM] CWE-401 CVE-2022-22240: An Allocation of Resources Without Limits or Throttling and a Missing Release of Memory after Effect An Allocation of Resources Without Limits or Throttling and a Missing Release of Memory after Effective Lifetime vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated low privileged attacker to cause a Denial of Sevice (DoS). In a high-scaled BGP routing environment with r

CVE-2022-22244 [MEDIUM] CWE-91 CVE-2022-22244: An XPath Injection vulnerability in the J-Web component of Juniper Networks Junos OS allows an unaut An XPath Injection vulnerability in the J-Web component of Juniper Networks Junos OS allows an unauthenticated attacker sending a crafted POST to reach the XPath channel, which may allow chaining to other unspecified vulnerabilities, leading to a partial loss of confidentiality. This issue affects Juniper Networks Junos OS: all versions prior to 19.1

CVE-2022-22249 [MEDIUM] CWE-664 CVE-2022-22249: An Improper Control of a Resource Through its Lifetime vulnerability in the Packet Forwarding Engine An Improper Control of a Resource Through its Lifetime vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series allows an unauthenticated adjacent attacker to cause a Denial of Service (DoS). When there is a continuous mac move a memory corruption causes one or more FPCs to crash and reboot. These MAC moves can b

CVE-2022-22220 [MEDIUM] CWE-367 CVE-2022-22220: A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Routing Protocol Daemon (rpd) o A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Routing Protocol Daemon (rpd) of Juniper Networks Junos OS, Junos OS Evolved allows a network-based unauthenticated attacker to cause a Denial of Service (DoS). When a BGP flow route with redirect IP extended community is received, and the reachability to the next-hop of the corres

CVE-2022-22224 [MEDIUM] CWE-703 CVE-2022-22224: An Improper Check or Handling of Exceptional Conditions vulnerability in the processing of a malform An Improper Check or Handling of Exceptional Conditions vulnerability in the processing of a malformed OSPF TLV in Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause the periodic packet management daemon (PPMD) process to go into an infinite loop, which in turn can cause protocols and functions relian

CVE-2022-22208 [MEDIUM] CWE-416 CVE-2022-22208: A Use After Free vulnerability in the Routing Protocol Daemon (rdp) of Juniper Networks Junos OS and A Use After Free vulnerability in the Routing Protocol Daemon (rdp) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker to cause Denial of Service (DoS). When a BGP session flap happens, a Use After Free of a memory location that was assigned to another object can occur, which will lead to an rpd crash.

CVE-2022-22225 [MEDIUM] CWE-367 CVE-2022-22225: A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in the Routing Protocol Daemon (rp A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated attacker with an established BGP session to cause a Denial of Service (DoS). In a BGP multipath scenario, when one of the contributing routes is flapping often and rapidly,

CVE-2022-22219 [MEDIUM] CWE-241 CVE-2022-22219: Due to the Improper Handling of an Unexpected Data Type in the processing of EVPN routes on Juniper Due to the Improper Handling of an Unexpected Data Type in the processing of EVPN routes on Juniper Networks Junos OS and Junos OS Evolved, an attacker in direct control of a BGP client connected to a route reflector, or via a machine in the middle (MITM) attack, can send a specific EVPN route contained within a BGP Update, triggering a routing proto

CVE-2022-22233 [MEDIUM] CWE-690 CVE-2022-22233: An Unchecked Return Value to NULL Pointer Dereference vulnerability in Routing Protocol Daemon (rpd) An Unchecked Return Value to NULL Pointer Dereference vulnerability in Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). In Segment Routing (SR) to Label Distribution Protocol (LDP) interworking scenario, configured with Segm

CVE-2022-22230 [MEDIUM] CWE-20 CVE-2022-22230: An Improper Input Validation vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks An Improper Input Validation vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent unauthenticated attacker to cause DoS (Denial of Service). If another router generates more than one specific valid OSPFv3 LSA then rpd will crash while processing these LSAs. This issue only affects syst

CVE-2022-22242 [MEDIUM] CWE-79 CVE-2022-22242: A Cross-site Scripting (XSS) vulnerability in the J-Web component of Juniper Networks Junos OS allow A Cross-site Scripting (XSS) vulnerability in the J-Web component of Juniper Networks Junos OS allows an unauthenticated attacker to run malicious scripts reflected off of J-Web to the victim's browser in the context of their session within J-Web. This issue affects Juniper Networks Junos OS all versions prior to 19.1R3-S9; 19.2 versions prior to 19.

CVE-2022-22238 [MEDIUM] CWE-754 CVE-2022-22238: An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). When an incoming RESV message corresponding to a protected LSP is malformed it causes an incorrect internal state

CVE-2022-22237 [MEDIUM] CWE-287 CVE-2022-22237: An Improper Authentication vulnerability in the kernel of Juniper Networks Junos OS allows an unauth An Improper Authentication vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause an impact on confidentiality or integrity. A vulnerability in the processing of TCP-AO will allow a BGP or LDP peer not configured with authentication to establish a session even if the peer is locally config

CVE-2022-22206 [HIGH] CWE-120 CVE-2022-22206: A Buffer Overflow vulnerability in the PFE of Juniper Networks Junos OS on SRX series allows an unau A Buffer Overflow vulnerability in the PFE of Juniper Networks Junos OS on SRX series allows an unauthenticated network based attacker to cause a Denial of Service (DoS). The PFE will crash when specific traffic is scanned by Enhanced Web Filtering safe-search feature of UTM (Unified Threat management). Continued receipt of this specific traffic will

CVE-2022-22205 [HIGH] CWE-401 CVE-2022-22205: A Missing Release of Memory after Effective Lifetime vulnerability in the Application Quality of Exp A Missing Release of Memory after Effective Lifetime vulnerability in the Application Quality of Experience (appqoe) subsystem of the PFE of Juniper Networks Junos OS on SRX Series allows an unauthenticated network based attacker to cause a Denial of Service (DoS). Upon receiving specific traffic a memory leak will occur. Sustained processing of such

CVE-2022-22209 [HIGH] CWE-401 CVE-2022-22209: A Missing Release of Memory after Effective Lifetime vulnerability in the kernel of Juniper Networks A Missing Release of Memory after Effective Lifetime vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated network based attacker to cause a Denial of Service (DoS). On all Junos platforms, the Kernel Routing Table (KRT) queue can get stuck due to a memory leak triggered by interface flaps or route churn leading to RIB and

CVE-2022-22207 [HIGH] CWE-416 CVE-2022-22207: A Use After Free vulnerability in the Advanced Forwarding Toolkit (AFT) manager process (aftmand) of A Use After Free vulnerability in the Advanced Forwarding Toolkit (AFT) manager process (aftmand) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a kernel crash due to intensive polling of Abstracted Fabric (AF) interface statistics and thereby a Denial of Service (DoS). Continued gathering of AF interface statistics

CVE-2022-22221 [HIGH] CVE-2022-22221: An Improper Neutralization of Special Elements vulnerability in the download manager of Juniper Netw An Improper Neutralization of Special Elements vulnerability in the download manager of Juniper Networks Junos OS on SRX Series and EX Series allows a locally authenticated attacker with low privileges to take full control over the device. One aspect of this vulnerability is that the attacker needs to be able to execute any of the "request ..." or "show syste

CVE-2022-22214 [MEDIUM] CWE-20 CVE-2022-22214: An Improper Input Validation vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks An Improper Input Validation vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent attacker to cause a PFE crash and thereby a Denial of Service (DoS). An FPC will crash and reboot after receiving a specific transit IPv6 packet over MPLS. Continued receipt of this packet will create a