Juniper Networks Junos Os vulnerabilities

CVE-2022-22163 [MEDIUM] CWE-20 CVE-2022-22163: An Improper Input Validation vulnerability in the Juniper DHCP daemon (jdhcpd) of Juniper Networks J An Improper Input Validation vulnerability in the Juniper DHCP daemon (jdhcpd) of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to cause a crash of jdhcpd and thereby a Denial of Service (DoS). If a device is configured as DHCPv6 local server and persistent storage is enabled, jdhcpd will crash when receiving a specific DHCPv6

CVE-2022-22179 [MEDIUM] CWE-20 CVE-2022-22179: A Improper Validation of Specified Index, Position, or Offset in Input vulnerability in the Juniper A Improper Validation of Specified Index, Position, or Offset in Input vulnerability in the Juniper DHCP daemon (jdhcpd) of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to cause a crash of jdhcpd and thereby a Denial of Service (DoS). In a scenario where DHCP relay or local server is configured the problem can be triggered if

CVE-2021-31382 [CRITICAL] CWE-362 CVE-2021-31382: On PTX1000 System, PTX10002-60C System, after upgrading to an affected release, a Race Condition vul On PTX1000 System, PTX10002-60C System, after upgrading to an affected release, a Race Condition vulnerability between the chassis daemon (chassisd) and firewall process (dfwd) of Juniper Networks Junos OS, may update the device's interfaces with incorrect firewall filters. This issue only occurs when upgrading the device to an affected version of

CVE-2021-31384 [CRITICAL] CWE-285 CVE-2021-31384: Due to a Missing Authorization weakness and Insufficient Granularity of Access Control in a specific Due to a Missing Authorization weakness and Insufficient Granularity of Access Control in a specific device configuration, a vulnerability exists in Juniper Networks Junos OS on SRX Series whereby an attacker who attempts to access J-Web administrative interfaces can successfully do so from any device interface regardless of the web-management con

CVE-2021-31372 [HIGH] CWE-20 CVE-2021-31372: An Improper Input Validation vulnerability in J-Web of Juniper Networks Junos OS allows a locally au An Improper Input Validation vulnerability in J-Web of Juniper Networks Junos OS allows a locally authenticated J-Web attacker to escalate their privileges to root over the target device. This issue affects: Juniper Networks Junos OS All versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R3-S9; 19.1 versions prior to 19.1R3-S6; 19.2 versions prior

CVE-2021-31353 [HIGH] CWE-755 CVE-2021-31353: An Improper Handling of Exceptional Conditions vulnerability in Juniper Networks Junos OS and Junos An Improper Handling of Exceptional Conditions vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an attacker to inject a specific BGP update, causing the routing protocol daemon (RPD) to crash and restart, leading to a Denial of Service (DoS). Continued receipt and processing of the BGP update will create a sustained Denial of Serv

CVE-2021-31383 [HIGH] CWE-121 CVE-2021-31383: In Point to MultiPoint (P2MP) scenarios within established sessions between network or adjacent neig In Point to MultiPoint (P2MP) scenarios within established sessions between network or adjacent neighbors the improper use of a source to destination copy write operation combined with a Stack-based Buffer Overflow on certain specific packets processed by the routing protocol daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved sent by a rem

CVE-2021-31354 [HIGH] CWE-125 CVE-2021-31354: An Out Of Bounds (OOB) access vulnerability in the handling of responses by a Juniper Agile License An Out Of Bounds (OOB) access vulnerability in the handling of responses by a Juniper Agile License (JAL) Client in Juniper Networks Junos OS and Junos OS Evolved, configured in Network Mode (to use Juniper Agile License Manager) may allow an attacker to cause a partial Denial of Service (DoS), or lead to remote code execution (RCE). The vulnerability

CVE-2021-31351 [HIGH] CWE-754 CVE-2021-31351: An Improper Check for Unusual or Exceptional Conditions in packet processing on the MS-MPC/MS-MIC ut An Improper Check for Unusual or Exceptional Conditions in packet processing on the MS-MPC/MS-MIC utilized by Juniper Networks Junos OS allows a malicious attacker to send a specific packet, triggering the MS-MPC/MS-MIC to reset, causing a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Servic

CVE-2021-31385 [HIGH] CWE-22 CVE-2021-31385: An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in J An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in J-Web of Juniper Networks Junos OS allows any low-privileged authenticated attacker to elevate their privileges to root. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S19; 15.1 versions prior to 15.1R7-S10; 18.3 versions pri

CVE-2021-31360 [HIGH] CWE-20 CVE-2021-31360: An improper privilege management vulnerability in the Juniper Networks Junos OS and Junos OS Evolved An improper privilege management vulnerability in the Juniper Networks Junos OS and Junos OS Evolved command-line interpreter (CLI) allows a low-privileged user to overwrite local files as root, possibly leading to a system integrity issue or Denial of Service (DoS). Depending on the files overwritten, exploitation of this vulnerability could lead to a

CVE-2021-31350 [HIGH] CWE-269 CVE-2021-31350: An Improper Privilege Management vulnerability in the gRPC framework, used by the Juniper Extension An Improper Privilege Management vulnerability in the gRPC framework, used by the Juniper Extension Toolkit (JET) API on Juniper Networks Junos OS and Junos OS Evolved, allows a network-based, low-privileged authenticated attacker to perform operations as root, leading to complete compromise of the targeted system. The issue is caused by the JET servic

CVE-2021-31374 [HIGH] CWE-787 CVE-2021-31374: On Juniper Networks Junos OS and Junos OS Evolved devices processing a specially crafted BGP UPDATE On Juniper Networks Junos OS and Junos OS Evolved devices processing a specially crafted BGP UPDATE or KEEPALIVE message can lead to a routing process daemon (RPD) crash and restart, causing a Denial of Service (DoS). Continued receipt and processing of this message will create a sustained Denial of Service (DoS) condition. This issue affects both IBGP

CVE-2021-31378 [HIGH] CWE-772 CVE-2021-31378: In broadband environments, including but not limited to Enhanced Subscriber Management, (CHAP, PPP, In broadband environments, including but not limited to Enhanced Subscriber Management, (CHAP, PPP, DHCP, etc.), on Juniper Networks Junos OS devices where RADIUS servers are configured for managing subscriber access and a subscriber is logged in and then requests to logout, the subscriber may be forced into a "Terminating" state by an attacker who is

CVE-2021-31368 [HIGH] CWE-400 CVE-2021-31368: An Uncontrolled Resource Consumption vulnerability in the kernel of Juniper Networks JUNOS OS allows An Uncontrolled Resource Consumption vulnerability in the kernel of Juniper Networks JUNOS OS allows an unauthenticated network based attacker to cause 100% CPU load and the device to become unresponsive by sending a flood of traffic to the out-of-band management ethernet port. Continued receipted of a flood will create a sustained Denial of Service (

CVE-2021-0299 [HIGH] CWE-755 CVE-2021-0299: An Improper Handling of Exceptional Conditions vulnerability in the processing of a transit or direc An Improper Handling of Exceptional Conditions vulnerability in the processing of a transit or directly received malformed IPv6 packet in Juniper Networks Junos OS results in a kernel crash, causing the device to restart, leading to a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS)

CVE-2021-31379 [HIGH] CWE-696 CVE-2021-31379: An Incorrect Behavior Order vulnerability in the MAP-E automatic tunneling mechanism of Juniper Netw An Incorrect Behavior Order vulnerability in the MAP-E automatic tunneling mechanism of Juniper Networks Junos OS allows an attacker to send certain malformed IPv4 or IPv6 packets to cause a Denial of Service (DoS) to the PFE on the device which is disabled as a result of the processing of these packets. Continued receipt and processing of these malfo

CVE-2021-31359 [HIGH] CWE-121 CVE-2021-31359: A local privilege escalation vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows A local privilege escalation vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged user to cause the Juniper DHCP daemon (jdhcpd) process to crash, resulting in a Denial of Service (DoS), or execute arbitrary commands as root. Continued processing of malicious input will repeatedly crash the system and sustain t

CVE-2021-31363 [MEDIUM] CWE-835 CVE-2021-31363: In an MPLS P2MP environment a Loop with Unreachable Exit Condition vulnerability in the routing prot In an MPLS P2MP environment a Loop with Unreachable Exit Condition vulnerability in the routing protocol daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause high load on RPD which in turn may lead to routing protocol flaps. If a system with sensor-based-stats enabled receives a specific

CVE-2021-31386 [MEDIUM] CWE-300 CVE-2021-31386: A Protection Mechanism Failure vulnerability in the J-Web HTTP service of Juniper Networks Junos OS A Protection Mechanism Failure vulnerability in the J-Web HTTP service of Juniper Networks Junos OS allows a remote unauthenticated attacker to perform Person-in-the-Middle (PitM) attacks against the device. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S20; 15.1 versions prior to 15.1R7-S11; 18.3 versions prior to 18.3