Juniper Networks Junos Os vulnerabilities

CVE-2024-39547 [HIGH] CWE-755 CVE-2024-39547: An Improper Handling of Exceptional Conditions vulnerability in the rpd-server of Juniper Networks J An Improper Handling of Exceptional Conditions vulnerability in the rpd-server of Juniper Networks Junos OS and Junos OS Evolved within cRPD allows an unauthenticated network-based attacker sending crafted TCP traffic to the routing engine (RE) to cause a CPU-based Denial of Service (DoS). If specially crafted TCP traffic is received by the control p

CVE-2024-47504 [HIGH] CWE-1287 CVE-2024-47504: An Improper Validation of Specified Type of Input vulnerability in the packet forwarding engine (pfe An Improper Validation of Specified Type of Input vulnerability in the packet forwarding engine (pfe) Juniper Networks Junos OS on SRX5000 Series allows an unauthenticated, network based attacker to cause a Denial of Service (Dos). When a non-clustered SRX5000 device receives a specifically malformed packet this will cause a flowd crash and restart.

CVE-2024-47501 [MEDIUM] CWE-476 CVE-2024-47501: A NULL Pointer Dereference vulnerability in the packet forwarding engine (pfe) of Juniper Networks A NULL Pointer Dereference vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on MX304, MX with MPC10/11/LC9600, and EX9200 with EX9200-15C allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). In a VPLS or Junos Fusion scenario, the execution of specific show commands will ca

CVE-2024-47507 [MEDIUM] CWE-754 CVE-2024-47507: An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause an integrity impact to the downstream devices. When a peer sends a BGP update message which contains the aggregator attribute with an

CVE-2024-39527 [MEDIUM] CWE-200 CVE-2024-39527: An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the command-line inte An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the command-line interface (CLI) of Juniper Networks Junos OS on SRX Series devices allows a local, low-privileged user with access to the Junos CLI to view the contents of protected files on the file system. Through the execution of crafted CLI commands, a user with lim

CVE-2024-47496 [MEDIUM] CWE-476 CVE-2024-47496: A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks J A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS allows a local, low-privileged attacker to cause a Denial-of-Service (DoS). When a specific command is executed, the pfe crashes. This will cause traffic forwarding to be interrupted until the system self-recovers. Repeated execution will cre

CVE-2024-39525 [HIGH] CWE-755 CVE-2024-39525: An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker sending a specific BGP packet to cause rpd to crash and restart, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet wil

CVE-2024-39516 [HIGH] CWE-125 CVE-2024-39516: An Out-of-Bounds Read vulnerability in the routing protocol daemon (rpd) of Juniper Networks Jun An Out-of-Bounds Read vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker sending a specifically malformed BGP packet to cause rpd to crash and restart, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create

CVE-2024-39515 [HIGH] CWE-1288 CVE-2024-39515: An Improper Validation of Consistency within Input vulnerability in the routing protocol daemon (rpd An Improper Validation of Consistency within Input vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker sending a specifically malformed BGP packet to cause rpd to crash and restart, resulting in a Denial of Service (DoS). Continued receipt and processing

CVE-2024-39551 [HIGH] CWE-400 CVE-2024-39551: An Uncontrolled Resource Consumption vulnerability in the H.323 ALG (Application Layer Gateway) of An Uncontrolled Resource Consumption vulnerability in the H.323 ALG (Application Layer Gateway) of Juniper Networks Junos OS on SRX Series and MX Series with SPC3 and MS-MPC/MIC, allows an unauthenticated network-based attacker to send specific packets causing traffic loss leading to Denial of Service (DoS). Continued receipt and processing of these sp

CVE-2024-39541 [HIGH] CWE-755 CVE-2024-39541: An Improper Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of An Improper Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS). When conflicting information (IP or ISO addresses) about a node is added to the Traffic Engineering (TE) database and then

CVE-2024-39529 [HIGH] CWE-134 CVE-2024-39529: A Use of Externally-Controlled Format String vulnerability in the Packet Forwarding Engine (PFE) of A Use of Externally-Controlled Format String vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). If DNS Domain Generation Algorithm (DGA) detection or tunnel detection, and DNS-filtering traceoptions are configured, and spe

CVE-2024-39540 [HIGH] CWE-754 CVE-2024-39540: An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engin An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on SRX Series, and MX Series with SPC3 allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). When an affected device receives specific valid TCP traffic, the pfe crashes and restarts

CVE-2024-39530 [HIGH] CWE-754 CVE-2024-39530: An Improper Check for Unusual or Exceptional Conditions vulnerability in the chassis management daem An Improper Check for Unusual or Exceptional Conditions vulnerability in the chassis management daemon (chassisd) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). If an attempt is made to access specific sensors on platforms not supporting these sensors, either via GRPC or netconf, ch

CVE-2024-39543 [HIGH] CWE-120 CVE-2024-39543: A Buffer Copy without Checking Size of Input vulnerability in the routing protocol daemon (rpd) of J A Buffer Copy without Checking Size of Input vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Juniper Networks Junos OS Evolved allows an unauthenticated, adjacent attacker to send specific RPKI-RTR packets resulting in a crash, creating a Denial of Service (DoS) condition. Continued receipt and processing of this pa

CVE-2024-39545 [HIGH] CWE-754 CVE-2024-39545: An Improper Check for Unusual or Exceptional Conditions vulnerability in the the IKE daemon (iked) o An Improper Check for Unusual or Exceptional Conditions vulnerability in the the IKE daemon (iked) of Juniper Networks Junos OS on SRX Series, MX Series with SPC3 and NFX350 allows allows an unauthenticated, network-based attacker sending specific mismatching parameters as part of the IPsec negotiation to trigger an iked crash leading to Denial of Ser

CVE-2024-39552 [HIGH] CWE-755 CVE-2024-39552: An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (RPD) of An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows a network based, unauthenticated attacker to cause the RPD process to crash leading to a Denial of Service (DoS). When a malformed BGP UPDATE packet is received over an established BGP session, RPD

CVE-2024-39549 [HIGH] CWE-401 CVE-2024-39549: A Missing Release of Memory after Effective Lifetime vulnerability in the routing process daemon (rp A Missing Release of Memory after Effective Lifetime vulnerability in the routing process daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a malformed BGP Path attribute update which allocates memory used to log the bad path attribute. This memory is not properly freed in all circumstances, leading to a Denial

CVE-2024-39550 [HIGH] CWE-401 CVE-2024-39550: A Missing Release of Memory after Effective Lifetime vulnerability in the rtlogd process of Juniper A Missing Release of Memory after Effective Lifetime vulnerability in the rtlogd process of Juniper Networks Junos OS on MX Series with SPC3 allows an unauthenticated, adjacent attacker to trigger internal events cause ( which can be done by repeated port flaps) to cause a slow memory leak, ultimately leading to a Denial of Service (DoS). Memory can o

CVE-2024-39542 [HIGH] CWE-1286 CVE-2024-39542: An Improper Validation of Syntactic Correctness of Input vulnerability in the Packet Forwarding Engi An Improper Validation of Syntactic Correctness of Input vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series with MPC10/11 or LC9600, MX304, and Junos OS Evolved on ACX Series and PTX Series allows an unauthenticated, network based attacker to cause a Denial-of-Service (DoS). This issue can occur in two scen