Juniper Networks Junos Os vulnerabilities

CVE-2024-39528 [MEDIUM] CWE-416 CVE-2024-39528: A Use After Free vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and A Use After Free vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated, network-based attacker to cause a Denial of Service (DoS).On all Junos OS and Junos Evolved platforms, if a routing-instance deactivation is triggered, and at the same time a specific SNMP request is received

CVE-2024-39536 [MEDIUM] CWE-401 CVE-2024-39536: A Missing Release of Memory after Effective Lifetime vulnerability in the Periodic Packet Management A Missing Release of Memory after Effective Lifetime vulnerability in the Periodic Packet Management Daemon (ppmd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause a Denial-of-Service (DoS). When a BFD session configured with authentication flaps, ppmd memory can leak. Whether the leak happens

CVE-2024-39532 [MEDIUM] CWE-532 CVE-2024-39532: An Insertion of Sensitive Information into Log File vulnerability in Juniper Networks Junos OS and J An Insertion of Sensitive Information into Log File vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows a local, authenticated attacker with high privileges to access sensitive information. When another user performs a specific operation, sensitive information is stored as plain text in a specific log file, so that a high-privile

CVE-2024-39533 [MEDIUM] CWE-447 CVE-2024-39533: An Unimplemented or Unsupported Feature in the UI vulnerability in Juniper Networks Junos OS on QFX5 An Unimplemented or Unsupported Feature in the UI vulnerability in Juniper Networks Junos OS on QFX5000 Series and EX4600 Series allows an unauthenticated, network-based attacker to cause a minor integrity impact to downstream networks.If one or more of the following match conditions ip-source-address ip-destination-address arp-type which are not

CVE-2024-39539 [MEDIUM] CWE-401 CVE-2024-39539: A Missing Release of Memory after Effective Lifetime vulnerability in Juniper Networks Junos OS on M A Missing Release of Memory after Effective Lifetime vulnerability in Juniper Networks Junos OS on MX Series allows an unauthenticated adjacent attacker to cause a Denial-of-Service (DoS). In a subscriber management scenario continuous subscriber logins will trigger a memory leak and eventually lead to an FPC crash and restart. This issue affects

CVE-2024-39518 [HIGH] CWE-122 CVE-2024-39518: A Heap-based Buffer Overflow vulnerability in the telemetry sensor process (sensord) of Juniper Netw A Heap-based Buffer Overflow vulnerability in the telemetry sensor process (sensord) of Juniper Networks Junos OS on MX240, MX480, MX960 platforms using MPC10E causes a steady increase in memory utilization, ultimately leading to a Denial of Service (DoS). When the device is subscribed to a specific subscription on Junos Telemetry Interface, a slow m

CVE-2024-39558 [HIGH] CWE-252 CVE-2024-39558: An Unchecked Return Value vulnerability in the Routing Protocol Daemon (rpd) on Juniper Networks Jun An Unchecked Return Value vulnerability in the Routing Protocol Daemon (rpd) on Juniper Networks Junos OS and Juniper Networks Junos OS Evolved allows a logically adjacent, unauthenticated attacker sending a specific PIM packet to cause rpd to crash and restart, resulting in a Denial of Service (DoS), when PIM is configured with Multicast-only Fast Re

CVE-2024-39555 [HIGH] CWE-755 CVE-2024-39555: An Improper Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon (RPD) of An Improper Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an attacker sending a specific malformed BGP update message to cause the session to reset, resulting in a Denial of Service (DoS). Continued receipt and processing of these malformed BGP update mess

CVE-2024-39556 [HIGH] CWE-121 CVE-2024-39556: A Stack-Based Buffer Overflow vulnerability in Juniper Networks Junos OS and Juniper Networks Junos A Stack-Based Buffer Overflow vulnerability in Juniper Networks Junos OS and Juniper Networks Junos OS Evolved may allow a local, low-privileged attacker with access to the CLI the ability to load a malicious certificate file, leading to a limited Denial of Service (DoS) or privileged code execution. By exploiting the 'set security certificates' comma

CVE-2024-39517 [HIGH] CWE-754 CVE-2024-39517: An Improper Check for Unusual or Exceptional Conditions vulnerability in the Layer 2 Address Learnin An Improper Check for Unusual or Exceptional Conditions vulnerability in the Layer 2 Address Learning Daemon (l2ald) on Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause Denial of Service (DoS). In an EVPN/VXLAN scenario, when a high amount specific Layer 2 packets are processed by the device, it can

CVE-2024-39560 [HIGH] CWE-755 CVE-2024-39560: An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a logically adjacent downstream RSVP neighbor to cause kernel memory exhaustion, leading to a kernel crash, resulting in a Denial of Service (DoS). The kernel memory leak and eventual crash will be

CVE-2024-39554 [HIGH] CWE-362 CVE-2024-39554: A Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulner A Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to inject incremental routing updates when BGP multipath is enabled, causing rpd to crash an

CVE-2024-39514 [HIGH] CWE-703 CVE-2024-39514: An Improper Check or Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon An Improper Check or Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). An attacker can send specific traffic to the device, which causes the rpd to crash and restart. Continued receipt of

CVE-2024-39561 [MEDIUM] CWE-754 CVE-2024-39561: An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow daemon (flowd) of An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow daemon (flowd) of Juniper Networks Junos OS on SRX4600 and SRX5000 Series allows an attacker to send TCP packets with SYN/FIN or SYN/RST flags, bypassing the expected blocking of these packets. A TCP packet with SYN/FIN or SYN/RST should be dropped in flowd. Howeve

CVE-2024-39511 [MEDIUM] CWE-20 CVE-2024-39511: An Improper Input Validation vulnerability in the 802.1X Authentication (dot1x) Daemon of Juniper Ne An Improper Input Validation vulnerability in the 802.1X Authentication (dot1x) Daemon of Juniper Networks Junos OS allows a local, low-privileged attacker with access to the CLI to cause a Denial of Service (DoS). On running a specific operational dot1x command, the dot1x daemon crashes. An attacker can cause a sustained DoS condition by running th

CVE-2024-21586 [HIGH] CWE-754 CVE-2024-21586: An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engin An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series and NFX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). If an affected device receives specific valid traffic destined to the device, it will cause the PFE

CVE-2024-30380 [HIGH] CWE-755 CVE-2024-30380: An Improper Handling of Exceptional Conditions vulnerability in Juniper Networks Junos OS and Junos An Improper Handling of Exceptional Conditions vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an adjacent unauthenticated attacker to cause a Denial of Service (DoS), which causes the l2cpd process to crash by sending a specific TLV. The l2cpd process is responsible for layer 2 control protocols, such as STP, RSTP, MSTP, VSTP,

CVE-2024-30378 [MEDIUM] CWE-416 CVE-2024-30378: A Use After Free vulnerability in command processing of Juniper Networks Junos OS on MX Series allow A Use After Free vulnerability in command processing of Juniper Networks Junos OS on MX Series allows a local, authenticated attacker to cause the broadband edge service manager daemon (bbe-smgd) to crash upon execution of specific CLI commands, creating a Denial of Service (DoS) condition. The process crashes and restarts automatically. When speci

CVE-2024-30382 [HIGH] CWE-755 CVE-2024-30382: An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated attacker to send a specific routing update, causing an rpd core due to memory corruption, leading to a Denial of Service (DoS). This issue can only be triggered whe

CVE-2024-21605 [HIGH] CWE-668 CVE-2024-21605: An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine (PFE) of Junip An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX 300 Series allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). Specific valid link-local traffic is not blocked on ports in STP blocked state but is instead sent to the control plane of the devi