Juniper Networks Junos OS Evolved vulnerabilities

CVE-2023-44189 [MEDIUM] CWE-346 CVE-2023-44189: An Origin Validation vulnerability in MAC address validation of Juniper Networks Junos OS Evolved o An Origin Validation vulnerability in MAC address validation of Juniper Networks Junos OS Evolved on PTX10003 Series allows a network-adjacent attacker to bypass MAC address checking, allowing MAC addresses not intended to reach the adjacent LAN to be forwarded to the downstream network. Due to this issue, the router will start forwarding traffic if

CVE-2023-36849 [MEDIUM] CWE-703 CVE-2023-36849: An Improper Check or Handling of Exceptional Conditions vulnerability in the Layer-2 control protoco An Improper Check or Handling of Exceptional Conditions vulnerability in the Layer-2 control protocols daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause a Denial of Service (DoS). When a malformed LLDP packet is received, l2cpd will crash and restart. The impact of the l2cpd crash

CVE-2023-36840 [MEDIUM] CWE-617 CVE-2023-36840: A Reachable Assertion vulnerability in Routing Protocol Daemon (RPD) of Juniper Networks Junos OS an A Reachable Assertion vulnerability in Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows a locally-based, low-privileged attacker to cause a Denial of Service (DoS). On all Junos OS and Junos OS Evolved, when a specific L2VPN command is run, RPD will crash and restart. Continued execution of this specific comman

CVE-2023-36836 [MEDIUM] CWE-908 CVE-2023-36836: A Use of an Uninitialized Resource vulnerability in the routing protocol daemon (rpd) of Juniper Net A Use of an Uninitialized Resource vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, authenticated attacker with low privileges to cause a Denial of Service (DoS). On all Junos OS and Junos OS Evolved platforms, in a Multicast only Fast Reroute (MoFRR) scenario, the rpd process can

CVE-2023-36833 [MEDIUM] CWE-416 CVE-2023-36833: A Use After Free vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS Ev A Use After Free vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS Evolved on PTX10001-36MR, and PTX10004, PTX10008, PTX10016 with LC1201/1202 allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS). The process 'aftman-bt' will crash after multiple flaps on a multicast-only fast reroute (MoFRR

CVE-2023-0026 [HIGH] CWE-20 CVE-2023-0026: An Improper Input Validation vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks An Improper Input Validation vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When a BGP update message is received over an established BGP session, and that message contains a specific, optional transitive attribute, t

CVE-2023-28982 [HIGH] CWE-401 CVE-2023-28982: A Missing Release of Memory after Effective Lifetime vulnerability in the routing protocol daemon of A Missing Release of Memory after Effective Lifetime vulnerability in the routing protocol daemon of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network based attacker to cause a Denial of Service (DoS). In a BGP rib sharding scenario, when an attribute of an active BGP route is updated memory will leak. As rpd memory usa

CVE-2023-28960 [HIGH] CWE-732 CVE-2023-28960: An Incorrect Permission Assignment for Critical Resource vulnerability in Juniper Networks Junos OS An Incorrect Permission Assignment for Critical Resource vulnerability in Juniper Networks Junos OS Evolved allows a local, authenticated low-privileged attacker to copy potentially malicious files into an existing Docker container on the local system. A follow-on administrator could then inadvertently start the Docker container leading to the maliciou

CVE-2023-28967 [HIGH] CWE-908 CVE-2023-28967: A Use of Uninitialized Resource vulnerability in the Border Gateway Protocol (BGP) software of Junip A Use of Uninitialized Resource vulnerability in the Border Gateway Protocol (BGP) software of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker to send specific genuine BGP packets to a device configured with BGP to cause a Denial of Service (DoS) by crashing the Routing Protocol Daemon (rpd). This issue

CVE-2023-28973 [HIGH] CWE-285 CVE-2023-28973: An Improper Authorization vulnerability in the 'sysmanctl' shell command of Juniper Networks Junos O An Improper Authorization vulnerability in the 'sysmanctl' shell command of Juniper Networks Junos OS Evolved allows a local, authenticated attacker to execute administrative commands that could impact the integrity of the system or system availability. Administrative functions such as daemon restarting, routing engine (RE) switchover, and node shutdo

CVE-2023-28966 [HIGH] CWE-276 CVE-2023-28966: An Incorrect Default Permissions vulnerability in Juniper Networks Junos OS Evolved allows a low-pri An Incorrect Default Permissions vulnerability in Juniper Networks Junos OS Evolved allows a low-privileged local attacker with shell access to modify existing files or execute commands as root. The issue is caused by improper file and directory permissions on certain system files, allowing an attacker with access to these files and folders to inject

CVE-2023-28964 [HIGH] CWE-130 CVE-2023-28964: An Improper Handling of Length Parameter Inconsistency vulnerability in the routing protocol daemon An Improper Handling of Length Parameter Inconsistency vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a network based, unauthenticated attacker to cause an RPD crash leading to a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service

CVE-2023-28983 [HIGH] CWE-78 CVE-2023-28983: An OS Command Injection vulnerability in gRPC Network Operations Interface (gNOI) server module of J An OS Command Injection vulnerability in gRPC Network Operations Interface (gNOI) server module of Juniper Networks Junos OS Evolved allows an authenticated, low privileged, network based attacker to inject shell commands and execute code. This issue affects Juniper Networks Junos OS Evolved 21.4 version 21.4R1-EVO and later versions prior to 22.1R1-EV

CVE-2023-28978 [MEDIUM] CWE-1188 CVE-2023-28978: An Insecure Default Initialization of Resource vulnerability in Juniper Networks Junos OS Evolved al An Insecure Default Initialization of Resource vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network based attacker to read certain confidential information. In the default configuration it is possible to read confidential information about locally configured (administrative) users of the affected system. This issue

CVE-2023-28981 [MEDIUM] CWE-20 CVE-2023-28981: An Improper Input Validation vulnerability in the kernel of Juniper Networks Junos OS and Junos OS E An Improper Input Validation vulnerability in the kernel of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). If the receipt of router advertisements is enabled on an interface and a specifically malformed RA packet is received, memory corruption will happen which leads to

CVE-2023-28980 [MEDIUM] CWE-416 CVE-2023-28980: A Use After Free vulnerability in the routing protocol daemon of Juniper Networks Junos OS and Junos A Use After Free vulnerability in the routing protocol daemon of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause Denial of Service (DoS). In a rib sharding scenario the rpd process will crash shortly after specific CLI command is issued. This issue is more likely to occur in a scena

CVE-2023-22400 [HIGH] CWE-400 CVE-2023-22400: An Uncontrolled Resource Consumption vulnerability in the PFE management daemon (evo-pfemand) of Jun An Uncontrolled Resource Consumption vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause an FPC crash leading to a Denial of Service (DoS). When a specific SNMP GET operation or a specific CLI command is executed this will cause a GUID resource leak, e

CVE-2023-22393 [HIGH] CWE-358 CVE-2023-22393: An Improper Check for Unusual or Exceptional Conditions vulnerability in BGP route processing of Jun An Improper Check for Unusual or Exceptional Conditions vulnerability in BGP route processing of Juniper Networks Junos OS and Junos OS Evolved allows an attacker to cause Routing Protocol Daemon (RPD) crash by sending a BGP route with invalid next-hop resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create

CVE-2023-22401 [HIGH] CWE-129 CVE-2023-22401: An Improper Validation of Array Index vulnerability in the Advanced Forwarding Toolkit Manager daemo An Improper Validation of Array Index vulnerability in the Advanced Forwarding Toolkit Manager daemon (aftmand) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). On the PTX10008 and PTX10016 platforms running Junos OS or Junos OS Evolved, when a specific SNMP MIB is

CVE-2023-22407 [MEDIUM] CWE-459 CVE-2023-22407: An Incomplete Cleanup vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos O An Incomplete Cleanup vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS). An rpd crash can occur when an MPLS TE tunnel configuration change occurs on a directly connected router. This issue affects: Juniper Networks Juno