VYPR

OS Evolved

by Juniper Networks

CVEs (248)

  • CVE-2024-30406MedApr 12, 2024
    risk 0.36cvss 5.5epss 0.00

    A Cleartext Storage in a File on Disk vulnerability in Juniper Networks Junos OS Evolved ACX Series devices using the Paragon Active Assurance Test Agent software installed on network devices allows a local, authenticated attacker with high privileges to read all other users…

  • CVE-2023-44177MedOct 13, 2023
    risk 0.36cvss 5.5epss 0.00

    A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos and Junos EVO allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Repeated actions by the attacker will create a sustained Denial of Service…

  • CVE-2023-36840MedJul 14, 2023
    risk 0.36cvss 5.5epss 0.00

    A Reachable Assertion vulnerability in Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows a locally-based, low-privileged attacker to cause a Denial of Service (DoS). On all Junos OS and Junos OS Evolved, when a specific L2VPN command is run,…

  • CVE-2023-28980MedApr 17, 2023
    risk 0.36cvss 5.5epss 0.00

    A Use After Free vulnerability in the routing protocol daemon of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause Denial of Service (DoS). In a rib sharding scenario the rpd process will crash shortly after…

  • CVE-2022-22240MedOct 18, 2022
    risk 0.36cvss 5.5epss 0.00

    An Allocation of Resources Without Limits or Throttling and a Missing Release of Memory after Effective Lifetime vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated low privileged attacker to cause a…

  • CVE-2022-22233MedOct 18, 2022
    risk 0.36cvss 5.5epss 0.00

    An Unchecked Return Value to NULL Pointer Dereference vulnerability in Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). In Segment Routing (SR) to Label…

  • CVE-2022-22193MedApr 14, 2022
    risk 0.36cvss 5.5epss 0.00

    An Improper Handling of Unexpected Data Type vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). Continued execution of this command…

  • CVE-2020-1624MedApr 8, 2020
    risk 0.36cvss 5.5epss 0.00

    A local, authenticated user with shell can obtain the hashed values of login passwords and shared secrets via raw objmon configuration files. This issue affects all versions of Junos OS Evolved prior to 19.1R1.

  • CVE-2020-1623MedApr 8, 2020
    risk 0.36cvss 5.5epss 0.00

    A local, authenticated user with shell can view sensitive configuration information via the ev.ops configuration file. This issue affects all versions of Junos OS Evolved prior to 19.2R1.

  • CVE-2020-1622MedApr 8, 2020
    risk 0.36cvss 5.5epss 0.00

    A local, authenticated user with shell can obtain the hashed values of login passwords and shared secrets via the EvoSharedObjStore. This issue affects all versions of Junos OS Evolved prior to 19.1R1.

  • CVE-2020-1621MedApr 8, 2020
    risk 0.36cvss 5.5epss 0.00

    A local, authenticated user with shell can obtain the hashed values of login passwords via configd traces. This issue affects all versions of Junos OS Evolved prior to 19.3R1.

  • CVE-2020-1620MedApr 8, 2020
    risk 0.36cvss 5.5epss 0.00

    A local, authenticated user with shell can obtain the hashed values of login passwords via configd streamer log. This issue affects all versions of Junos OS Evolved prior to 19.3R1.

  • CVE-2025-60010MedOct 9, 2025
    risk 0.35cvss 5.4epss 0.00

    A password aging vulnerability in the RADIUS client of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated, network-based attacker to access the device without enforcing the required password change. Affected devices allow logins by users for whom the RADIUS…

  • CVE-2025-60006MedOct 9, 2025
    risk 0.35cvss 5.3epss 0.01

    Multiple instances of an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in the CLI of Juniper Networks Junos OS Evolved could be used to elevate privileges and/or execute unauthorized commands. When an attacker…

  • CVE-2024-39534MedOct 11, 2024
    risk 0.35cvss 5.4epss 0.01

    An Incorrect Comparison vulnerability in the local address verification API of Juniper Networks Junos OS Evolved allows an unauthenticated network-adjacent attacker to create sessions or send traffic to the device using the network and broadcast address of the subnet assigned…

  • CVE-2023-44195MedOct 13, 2023
    risk 0.35cvss 5.4epss 0.00

    An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the NetworkStack agent daemon (nsagentd) of Juniper Networks Junos OS Evolved allows an unauthenticated network based attacker to cause limited impact to the availability of the system. If…

  • CVE-2022-22177MedJan 19, 2022
    risk 0.35cvss 5.3epss 0.01

    A release of illegal memory vulnerability in the snmpd daemon of Juniper Networks Junos OS, Junos OS Evolved allows an attacker to halt the snmpd daemon causing a sustained Denial of Service (DoS) to the service until it is manually restarted. This issue impacts any version of…

  • CVE-2021-0273MedApr 22, 2021
    risk 0.35cvss 5.3epss 0.01

    An always-incorrect control flow implementation in the implicit filter terms of Juniper Networks Junos OS and Junos OS Evolved on ACX5800, EX9200 Series, MX10000 Series, MX240, MX480, MX960 devices with affected Trio line cards allows an attacker to exploit an interdependency in…

  • CVE-2025-59962MedOct 9, 2025
    risk 0.34cvss 5.3epss 0.00

    An Access of Uninitialized Pointer vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved with BGP sharding configured allows an attacker triggering indirect next-hop updates, along with timing outside the attacker's control, to…

  • CVE-2025-52985MedJul 11, 2025
    risk 0.34cvss 5.3epss 0.00

    A Use of Incorrect Operator vulnerability in the Routing Engine firewall of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to bypass security restrictions. When a firewall filter which is applied to the lo0 or re:mgmt interface references a…