VYPR

OS Evolved

by Juniper Networks

CVEs (248)

  • CVE-2023-22400HigJan 13, 2023
    risk 0.49cvss 7.5epss 0.01

    An Uncontrolled Resource Consumption vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause an FPC crash leading to a Denial of Service (DoS). When a specific SNMP GET operation or…

  • CVE-2023-22393HigJan 13, 2023
    risk 0.49cvss 7.5epss 0.01

    An Improper Check for Unusual or Exceptional Conditions vulnerability in BGP route processing of Juniper Networks Junos OS and Junos OS Evolved allows an attacker to cause Routing Protocol Daemon (RPD) crash by sending a BGP route with invalid next-hop resulting in a Denial of…

  • CVE-2022-22184HigDec 22, 2022
    risk 0.49cvss 7.5epss 0.01

    An Improper Input Validation vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker to cause a Denial of Service (DoS). If a BGP update message is received over an established BGP…

  • CVE-2022-22247HigOct 18, 2022
    risk 0.49cvss 7.5epss 0.01

    An Improper Input Validation vulnerability in ingress TCP segment processing of Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker to send a crafted TCP segment to the device, triggering a kernel panic, leading to a Denial of Service (DoS)…

  • CVE-2022-22211HigOct 18, 2022
    risk 0.49cvss 7.5epss 0.01

    A limitless resource allocation vulnerability in FPC resources of Juniper Networks Junos OS Evolved on PTX Series allows an unprivileged attacker to cause Denial of Service (DoS). Continuously polling the SNMP jnxCosQstatTable causes the FPC to run out of GUID space, causing a…

  • CVE-2022-22192HigOct 18, 2022
    risk 0.49cvss 7.5epss 0.01

    An Improper Validation of Syntactic Correctness of Input vulnerability in the kernel of Juniper Networks Junos OS Evolved on PTX series allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). When an incoming TCP packet destined to the device is…

  • CVE-2022-22212HigJul 20, 2022
    risk 0.49cvss 7.5epss 0.01

    An Allocation of Resources Without Limits or Throttling vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved allows unauthenticated network based attacker to cause a Denial of Service (DoS). On all Junos Evolved platforms hostbound protocols…

  • CVE-2022-22197HigApr 14, 2022
    risk 0.49cvss 7.5epss 0.01

    An Operation on a Resource after Expiration or Release vulnerability in the Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker with an established BGP session to cause a Denial of Service (DoS). This…

  • CVE-2022-22195HigApr 14, 2022
    risk 0.49cvss 7.5epss 0.01

    An Improper Update of Reference Count vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to trigger a counter overflow, eventually causing a Denial of Service (DoS). This issue affects Juniper Networks Junos OS…

  • CVE-2022-22194HigApr 14, 2022
    risk 0.49cvss 7.5epss 0.01

    An Improper Check for Unusual or Exceptional Conditions vulnerability in the packetIO daemon of Juniper Networks Junos OS Evolved on PTX10003, PTX10004, and PTX10008 allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). Continued receipt of these…

  • CVE-2022-22183HigApr 14, 2022
    risk 0.49cvss 7.5epss 0.01

    An Improper Access Control vulnerability in Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker who is able to connect to a specific open IPv4 port, which in affected releases should otherwise be unreachable, to cause the CPU to consume all…

  • CVE-2022-22159HigJan 19, 2022
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the NETISR network queue functionality of Juniper Networks Junos OS kernel allows an attacker to cause a Denial of Service (DoS) by sending crafted genuine packets to a device. During an attack, the routing protocol daemon (rpd) CPU may reach 100% utilization,…

  • CVE-2021-31383HigOct 19, 2021
    risk 0.49cvss 7.5epss 0.01

    In Point to MultiPoint (P2MP) scenarios within established sessions between network or adjacent neighbors the improper use of a source to destination copy write operation combined with a Stack-based Buffer Overflow on certain specific packets processed by the routing protocol…

  • CVE-2021-31374HigOct 19, 2021
    risk 0.49cvss 7.5epss 0.01

    On Juniper Networks Junos OS and Junos OS Evolved devices processing a specially crafted BGP UPDATE or KEEPALIVE message can lead to a routing process daemon (RPD) crash and restart, causing a Denial of Service (DoS). Continued receipt and processing of this message will create…

  • CVE-2021-31353HigOct 19, 2021
    risk 0.49cvss 7.5epss 0.01

    An Improper Handling of Exceptional Conditions vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an attacker to inject a specific BGP update, causing the routing protocol daemon (RPD) to crash and restart, leading to a Denial of Service (DoS). Continued…

  • CVE-2021-31350HigOct 19, 2021
    risk 0.49cvss 7.5epss 0.01

    An Improper Privilege Management vulnerability in the gRPC framework, used by the Juniper Extension Toolkit (JET) API on Juniper Networks Junos OS and Junos OS Evolved, allows a network-based, low-privileged authenticated attacker to perform operations as root, leading to…

  • CVE-2021-0286HigJul 15, 2021
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the handling of exceptional conditions in Juniper Networks Junos OS Evolved (EVO) allows an attacker to send specially crafted packets to the device, causing the Advanced Forwarding Toolkit manager (evo-aftmand-bt or evo-aftmand-zx) process to crash and…

  • CVE-2021-0250HigApr 22, 2021
    risk 0.49cvss 7.5epss 0.01

    In segment routing traffic engineering (SRTE) environments where the BGP Monitoring Protocol (BMP) feature is enable, a vulnerability in the Routing Protocol Daemon (RPD) process of Juniper Networks Junos OS allows an attacker to send a specific crafted BGP update message…

  • CVE-2020-1662HigOct 16, 2020
    risk 0.49cvss 7.5epss 0.01

    On Juniper Networks Junos OS and Junos OS Evolved devices, BGP session flapping can lead to a routing process daemon (RPD) crash and restart, limiting the attack surface to configured BGP peers. This issue only affects devices with BGP damping in combination with…

  • CVE-2020-1648HigJul 17, 2020
    risk 0.49cvss 7.5epss 0.01

    On Juniper Networks Junos OS and Junos OS Evolved devices, processing a specific BGP packet can lead to a routing process daemon (RPD) crash and restart. This issue can occur even before the BGP session with the peer is established. Repeated receipt of this specific BGP packet…

Page 4 of 13