VYPR

OS Evolved

by Juniper Networks

CVEs (248)

  • CVE-2020-1646HigJul 17, 2020
    risk 0.49cvss 7.5epss 0.01

    On Juniper Networks Junos OS and Junos OS Evolved devices, processing a specific UPDATE for an EBGP peer can lead to a routing process daemon (RPD) crash and restart. This issue occurs only when the device is receiving and processing the BGP UPDATE for an EBGP peer. This issue…

  • CVE-2020-1644HigJul 17, 2020
    risk 0.49cvss 7.5epss 0.01

    On Juniper Networks Junos OS and Junos OS Evolved devices, the receipt of a specific BGP UPDATE packet causes an internal counter to be incremented incorrectly, which over time can lead to the routing protocols process (RPD) crash and restart. This issue affects both IBGP and…

  • CVE-2020-1638HigApr 8, 2020
    risk 0.49cvss 7.5epss 0.01

    The FPC (Flexible PIC Concentrator) of Juniper Networks Junos OS and Junos OS Evolved may restart after processing a specific IPv4 packet. Only packets destined to the device itself, successfully reaching the RE through existing edge and control plane filtering, will be able to…

  • CVE-2020-1626HigApr 8, 2020
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in Juniper Networks Junos OS Evolved may allow an attacker to cause a Denial of Service (DoS) by sending a high rate of specific packets to the device, resulting in a pfemand process crash. The pfemand process is responsible for packet forwarding on the device.…

  • CVE-2026-33797HigApr 9, 2026
    risk 0.48cvss 7.4epss 0.00

    An Improper Input Validation vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker, sending a specific genuine BGP packet in an already established BGP session to reset only that session causing a Denial of Service (DoS). …

  • CVE-2025-30648HigApr 9, 2025
    risk 0.48cvss 7.4epss 0.00

    An Improper Input Validation vulnerability in the Juniper DHCP Daemon (jdhcpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause the jdhcpd process to crash resulting in a Denial of Service (DoS). When a specifically…

  • CVE-2021-0259HigApr 22, 2021
    risk 0.48cvss 7.4epss 0.00

    Due to a vulnerability in DDoS protection in Juniper Networks Junos OS and Junos OS Evolved on QFX5K Series switches in a VXLAN configuration, instability might be experienced in the underlay network as a consequence of exceeding the default ddos-protection aggregate threshold.…

  • CVE-2024-39546HigJul 11, 2024
    risk 0.47cvss 7.3epss 0.00

    A Missing Authorization vulnerability in the Socket Intercept (SI) command file interface of Juniper Networks Junos OS Evolved allows an authenticated, low-privilege local attacker to modify certain files, allowing the attacker to cause any command to execute with root…

  • CVE-2023-44182HigOct 13, 2023
    risk 0.47cvss 7.3epss 0.01

    An Unchecked Return Value vulnerability in the user interfaces to the Juniper Networks Junos OS and Junos OS Evolved, the CLI, the XML API, the XML Management Protocol, the NETCONF Management Protocol, the gNMI interfaces, and the J-Web User Interfaces causes unintended effects…

  • CVE-2022-22248HigOct 18, 2022
    risk 0.47cvss 7.3epss 0.00

    An Incorrect Permission Assignment vulnerability in shell processing of Juniper Networks Junos OS Evolved allows a low-privileged local user to modify the contents of a configuration file which could cause another user to execute arbitrary commands within the context of the…

  • CVE-2023-28973HigApr 17, 2023
    risk 0.46cvss 7.1epss 0.00

    An Improper Authorization vulnerability in the 'sysmanctl' shell command of Juniper Networks Junos OS Evolved allows a local, authenticated attacker to execute administrative commands that could impact the integrity of the system or system availability. Administrative functions…

  • CVE-2021-31360HigOct 19, 2021
    risk 0.46cvss 7.1epss 0.00

    An improper privilege management vulnerability in the Juniper Networks Junos OS and Junos OS Evolved command-line interpreter (CLI) allows a low-privileged user to overwrite local files as root, possibly leading to a system integrity issue or Denial of Service (DoS). Depending…

  • CVE-2021-31354HigOct 19, 2021
    risk 0.46cvss 7.1epss 0.01

    An Out Of Bounds (OOB) access vulnerability in the handling of responses by a Juniper Agile License (JAL) Client in Juniper Networks Junos OS and Junos OS Evolved, configured in Network Mode (to use Juniper Agile License Manager) may allow an attacker to cause a partial Denial…

  • CVE-2021-0226HigApr 22, 2021
    risk 0.46cvss 7.1epss 0.01

    On Juniper Networks Junos OS Evolved devices, receipt of a specific IPv6 packet may cause an established IPv6 BGP session to terminate, creating a Denial of Service (DoS) condition. Continued receipt and processing of this packet will create a sustained Denial of Service (DoS)…

  • CVE-2020-1602HigJan 15, 2020
    risk 0.46cvss 7.1epss 0.01

    When a device using Juniper Network's Dynamic Host Configuration Protocol Daemon (JDHCPD) process on Junos OS or Junos OS Evolved which is configured in relay mode it vulnerable to an attacker sending crafted IPv4 packets who may remotely take over the code execution of the…

  • CVE-2026-33791MedApr 9, 2026
    risk 0.44cvss 6.7epss 0.01

    An OS Command Injection vulnerability in the CLI processing of Juniper Networks Junos OS and Junos OS Evolved allows a local, high-privileged attacker executing specific, crafted CLI commands to inject arbitrary shell commands as root, leading to a complete compromise of the…

  • CVE-2025-52988MedJul 11, 2025
    risk 0.44cvss 6.7epss 0.00

    An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in the CLI of Juniper Networks Junos OS and Junos OS Evolved allows a high privileged, local attacker to escalated their privileges to root. When a user provides…

  • CVE-2024-47495MedOct 11, 2024
    risk 0.44cvss 6.7epss 0.00

    An Authorization Bypass Through User-Controlled Key vulnerability allows a locally authenticated attacker with shell access to gain full control of the device when Dual Routing Engines (REs) are in use on Juniper Networks Junos OS Evolved devices. This issue affects: Juniper…

  • CVE-2024-39512MedJul 10, 2024
    risk 0.43cvss 6.6epss 0.00

    An Improper Physical Access Control vulnerability in the console port control of Juniper Networks Junos OS Evolved allows an attacker with physical access to the device to get access to a user account. When the console cable is disconnected, the logged in user is not logged…

  • CVE-2020-1666MedOct 16, 2020
    risk 0.43cvss 6.6epss 0.00

    The system console configuration option 'log-out-on-disconnect' In Juniper Networks Junos OS Evolved fails to log out an active CLI session when the console cable is disconnected. This could allow a malicious attacker with physical access to the console the ability to resume a…

Page 5 of 13