VYPR

OS Evolved

by Juniper Networks

CVEs (248)

  • CVE-2021-0297MedOct 19, 2021
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the processing of TCP MD5 authentication in Juniper Networks Junos OS Evolved may allow a BGP or LDP session configured with MD5 authentication to succeed, even if the peer does not have TCP MD5 authentication enabled. This could lead to untrusted or…

  • CVE-2021-0292MedJul 15, 2021
    risk 0.42cvss 6.5epss 0.00

    An Uncontrolled Resource Consumption vulnerability in the ARP daemon (arpd) and Network Discovery Protocol (ndp) process of Juniper Networks Junos OS Evolved allows a malicious attacker on the local network to consume memory resources, ultimately resulting in a Denial of Service…

  • CVE-2021-0291MedJul 15, 2021
    risk 0.42cvss 6.5epss 0.01

    An Exposure of System Data vulnerability in Juniper Networks Junos OS and Junos OS Evolved, where a sensitive system-level resource is not being sufficiently protected, allows a network-based unauthenticated attacker to send specific traffic which partially reaches this…

  • CVE-2021-0289MedJul 15, 2021
    risk 0.42cvss 6.5epss 0.00

    When user-defined ARP Policer is configured and applied on one or more Aggregated Ethernet (AE) interface units, a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability between the Device Control Daemon (DCD) and firewall process (dfwd) daemons of Juniper Networks…

  • CVE-2021-0287MedJul 15, 2021
    risk 0.42cvss 6.5epss 0.00

    In a Segment Routing ISIS (SR-ISIS)/MPLS environment, on Juniper Networks Junos OS and Junos OS Evolved devices, configured with ISIS Flexible Algorithm for Segment Routing and sensor-based statistics, a flap of a ISIS link in the network, can lead to a routing process daemon…

  • CVE-2021-0239MedApr 22, 2021
    risk 0.42cvss 6.5epss 0.00

    In Juniper Networks Junos OS Evolved, receipt of a stream of specific genuine Layer 2 frames may cause the Advanced Forwarding Toolkit (AFT) manager process (Evo-aftmand), responsible for handling Route, Class-of-Service (CoS), Firewall operations within the packet forwarding…

  • CVE-2021-0236MedApr 22, 2021
    risk 0.42cvss 6.5epss 0.01

    Due to an improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved the Routing Protocol Daemon (RPD) service, upon receipt of a specific matching BGP packet meeting a specific term in the flowspec configuration, crashes and restarts…

  • CVE-2021-0209MedJan 15, 2021
    risk 0.42cvss 6.5epss 0.00

    In Juniper Networks Junos OS Evolved an attacker sending certain valid BGP update packets may cause Junos OS Evolved to access an uninitialized pointer causing RPD to core leading to a Denial of Service (DoS). Continued receipt of these types of valid BGP update packets will…

  • CVE-2020-1681MedOct 16, 2020
    risk 0.42cvss 6.5epss 0.01

    Receipt of a specifically malformed NDP packet sent from the local area network (LAN) to a device running Juniper Networks Junos OS Evolved can cause the ndp process to crash, resulting in a Denial of Service (DoS). The process automatically restarts without intervention, but a…

  • CVE-2020-1678MedOct 16, 2020
    risk 0.42cvss 6.5epss 0.00

    On Juniper Networks Junos OS and Junos OS Evolved platforms with EVPN configured, receipt of specific BGP packets causes a slow memory leak. If the memory is exhausted the rpd process might crash. If the issue occurs, the memory leak could be seen by executing the "show task…

  • CVE-2024-39532MedJul 11, 2024
    risk 0.41cvss 6.3epss 0.00

    An Insertion of Sensitive Information into Log File vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows a local, authenticated attacker with high privileges to access sensitive information. When another user performs a specific operation, sensitive…

  • CVE-2023-44190MedOct 11, 2023
    risk 0.40cvss 6.1epss 0.00

    An Origin Validation vulnerability in MAC address validation of Juniper Networks Junos OS Evolved on PTX10001, PTX10004, PTX10008, and PTX10016 devices allows a network-adjacent attacker to bypass MAC address checking, allowing MAC addresses not intended to reach the adjacent…

  • CVE-2023-44189MedOct 11, 2023
    risk 0.40cvss 6.1epss 0.00

    An Origin Validation vulnerability in MAC address validation of Juniper Networks Junos OS Evolved on PTX10003 Series allows a network-adjacent attacker to bypass MAC address checking, allowing MAC addresses not intended to reach the adjacent LAN to be forwarded to the…

  • CVE-2023-22397MedJan 13, 2023
    risk 0.40cvss 6.1epss 0.00

    An Allocation of Resources Without Limits or Throttling weakness in the memory management of the Packet Forwarding Engine (PFE) on Juniper Networks Junos OS Evolved PTX10003 Series devices allows an adjacently located attacker who has established certain preconditions and…

  • CVE-2025-52984MedJul 11, 2025
    risk 0.38cvss 5.9epss 0.00

    A NULL Pointer Dereference vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause impact to the availability of the device. When static route points to a reject next hop…

  • CVE-2024-47507MedOct 11, 2024
    risk 0.38cvss 5.8epss 0.00

    An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause an integrity impact to the downstream devices. When a peer…

  • CVE-2024-47491MedOct 11, 2024
    risk 0.38cvss 5.9epss 0.01

    An Improper Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated attacker to cause Denial of Service (DoS). When a BGP UPDATE with malformed path attribute…

  • CVE-2024-47489MedOct 11, 2024
    risk 0.38cvss 5.8epss 0.01

    An Improper Handling of Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of the Juniper Networks Junos OS Evolved on ACX Series devices allows an unauthenticated, network based attacker sending specific transit protocol traffic to cause a partial Denial…

  • CVE-2024-39559MedJul 10, 2024
    risk 0.38cvss 5.9epss 0.00

    An Improper Check for Unusual or Exceptional Conditions vulnerability in packet processing of Juniper Networks Junos OS Evolved may allow a network-based unauthenticated attacker to crash the device (vmcore) by sending a specific TCP packet over an established TCP session with…

  • CVE-2024-39554MedJul 10, 2024
    risk 0.38cvss 5.9epss 0.00

    A Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to inject…

Page 9 of 13