cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-39564,https://securityvulnerability.io/vulnerability/CVE-2024-39564,Double-Free Vulnerability in Juniper Networks Junos OS Routing Daemon,"A double-free vulnerability in the routing process daemon (rpd) of Juniper Networks' Junos OS and Junos OS Evolved permits an attacker to send a malformed BGP Path attribute update. This action allocates memory to log the erroneous path attribute. The resulting double free of memory can cause the rpd to crash, leading to a Denial of Service (DoS). The affected versions include Junos OS and Junos OS Evolved from 22.4 before 22.4R3-S4.",Juniper Networks,"Junos Os,Junos Os Evolved",8.7,HIGH,0.0004600000102072954,false,,false,false,true,2025-02-05T15:31:23.063Z,false,false,false,,2025-02-05T15:31:23.063Z,0
CVE-2025-21600,https://securityvulnerability.io/vulnerability/CVE-2025-21600,Out-of-Bounds Read Vulnerability in Juniper Networks Junos OS and Junos OS Evolved,"An Out-of-Bounds Read vulnerability has been discovered in Juniper Networks' Junos OS and Junos OS Evolved. This vulnerability allows an unauthenticated, logically adjacent BGP peer to send a specifically malformed BGP packet, which may lead to the routing protocol daemon (rpd) crashing and restarting. Consequently, this can result in a Denial of Service (DoS) condition. The vulnerability is pertinent to systems with BGP traceoptions enabled or those using BGP family traffic-engineering (BGP-LS). Both iBGP and eBGP configurations for IPv4 and IPv6 are impacted, making it vital for operators to ensure their systems are updated to versions that address this issue.",Juniper Networks,"Junos Os,Junos Os Evolved",7.1,HIGH,0.0004299999854993075,false,,false,false,true,2025-01-27T23:15:28.000Z,false,false,false,,2025-01-09T17:15:00.000Z,0
CVE-2024-39515,https://securityvulnerability.io/vulnerability/CVE-2024-39515,Denial of Service Vulnerability in Routing Protocol daemon (rpd),"A vulnerability exists within the routing protocol daemon (rpd) of Juniper Networks' Junos OS and Junos OS Evolved, stemming from improper validation of consistency within input data. This allows unauthenticated network-based attackers to exploit a specially crafted BGP packet, potentially leading to a crash and restart of the rpd service. A sustained bombardment of this malformed packet can induce a prolonged Denial of Service (DoS) condition, where the rpd may occasionally fail to restart automatically, necessitating a manual intervention via the CLI command 'restart routing'. The vulnerability affects both iBGP and eBGP sessions over IPv4 and IPv6, specifically targeting systems with BGP traceoptions enabled.",Juniper Networks,"Junos Os,Junos Os Evolved",7.5,HIGH,0.0004600000102072954,false,,false,false,true,2024-10-11T16:15:05.000Z,,false,false,,2024-10-09T20:15:00.000Z,0
CVE-2024-39525,https://securityvulnerability.io/vulnerability/CVE-2024-39525,"{""Juniper Networks warns of Denial of Service (DoS) vulnerability in Junos OS and Junos OS Evolved"",""Improper Handling of Exceptional Conditions in Junos OS and Junos OS Evolved could lead to DoS attacks""}","An improper handling of exceptional conditions vulnerability exists in the routing protocol daemon (rpd) of Juniper Networks' Junos OS and Junos OS Evolved. This flaw allows an unauthenticated network-based attacker to send a specific Border Gateway Protocol (BGP) packet, causing the rpd to crash and subsequently restart. As a result, this can lead to a Denial of Service (DoS) condition, which is further exacerbated by the continued reception of the malicious packets, sustaining the DoS state. The vulnerability specifically affects systems with BGP traceoptions enabled and requires an established BGP session. Both internal BGP (iBGP) and external BGP (eBGP) are vulnerable across IPv4 and IPv6 protocols. Systems lacking BGP traceoptions enabled are not impacted.",Juniper Networks,"Junos Os,Junos Os Evolved",7.5,HIGH,0.0004600000102072954,false,,false,false,true,2024-10-11T16:15:05.000Z,,false,false,,2024-10-09T20:15:00.000Z,0
CVE-2024-39516,https://securityvulnerability.io/vulnerability/CVE-2024-39516,Juniper Networks Junos OS and Junos OS Evolved Vulnerable to Denial of Service Attack via BGP Packets,"An Out-of-Bounds Read vulnerability in the routing protocol daemon (rpd) of Juniper Networks' Junos OS and Junos OS Evolved enables network-based attackers to exploit improperly handled BGP packets. When attackers send a specifically crafted BGP packet to affected systems—particularly those configured with BGP traceoptions enabled or with BGP traffic engineering—the rpd component can crash and subsequently restart. This behavior creates a Denial of Service (DoS), where the ongoing reception of such packets leads to a sustained service disruption. The vulnerability has the potential to impact both iBGP and eBGP configurations across a range of address families, primarily affecting non-transitive attributes that remain contained within the local network.",Juniper Networks,"Junos Os,Junos Os Evolved",7.5,HIGH,0.0004600000102072954,false,,false,false,true,2024-10-11T16:15:05.000Z,,false,false,,2024-10-09T20:15:00.000Z,0
CVE-2024-39518,https://securityvulnerability.io/vulnerability/CVE-2024-39518,Heap-based Buffer Overflow Vulnerability Affects Juniper Networks Junos OS on Certain Platforms,"A Heap-based Buffer Overflow vulnerability exists within the telemetry sensor process (sensord) of Juniper Networks' Junos OS, specifically affecting MX240, MX480, and MX960 platforms using MPC10E. This vulnerability triggers progressively increasing memory consumption, resulting in a Denial of Service condition. When a device engages in a telemetry subscription, a slow memory leak transpires, ultimately exhausting system resources and rendering the device unresponsive. To regain functionality, a manual reboot of the Line Card becomes necessary. The vulnerability is exclusively observable while the telemetry subscription is active. Monitoring commands such as 'show system processes extensive' and 'show system info | match sensord' can be employed to assess heap memory utilization and system status.",Juniper Networks,Junos Os,7.5,HIGH,0.0004299999854993075,false,,false,false,true,2024-07-11T19:15:08.000Z,,false,false,,2024-07-10T23:15:00.000Z,0
CVE-2024-39514,https://securityvulnerability.io/vulnerability/CVE-2024-39514,"{""{\""text\"":\""Juniper Networks Junos and Junos OS affected by Denial of Service (DoS) Vulnerability\""}"",""{\""text\"":\""Junos OS Evolved vulnerable to Improper Check or Handling of Exceptional Conditions leading to Denial of Service (DoS)\""}""}","An Improper Check or Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS).

An attacker can send specific traffic to the device, which causes the rpd to crash and restart. Continued receipt of this traffic will result in a sustained DoS condition.

This issue only affects devices with an EVPN-VPWS instance with IGMP-snooping enabled.

This issue affects Junos OS: 
  *  All versions before 20.4R3-S10, 
  *  from 21.4 before 21.4R3-S6, 
  *  from 22.1 before 22.1R3-S5, 
  *  from 22.2 before 22.2R3-S3, 
  *  from 22.3 before 22.3R3-S2, 
  *  from 22.4 before 22.4R3, 
  *  from 23.2 before 23.2R2;


Junos OS Evolved: 
  *  All versions before 20.4R3-S10-EVO, 
  *  from 21.4-EVO before 21.4R3-S6-EVO, 
  *  from 22.1-EVO before 22.1R3-S5-EVO, 
  *  from 22.2-EVO before 22.2R3-S3-EVO, 
  *  from 22.3-EVO before 22.3R3-S2-EVO, 
  *  from 22.4-EVO before 22.4R3-EVO, 
  *  from 23.2-EVO before 23.2R2-EVO.",Juniper Networks,"Junos Os,Junos Os Evolved",6.5,MEDIUM,0.0004299999854993075,false,,false,false,true,2024-07-11T19:15:07.000Z,,false,false,,2024-07-10T23:15:00.000Z,0
CVE-2024-39513,https://securityvulnerability.io/vulnerability/CVE-2024-39513,Improper Input Validation Vulnerability in Junos OS Evolved Leads to Denial of Service,"An Improper Input Validation vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved allows a local, low-privileged attacker to cause a Denial of Service (DoS).

When a specific ""clear"" command is run, the Advanced Forwarding Toolkit manager (evo-aftmand-bt or evo-aftmand-zx) crashes and restarts.

The crash impacts all traffic going through the FPCs, causing a DoS. Running the command repeatedly leads to a sustained DoS condition.
This issue affects Junos OS Evolved: 



  *  All versions before 20.4R3-S9-EVO, 
  *  from 21.2-EVO before 21.2R3-S7-EVO, 
  *  from 21.3-EVO before 21.3R3-S5-EVO, 
  *  from 21.4-EVO before 21.4R3-S6-EVO, 
  *  from 22.1-EVO before 22.1R3-S4-EVO, 
  *  from 22.2-EVO before 22.2R3-S3-EVO, 
  *  from 22.3-EVO before 22.3R3-S3-EVO, 
  *  from 22.4-EVO before 22.4R3-EVO,
  *  from 23.2-EVO before 23.2R2-EVO.",Juniper Networks,Junos Os Evolved,5.5,MEDIUM,0.0004299999854993075,false,,false,false,true,2024-07-11T16:15:06.000Z,,false,false,,2024-07-10T23:15:00.000Z,0
CVE-2024-39517,https://securityvulnerability.io/vulnerability/CVE-2024-39517,"{""Unusual or Exceptional Conditions Can Cause Denial of Service (DoS) Impacting Device Availability"",""High Amount of Specific Layer 2 Packets Can Cause Routing Protocol Daemon (rpd) to Utilize All CPU Resources, Requiring Manual Restart""}","An Improper Check for Unusual or Exceptional Conditions vulnerability in the Layer 2 Address Learning Daemon (l2ald) on Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause Denial of Service (DoS).

In an EVPN/VXLAN scenario, when a high amount specific Layer 2 packets are processed by the device, it can cause the Routing Protocol Daemon (rpd) to utilize all CPU resources which causes the device to hang. A manual restart of the rpd is required to restore services.

This issue affects both IPv4 and IPv6 implementations.
This issue affects
Junos OS:
All versions earlier than 21.4R3-S7;
22.1 versions earlier than 22.1R3-S5;
22.2 versions earlier than 22.2R3-S3;
22.3 versions earlier than 22.3R3-S3;
22.4 versions earlier than 22.4R3-S2;
23.2 versions earlier than 23.2R2;
23.4 versions earlier than 23.4R1-S1.

Junos OS Evolved:
All versions earlier than 21.4R3-S7-EVO;
22.1-EVO versions earlier than 22.1R3-S5-EVO;
22.2-EVO versions earlier than 22.2R3-S3-EVO;
22.3-EVO versions earlier than 22.3R3-S3-EVO;
22.4-EVO versions earlier than 22.4R3-S2-EVO;
23.2-EVO versions earlier than 23.2R2-EVO;
23.4-EVO versions earlier than 23.4R1-S1-EVO, 23.4R2-EVO.",Juniper Networks,"Junos Os,Junos Os Evolved",6.5,MEDIUM,0.0004299999854993075,false,,false,false,true,2024-07-11T14:15:04.000Z,,false,false,,2024-07-10T23:15:00.000Z,0
CVE-2024-2973,https://securityvulnerability.io/vulnerability/CVE-2024-2973,Authentication Bypass Using Alternate Path or Channel Vulnerability Affects Juniper Networks Routers and Conductors,"A critical vulnerability affecting Juniper Networks routers, identified as CVE-2024-2973, has been discovered, allowing an authentication bypass when running with a redundant peer. This vulnerability affects Session Smart Router versions before 5.6.15, from 6.0 before 6.1.9-lts, and from 6.2 before 6.2.5-sts, as well as Session Smart Conductor versions before 5.6.15, from 6.0 before 6.1.9-lts, and 6.2 before 6.2.5-sts, and WAN Assurance Router versions 6.0 before 6.1.9-lts and 6.2 before 6.2.5-sts. Emergency patches have been released by Juniper Networks to fix this vulnerability, and there have been no reported instances of exploitation in the wild. Juniper Networks Security Incident Response Team has not detected any threat, and the company has swiftly responded by issuing updates and providing guidance for users to update their systems.",Juniper Networks,"Session Smart Router,Session Smart Conductor,Wan Assurance Router",10,CRITICAL,0.0004299999854993075,false,,true,false,true,2024-06-28T15:15:06.000Z,,false,false,,2024-06-27T21:15:00.000Z,0
CVE-2024-30407,https://securityvulnerability.io/vulnerability/CVE-2024-30407,[Child CVE] JCNR and cRPD: Hard-coded SSH host keys in cRPD may allow Person-in-the-Middle (PitM) attacks,"The vulnerability presents a critical risk within Juniper Networks' Cloud Native Router (JCNR) and containerized Routing Protocol Daemon (cRPD) products due to the use of hard-coded SSH host keys. Attackers can exploit this flaw to initiate Person-in-the-Middle (PitM) attacks, enabling them to intercept and manipulate SSH traffic undetected. This interception could lead to a total compromise of the affected containerized environments, posing severe threats to the integrity and confidentiality of sensitive data. Organizations utilizing these products are urged to review their current versions to mitigate potential risks associated with this vulnerability.","Juniper Networks, Inc.","Crpd,Juniper Cloud Native Router (jcnr)",8.1,HIGH,0.00044999999227002263,false,,false,false,true,2024-05-16T21:15:13.000Z,,false,false,,2024-04-12T15:03:40.856Z,0
CVE-2024-30406,https://securityvulnerability.io/vulnerability/CVE-2024-30406,Local Attacker Can Read All Other Users' Login Credentials,"A Cleartext Storage in a File on Disk vulnerability in Juniper Networks Junos OS Evolved ACX Series devices using the Paragon Active Assurance Test Agent software installed on network devices allows a local, authenticated attacker with high privileges to read all other users login credentials.

This issue affects only Juniper Networks Junos OS Evolved ACX Series devices using the Paragon Active Assurance Test Agent software installed on these devices from 23.1R1-EVO through 23.2R2-EVO. 

This issue does not affect releases before 23.1R1-EVO.",Juniper Networks,Junos Os Evolved,5.5,MEDIUM,0.00044999999227002263,false,,false,false,true,2024-05-16T21:15:13.000Z,,false,false,,2024-04-12T15:04:06.515Z,0
CVE-2024-30410,https://securityvulnerability.io/vulnerability/CVE-2024-30410,Incorrect Behavior Order in Routing Engine (RE) of Juniper Networks Junos OS on EX4300 Series,"An Incorrect Behavior Order in the routing engine (RE) of Juniper Networks Junos OS on EX4300 Series allows traffic intended to the device to reach the RE instead of being discarded when the discard term is set in loopback (lo0) interface. The intended function is that the lo0 firewall filter takes precedence over the revenue interface firewall filter. 

This issue affects only IPv6 firewall filter.

This issue only affects the EX4300 switch.  No other products or platforms are affected by this vulnerability. 

This issue affects Juniper Networks Junos OS:

  *  All versions before 20.4R3-S10,
  *  from 21.2 before 21.2R3-S7,
  *  from 21.4 before 21.4R3-S6.",Juniper Networks,Junos,5.8,MEDIUM,0.0004299999854993075,false,,false,false,true,2024-05-16T21:15:13.000Z,,false,false,,2024-04-12T15:02:47.783Z,0
CVE-2024-30403,https://securityvulnerability.io/vulnerability/CVE-2024-30403,Juniper Networks Junos OS Evolved Vulnerable to NULL Pointer Dereference DoS Attack,"A NULL Pointer Dereference vulnerability exists in the Packet Forwarding Engine (PFE) of Juniper Networks' Junos OS Evolved, which could be exploited by an unauthenticated, adjacent attacker to trigger a Denial of Service (DoS). The vulnerability arises during the MAC learning process when Layer 2 traffic is processed through a logical interface, particularly if the interface experiences flapping. This results in the Advanced Forwarding Toolkit manager (evo-aftmand-bt) encountering a core dump, followed by a restart of the PFE. If the same triggering events occur repetitively, they can lead to a sustained DoS condition that affects the performance and availability of the affected systems.",Juniper Networks,Junos Os Evolved,6.5,MEDIUM,0.0004299999854993075,false,,false,false,true,2024-05-16T21:15:12.000Z,,false,false,,2024-04-12T15:28:10.459Z,0
CVE-2024-30397,https://securityvulnerability.io/vulnerability/CVE-2024-30397,Denial of Service (DoS) Vulnerability in Public Key Infrastructure Daemon (pkid),"A vulnerability in the Public Key Infrastructure daemon (pkid) of Juniper Networks Junos OS permits unauthenticated networked attackers to induce a Denial of Service (DoS). When certificate verification fails, the pkid daemon consumes all CPU resources, rendering it unresponsive to subsequent verification attempts. This condition disrupts all VPN negotiations reliant on successful certificate verification, causing significant network service degradation. The issue impacts various versions of Junos OS, making timely updates and patches crucial for network security.",Juniper Networks,Junos Os,7.5,HIGH,0.0004299999854993075,false,,false,false,true,2024-05-16T21:15:12.000Z,,false,false,,2024-04-12T15:25:54.567Z,0
CVE-2024-30384,https://securityvulnerability.io/vulnerability/CVE-2024-30384,Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Networks Junos OS on EX4300 Series,"An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on EX4300 Series allows a locally authenticated attacker with low privileges to cause a Denial-of-Service (Dos).

If a specific CLI command is issued, a PFE crash will occur. This will cause traffic forwarding to be interrupted until the system self-recovers. 

This issue affects Junos OS: 

All versions before 20.4R3-S10,

21.2 versions before 21.2R3-S7,

21.4 versions before 21.4R3-S6.",Juniper Networks,Junos Os,5.5,MEDIUM,0.0004299999854993075,false,,false,false,true,2024-05-16T21:15:12.000Z,,false,false,,2024-04-12T15:22:40.490Z,0
CVE-2024-30386,https://securityvulnerability.io/vulnerability/CVE-2024-30386,Junos OS and Junos OS Evolved: In a EVPN-VXLAN scenario state changes on adjacent systems can cause an l2ald process crash,"A Use-After-Free vulnerability in the Layer 2 Address Learning Daemon (l2ald)

 of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause l2ald to crash leading to a Denial-of-Service (DoS).

In an EVPN-VXLAN scenario, when 

state updates are received and processed by the affected system, the correct order of some processing steps is not ensured, which can lead to an l2ald crash and restart. Whether the crash occurs depends on system internal timing which is outside the attackers control.
This issue affects:

Junos OS: 



  *  All versions before 20.4R3-S8,
  *  21.2 versions before 21.2R3-S6,
  *  21.3 versions before 21.3R3-S5,
  *  21.4 versions before 21.4R3-S4,
  *  22.1 versions before 22.1R3-S3,
  *  22.2 versions before 22.2R3-S1,
  *  22.3 versions before 22.3R3,,
  *  22.4 versions before 22.4R2;




Junos OS Evolved: 



  *  All versions before 20.4R3-S8-EVO,
  *  21.2-EVO versions before 21.2R3-S6-EVO, 
  *  21.3-EVO

 versions before 21.3R3-S5-EVO,
  *  21.4-EVO

 versions before 21.4R3-S4-EVO,
  *  22.1-EVO

 versions before 22.1R3-S3-EVO,
  *  22.2-EVO

 versions before 22.2R3-S1-EVO,
  *  22.3-EVO

 versions before 22.3R3-EVO,
  *  22.4-EVO

 versions before 22.4R2-EVO.",Juniper Networks,"Junos Os,Junos Os Evolved",5.3,MEDIUM,0.0004299999854993075,false,,false,false,true,2024-05-16T21:15:12.000Z,,false,false,,2024-04-12T15:23:24.249Z,0
CVE-2024-30387,https://securityvulnerability.io/vulnerability/CVE-2024-30387,Missing Synchronization Vulnerability in Juniper Networks Junos OS Could Lead to Denial-of-Service Attacks,"A Missing Synchronization vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on ACX5448 and ACX710 allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS).

If an interface flaps while the system gathers statistics on that interface, two processes simultaneously access a shared resource which leads to a PFE crash and restart.

This issue affects Junos OS:



  *  All versions before 20.4R3-S9,
  *  21.2 versions before 21.2R3-S5, 
  *  21.3 versions before 21.3R3-S5, 
  *  21.4 versions before 21.4R3-S4,
  *  22.1 versions before 22.1R3-S2,
  *  22.2 versions before 22.2R3-S2,
  *  22.3 versions before 22.3R2-S2, 22.3R3,
  *  22.4 versions before 22.4R2.",Juniper Networks,Junos Os,6.5,MEDIUM,0.0004299999854993075,false,,false,false,true,2024-05-16T21:15:12.000Z,,false,false,,2024-04-12T15:20:04.679Z,0
CVE-2024-30388,https://securityvulnerability.io/vulnerability/CVE-2024-30388,"Denial of Service (DoS) Vulnerability in Packet Forwarding Engine (pfe) Affects Juniper Networks Junos OS on QFX5000 Series, EX4400, EX4100, and EX4650 Series","An Improper Isolation or Compartmentalization vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on QFX5000 Series and EX Series allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS).

If a specific malformed LACP packet is received by a QFX5000 Series, or an EX4400, EX4100 or EX4650 Series device, an LACP flap will occur resulting in traffic loss.
This issue affects Junos OS on QFX5000 Series, and on EX4400, EX4100 or EX4650 Series:



  *  20.4 versions from 

20.4R3-S4

before 20.4R3-S8,
  *  21.2 versions from 

21.2R3-S2

before 21.2R3-S6,
  *  21.4 versions from 

21.4R2

before 21.4R3-S4,

  *  22.1 versions from

22.1R2

 before 22.1R3-S3,
  *  22.2 versions before 22.2R3-S1,
  *  22.3 versions before 22.3R2-S2, 22.3R3,
  *  22.4 versions before 22.4R2-S1, 22.4R3.",Juniper Networks,Junos Os,6.5,MEDIUM,0.0004299999854993075,false,,false,false,true,2024-05-16T21:15:12.000Z,,false,false,,2024-04-12T15:09:12.944Z,0
CVE-2024-30389,https://securityvulnerability.io/vulnerability/CVE-2024-30389,Unauthenticated Integrity Impact Vulnerability in Juniper Networks Junos OS on EX4300 Series,"An Incorrect Behavior Order vulnerability exists within the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS, specifically impacting the EX4300 Series. This vulnerability enables an unauthenticated, network-based attacker to compromise the integrity of networks relying on the affected device. When output firewall filters are applied on interfaces, they fail to recognize certain matching packets, inadvertently allowing any traffic. This vulnerability impacts releases of Junos OS version 21.4 from 21.4R1 up to but not including 21.4R3-S6. Previous versions of Junos OS, released before 21.4R1, are not affected.",Juniper Networks,Junos Os,5.8,MEDIUM,0.0004299999854993075,false,,false,false,true,2024-05-16T21:15:12.000Z,,false,false,,2024-04-12T15:24:09.806Z,0
CVE-2024-30390,https://securityvulnerability.io/vulnerability/CVE-2024-30390,Improper Restriction of Excessive Authentication Attempts Vulnerability Affects Juniper Networks Junos OS Evolved,"An Improper Restriction of Excessive Authentication Attempts vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a limited Denial of Service (DoS) to the management plane.

When an incoming connection was blocked because it exceeded the connections-per-second rate-limit, the system doesn't consider existing connections anymore for subsequent connection attempts so that the connection limit can be exceeded.
This issue affects Junos OS Evolved:



  *  All versions before 21.4R3-S4-EVO,
  *  22.1-EVO versions before 22.1R3-S3-EVO,
  *  22.2-EVO versions before 22.2R3-S2-EVO, 
  *  22.3-EVO versions before 22.3R2-S1-EVO, 22.3R3-EVO.",Juniper Networks,Junos Os Evolved,5.3,MEDIUM,0.0004299999854993075,false,,false,false,true,2024-05-16T21:15:12.000Z,,false,false,,2024-04-12T15:24:51.279Z,0
CVE-2024-30391,https://securityvulnerability.io/vulnerability/CVE-2024-30391,Missing Authentication Issue in Juniper Networks Junos OS on MX and SRX Series Devices,"A vulnerability in Juniper Networks' Junos OS, particularly impacting MX Series and SRX Series devices, stems from a missing authentication mechanism within the Packet Forwarding Engine (pfe). This flaw enables an unauthenticated network-based attacker to exploit the affected devices without needing valid credentials. In scenarios where IPsec authentication algorithms such as hmac-sha-384 or hmac-sha-512 are employed, although tunnels are formed successfully, no authentication information is transmitted with the encrypted data during egress, and similarly, no authentication is expected during ingress. As a result, traffic can experience disruptions, especially when communicating with affected peers, raising serious concerns around device integrity and availability. Users must upgrade to the latest versions to mitigate the risk associated with this vulnerability.",Juniper Networks,Junos Os,4.8,MEDIUM,0.0004299999854993075,false,,false,false,true,2024-05-16T21:15:12.000Z,,false,false,,2024-04-12T15:25:24.733Z,0
CVE-2024-30392,https://securityvulnerability.io/vulnerability/CVE-2024-30392,Buffer Overflow Vulnerability in Flow Processing Daemon (flowd) Could Lead to Denial of Service (DoS),"A Stack-based Buffer Overflow vulnerability exists in the Flow Processing Daemon (flowd) of Juniper Networks Junos OS. This vulnerability allows an unauthenticated attacker to exploit the system remotely. When URL filtering is enabled on affected MX Series platforms, the processing of a specific URL request can lead to the crash and subsequent restart of flowd, resulting in a Denial of Service (DoS) condition. Continuous exploitation of this vulnerability can lead to persistent interruptions in service. It is critical for users to upgrade to the recommended versions of Junos OS to mitigate potential risks.",Juniper Networks,Junos Os,7.5,HIGH,0.0006099999882280827,false,,false,false,true,2024-05-16T21:15:12.000Z,,false,false,,2024-04-12T15:07:48.287Z,0
CVE-2024-30394,https://securityvulnerability.io/vulnerability/CVE-2024-30394,"{""Junos OS affected by Stack-based Buffer Overflow vulnerability"",""Junos OS Evolved affected by Stack-based Buffer Overflow vulnerability"",""Denial of Service (DoS) condition caused by specific EVPN type-5 route receipt""}","A stack-based buffer overflow vulnerability exists within the Routing Protocol Daemon (rpd) of Junos OS and Junos OS Evolved. This vulnerability can be exploited by an unauthenticated network-based attacker through the receipt of a crafted specific EVPN type-5 route via BGP. Successful exploitation causes the rpd process to crash and restart, leading to a Denial of Service (DoS) condition, which can be sustained if the attacker continuously sends the malicious route. The vulnerability impacts multiple versions of Junos OS and Junos OS Evolved, underscoring the importance of timely updates and strict network monitoring to mitigate potential threats.",Juniper Networks,"Junos Os,Junos Os Evolved",7.5,HIGH,0.0006099999882280827,false,,false,false,true,2024-05-16T21:15:12.000Z,,false,false,,2024-04-12T15:07:36.080Z,0
CVE-2024-30398,https://securityvulnerability.io/vulnerability/CVE-2024-30398,Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability Affects Junos OS,"A vulnerability in the Packet Forwarding Engine (PFE) component of Junos OS by Juniper Networks allows unauthenticated network-based attackers to initiate Denial of Service (DoS) attacks. This occurs when the SRX4600 device receives a high volume of targeted traffic, leading to excessive CPU memory utilization due to flawed internal packet processing. The consequences include significant packet loss and eventual failure of the PFE, necessitating a manual reboot to restore functionality. Multiple versions of Junos OS are impacted, and users are advised to review their deployments to ensure protection against potential exploitation.",Juniper Networks,Junos Os,7.5,HIGH,0.0004299999854993075,false,,false,false,true,2024-05-16T21:15:12.000Z,,false,false,,2024-04-12T15:26:27.402Z,0