cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-39564,https://securityvulnerability.io/vulnerability/CVE-2024-39564,Double-Free Vulnerability in Juniper Networks Junos OS Routing Daemon,"A double-free vulnerability in the routing process daemon (rpd) of Juniper Networks' Junos OS and Junos OS Evolved permits an attacker to send a malformed BGP Path attribute update. This action allocates memory to log the erroneous path attribute. The resulting double free of memory can cause the rpd to crash, leading to a Denial of Service (DoS). The affected versions include Junos OS and Junos OS Evolved from 22.4 before 22.4R3-S4.",Juniper Networks,"Junos Os,Junos Os Evolved",8.7,HIGH,0.0004600000102072954,false,,false,false,true,2025-02-05T15:31:23.063Z,false,false,false,,2025-02-05T15:31:23.063Z,0
CVE-2025-21598,https://securityvulnerability.io/vulnerability/CVE-2025-21598,Out-of-bounds Read Vulnerability in Juniper Networks Junos OS and Junos OS Evolved,"An Out-of-bounds Read vulnerability exists within Juniper Networks' Junos OS and Junos OS Evolved's routing protocol daemon. This vulnerability allows an unauthenticated, network-based attacker to exploit the device by sending malformed BGP packets, which can lead to the crashing of the routing protocol daemon (rpd). The exploitation requires an established BGP session and can affect both iBGP and eBGP over IPv4 and IPv6. This issue can propagate across multiple Autonomous Systems (ASes), impacting devices that are vulnerable according to the affected software versions. Indicators of compromise may be identified by examining logs for messages related to malformed packets received from neighboring ASes.",Juniper Networks,,7.5,HIGH,0.0004600000102072954,false,,false,false,false,,false,false,false,,2025-01-09T19:15:00.000Z,749
CVE-2025-21600,https://securityvulnerability.io/vulnerability/CVE-2025-21600,Out-of-Bounds Read Vulnerability in Juniper Networks Junos OS and Junos OS Evolved,"An Out-of-Bounds Read vulnerability has been discovered in Juniper Networks' Junos OS and Junos OS Evolved. This vulnerability allows an unauthenticated, logically adjacent BGP peer to send a specifically malformed BGP packet, which may lead to the routing protocol daemon (rpd) crashing and restarting. Consequently, this can result in a Denial of Service (DoS) condition. The vulnerability is pertinent to systems with BGP traceoptions enabled or those using BGP family traffic-engineering (BGP-LS). Both iBGP and eBGP configurations for IPv4 and IPv6 are impacted, making it vital for operators to ensure their systems are updated to versions that address this issue.",Juniper Networks,"Junos Os,Junos Os Evolved",7.1,HIGH,0.0004299999854993075,false,,false,false,true,2025-01-27T23:15:28.000Z,false,false,false,,2025-01-09T17:15:00.000Z,0
CVE-2025-21599,https://securityvulnerability.io/vulnerability/CVE-2025-21599,Memory Management Flaw in Juniper Networks Junos OS Evolved IPv6 Configuration,"A vulnerability in the Juniper Tunnel Driver (jtd) of Junos OS Evolved allows unauthenticated network-based attackers to exploit a memory management flaw when processing specifically malformed IPv6 packets. This leads to an inability to free kernel memory, resulting in memory exhaustion and potentially causing system crashes, thereby creating a Denial of Service (DoS) condition. Systems configured with IPv6 are particularly susceptible, as continuous receipt of these packets can sustain a DoS impact. Affected versions are those from 22.4-EVO onwards, specifically before minor revisions indicated, while versions prior to 22.4R1-EVO remain unaffected.",Juniper Networks,,7.5,HIGH,0.0004600000102072954,false,,false,false,false,,false,false,false,,2025-01-09T17:15:00.000Z,0
CVE-2024-47504,https://securityvulnerability.io/vulnerability/CVE-2024-47504,Juniper Networks Junos OS vulnerable to Improper Validation of Specified Type of Input flaw,"The vulnerability identified in Juniper Networks' Junos OS on the SRX5000 Series pertains to an improper validation of specified types of input. This flaw allows an unauthenticated network-based attacker to exploit the packet forwarding engine, leading to a Denial of Service (DoS) condition. When the device receives a specially crafted malformed packet, it may trigger a crash and subsequent restart of the flowd process, impacting the availability of the network services. Affected versions of the Junos OS include various releases within the 22.x, 23.x, and 24.x series, highlighting the importance of timely updates and patches to mitigate potential risks.",Juniper Networks,Junos Os,7.5,HIGH,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-10-11T15:33:08.341Z,0
CVE-2024-47502,https://securityvulnerability.io/vulnerability/CVE-2024-47502,Allocation of Resources Without Limits or Throttling Vulnerability,"A vulnerability exists in the kernel of Juniper Networks Junos OS Evolved due to Allocation of Resources Without Limits or Throttling. An unauthenticated network-based attacker may exploit this flaw to initiate a Denial of Service (DoS) attack, leading to the exhaustion of resources available for new connections to the control plane. Affected TCP sessions that are not properly cleared when terminated contribute to this resource depletion over time. The issue is limited to IPv4 traffic and only impacts TCP sessions established in-band via an interface on a Flexible PIC Concentrator (FPC); it does not affect out-of-band connections made through the management Ethernet port on the routing-engine. Affected users may observe an increasing number of TCP connections through the system connections command, and recovery from the issue necessitates a manual restart of the respective Routing Engine (RE).",Juniper Networks,Junos Os Evolved,7.5,HIGH,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-10-11T15:31:45.356Z,0
CVE-2024-47499,https://securityvulnerability.io/vulnerability/CVE-2024-47499,Improper Check for Unusual or Exceptional Conditions Vulnerability Leads to Denial of Service (DoS),"A vulnerability exists in the routing protocol daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved due to improper checks for unusual or exceptional conditions. This flaw can be exploited by unauthenticated, network-based attackers to trigger a Denial of Service (DoS) when BGP Monitoring Protocol (BMP) is configured with rib-in pre-policy monitoring. An attacker could send a specifically malformed AS PATH attribute via an established BGP session, leading to an RPD crash and subsequent restart. Organizations using affected versions of Junos OS and Junos OS Evolved are at risk and should apply remedial measures promptly to enhance their security posture.",Juniper Networks,"Junos Os,Junos Os Evolved",7.5,HIGH,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-10-11T15:30:36.930Z,0
CVE-2024-47497,https://securityvulnerability.io/vulnerability/CVE-2024-47497,Uncontrolled Resource Consumption Vulnerability Can Cause Denial-of-Service (DoS) on Juniper Networks Devices,"An Uncontrolled Resource Consumption vulnerability exists in the http daemon (httpd) of Juniper Networks' Junos OS. This flaw allows unauthenticated, network-based attackers to exploit the system by sending specific HTTPS connection requests. This exploitation results in the creation of persistent processes that fail to terminate correctly, leading to resource depletion. Consequently, this can cause the affected devices, such as those in the SRX, QFX, MX, and EX Series, to become unresponsive and ultimately crash, requiring a restart. For impacted users, monitoring procedures can be implemented using system commands to track resource utilization.",Juniper Networks,Junos Os,7.5,HIGH,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-10-11T15:28:49.424Z,0
CVE-2024-47490,https://securityvulnerability.io/vulnerability/CVE-2024-47490,Improper Restriction of Communication Channel to Intended Endpoints Vulnerability Affects Junos OS Evolved,"The vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks' Junos OS Evolved on the ACX 7000 Series allows unauthenticated network-based attackers to exploit improper handling of specific transit MPLS packets. These packets are incorrectly forwarded to the Routing Engine, leading to resource exhaustion as continuous receipt causes an overload, ultimately resulting in Denial of Service (DoS). This vulnerability does not require MPLS configuration to be present and impacts multiple versions of the ACX 7000 Series.",Juniper Networks,Junos Os Evolved,8.2,HIGH,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-10-11T15:22:39.517Z,0
CVE-2024-39563,https://securityvulnerability.io/vulnerability/CVE-2024-39563,Junos Space Command Injection Vulnerability Allows Remote Command Execution,"A Command Injection vulnerability exists in Juniper Networks' Junos Space, enabling unauthenticated, network-based attackers to send specially crafted requests that result in the execution of arbitrary shell commands on the Junos Space Appliance. The issue arises from inadequate input sanitization in a specific script within the web application, allowing malicious input passed via a GET request. Exploitation of this vulnerability can lead to remote command execution, potentially granting the attacker full control over the affected device. Only Junos Space version 24.1R1 is impacted, while earlier versions remain unaffected.",Juniper Networks,Junos Space,7.3,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-10-11T15:21:18.354Z,0
CVE-2024-39547,https://securityvulnerability.io/vulnerability/CVE-2024-39547,Improper Handling of Exceptional Conditions Leads to Denial of Service Vulnerability in Juniper Networks,"A vulnerability exists within the rpd-server of Juniper Networks' Junos OS and Junos OS Evolved that allows unauthenticated network-based attackers to exploit improper handling of exceptional conditions. By sending carefully crafted TCP traffic to the routing engine, these attackers can induce high CPU utilization at the control plane, resulting in a Denial of Service. This vulnerability becomes particularly severe when RIB sharding is enabled, leading to unexpected task accounting reads by the RPD Server jobs. Affected systems include various versions of Junos OS and Junos OS Evolved, with both requiring urgent attention for system management and security protocols.",Juniper Networks,"Junos Os,Junos Os Evolved",7.5,HIGH,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-10-11T15:20:45.121Z,0
CVE-2024-39516,https://securityvulnerability.io/vulnerability/CVE-2024-39516,Juniper Networks Junos OS and Junos OS Evolved Vulnerable to Denial of Service Attack via BGP Packets,"An Out-of-Bounds Read vulnerability in the routing protocol daemon (rpd) of Juniper Networks' Junos OS and Junos OS Evolved enables network-based attackers to exploit improperly handled BGP packets. When attackers send a specifically crafted BGP packet to affected systems—particularly those configured with BGP traceoptions enabled or with BGP traffic engineering—the rpd component can crash and subsequently restart. This behavior creates a Denial of Service (DoS), where the ongoing reception of such packets leads to a sustained service disruption. The vulnerability has the potential to impact both iBGP and eBGP configurations across a range of address families, primarily affecting non-transitive attributes that remain contained within the local network.",Juniper Networks,"Junos Os,Junos Os Evolved",7.5,HIGH,0.0004600000102072954,false,,false,false,true,2024-10-11T16:15:05.000Z,,false,false,,2024-10-09T20:15:00.000Z,0
CVE-2024-39525,https://securityvulnerability.io/vulnerability/CVE-2024-39525,"{""Juniper Networks warns of Denial of Service (DoS) vulnerability in Junos OS and Junos OS Evolved"",""Improper Handling of Exceptional Conditions in Junos OS and Junos OS Evolved could lead to DoS attacks""}","An improper handling of exceptional conditions vulnerability exists in the routing protocol daemon (rpd) of Juniper Networks' Junos OS and Junos OS Evolved. This flaw allows an unauthenticated network-based attacker to send a specific Border Gateway Protocol (BGP) packet, causing the rpd to crash and subsequently restart. As a result, this can lead to a Denial of Service (DoS) condition, which is further exacerbated by the continued reception of the malicious packets, sustaining the DoS state. The vulnerability specifically affects systems with BGP traceoptions enabled and requires an established BGP session. Both internal BGP (iBGP) and external BGP (eBGP) are vulnerable across IPv4 and IPv6 protocols. Systems lacking BGP traceoptions enabled are not impacted.",Juniper Networks,"Junos Os,Junos Os Evolved",7.5,HIGH,0.0004600000102072954,false,,false,false,true,2024-10-11T16:15:05.000Z,,false,false,,2024-10-09T20:15:00.000Z,0
CVE-2024-39515,https://securityvulnerability.io/vulnerability/CVE-2024-39515,Denial of Service Vulnerability in Routing Protocol daemon (rpd),"A vulnerability exists within the routing protocol daemon (rpd) of Juniper Networks' Junos OS and Junos OS Evolved, stemming from improper validation of consistency within input data. This allows unauthenticated network-based attackers to exploit a specially crafted BGP packet, potentially leading to a crash and restart of the rpd service. A sustained bombardment of this malformed packet can induce a prolonged Denial of Service (DoS) condition, where the rpd may occasionally fail to restart automatically, necessitating a manual intervention via the CLI command 'restart routing'. The vulnerability affects both iBGP and eBGP sessions over IPv4 and IPv6, specifically targeting systems with BGP traceoptions enabled.",Juniper Networks,"Junos Os,Junos Os Evolved",7.5,HIGH,0.0004600000102072954,false,,false,false,true,2024-10-11T16:15:05.000Z,,false,false,,2024-10-09T20:15:00.000Z,0
CVE-2024-39552,https://securityvulnerability.io/vulnerability/CVE-2024-39552,Improper Handling of Exceptional Conditions Vulnerability Leads to Denial of Service (DoS),"An Improper Handling of Exceptional Conditions vulnerability exists in the routing protocol daemon (RPD) of Junos OS and Junos OS Evolved from Juniper Networks. This flaw allows unauthenticated attackers to remotely manipulate the RPD process through the transmission of malformed BGP UPDATE packets over an established BGP session. Upon receiving a malformed packet, the RPD process crashes and restarts, leading to continuous denial of service for affected devices. The vulnerability impacts both eBGP and iBGP implementations across IPv4 and IPv6, necessitating an established session for exploitation.",Juniper Networks,"Junos Os,Junos Os Evolved",7.5,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-07-11T16:30:36.672Z,0
CVE-2024-39551,https://securityvulnerability.io/vulnerability/CVE-2024-39551,Uncontrolled Resource Consumption vulnerability in Juniper Networks Junos OS,"An Uncontrolled Resource Consumption vulnerability exists in the H.323 ALG (Application Layer Gateway) within Juniper Networks' Junos OS, particularly affecting SRX Series and MX Series devices equipped with SPC3 and MS-MPC/MIC. This vulnerability allows unauthenticated network-based attackers to send specially crafted packets, causing significant traffic loss that can lead to Denial of Service (DoS) conditions. If the attacker continues to send these packets, the system remains in a sustained DoS state. Device operators can monitor memory usage to detect exploitation through the command: 'show usp memory segment sha data objcache jsf'. The issue impacts various versions of Junos OS across multiple releases, emphasizing the need for immediate attention from affected users.",Juniper Networks,Junos Os,7.5,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-07-11T16:29:46.607Z,0
CVE-2024-39549,https://securityvulnerability.io/vulnerability/CVE-2024-39549,Missing Release of Memory after Effective Lifetime Vulnerability in Routing Process Daemon (rpd) Could Lead to Denial of Service (DoS),"A vulnerability present in the Routing Protocol Daemon (rpd) within Juniper Networks' Junos OS and Junos OS Evolved occurs due to inadequate memory release after processing malformed BGP Path attribute updates. This flaw allows an attacker to exploit the system by sending these bad updates, resulting in allocated memory for logging that is not correctly freed under certain conditions. As a result, this can lead to resource exhaustion and potential Denial of Service (DoS) as the Routing Protocol Daemon does not manage the consumed memory effectively. Operators can monitor memory usage using commands like 'show system memory' or 'show system monitor memory status' and must restart the rpd manually to free the consumed memory.",Juniper Networks,"Junos Os,Junos Os Evolved",7.5,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-07-11T16:27:19.238Z,0
CVE-2024-39548,https://securityvulnerability.io/vulnerability/CVE-2024-39548,Uncontrolled Resource Consumption Vulnerability Affects Juniper Networks' Junos OS Evolved,"An Uncontrolled Resource Consumption vulnerability exists within the aftmand process of Junos OS Evolved from Juniper Networks, allowing unauthorized network-based attackers to deplete system memory resources. This exploitation leads to a Denial of Service condition where affected processes fail to recover automatically, necessitating manual intervention for system restoration. The vulnerability is present in configurations using both IPv4 and IPv6 protocols, amplifying its impact on networked systems. Administrators can monitor memory usage to identify potential exploitation via specific commands. Immediate attention is required for all versions prior to the identified safe versions.",Juniper Networks,Junos Os Evolved,7.5,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-07-11T16:26:22.032Z,0
CVE-2024-39546,https://securityvulnerability.io/vulnerability/CVE-2024-39546,Privilege Escalation Vulnerability Affects Juniper Networks Junos OS Evolved,"A serious vulnerability exists in the Socket Intercept (SI) command file interface of Juniper Networks' Junos OS Evolved. This flaw allows an authenticated, low-privilege local attacker to manipulate specific files, which can lead to the execution of arbitrary commands with root privileges. The consequence of this vulnerability is potential privilege escalation, which can ultimately compromise the integrity of the affected system. Several versions of Junos OS Evolved are impacted, necessitating immediate attention for those operating prior to the specified patched versions.",Juniper Networks,Junos Os Evolved,7.3,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-07-11T16:23:56.237Z,0
CVE-2024-39545,https://securityvulnerability.io/vulnerability/CVE-2024-39545,Improper Check for Unusual or Exceptional Conditions Leads to Denial of Service (DoS) Vulnerability in Juniper Networks Junos OS,"An improper check for unusual or exceptional conditions vulnerability exists in the IKE daemon (iked) of Junos OS, utilized by Juniper Networks in its SRX Series, MX Series with SPC3, and NFX350 products. This vulnerability permits unauthenticated, network-based attackers to exploit specific mismatching parameters during the IPsec negotiation process. Successful exploitation can lead to a crash of the iked service, resulting in a Denial of Service (DoS). This vulnerability affects all platforms running the iked service, emphasizing the critical need for users to update their systems to the latest versions to mitigate potential risks.",Juniper Networks,Junos Os,7.5,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-07-11T16:22:13.915Z,0
CVE-2024-39542,https://securityvulnerability.io/vulnerability/CVE-2024-39542,"{""{\""score\"":6.5,\""description\"":\""An Improper Validation of Syntactic Correctness of Input vulnerability\""}""}","An improper validation of syntactic correctness of input in Juniper Networks' Junos OS, affecting the Packet Forwarding Engine (PFE), allows unauthenticated network-based attackers to induce a Denial-of-Service (DoS). This vulnerability manifests in two specific scenarios. The first scenario occurs when devices configured with both SFLOW and ECMP encounter specific valid transit traffic that triggers a crash in the packetio process, causing an overall failure in the forwarding control plane (FPC) until a restart is performed. This scenario is pertinent to the PTX Series but does not apply to ACX or MX Series devices. The second scenario arises when a malformed CFM packet is received on an interface configured with CFM, similarly resulting in a packetio crash and subsequent FPC failure requiring a restart. These vulnerabilities pose significant operational risks, making it crucial for users to roadmap necessary mitigations.",Juniper Networks,"Junos Os,Junos Os Evolved",7.5,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-07-11T16:17:56.613Z,0
CVE-2024-39540,https://securityvulnerability.io/vulnerability/CVE-2024-39540,Juniper Networks Junos OS Vulnerability Leads to Denial of Service,"The vulnerability in Juniper Networks' Junos OS manifests within the Packet Forwarding Engine (pfe) on SRX Series and MX Series devices equipped with SPC3. An unauthenticated, network-based attacker can exploit this flaw by sending specific valid TCP traffic, leading to a crash and restart of the pfe. This results in a complete, albeit temporary, service outage. Affected versions include releases from Junos OS 21.2R3-S5 up to but not including 21.2R3-S6. Devices running earlier or later releases remain unaffected.",Juniper Networks,Junos Os,7.5,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-07-11T16:16:37.977Z,0
CVE-2024-39531,https://securityvulnerability.io/vulnerability/CVE-2024-39531,"{""An Improper Handling of Values vulnerability in Junos OS Evolved ALLOWS a Denial-of-Service (DoS).""}","An Improper Handling of Values vulnerability exists in the Packet Forwarding Engine (PFE) of Junos OS Evolved on the Juniper ACX 7000 Series. This flaw enables a network-based, unauthenticated attacker to execute a Denial-of-Service (DoS) attack. When a value is set for DDoS bandwidth or burst parameters for specific protocols in a shared queue, all protocols using that queue inherit the modified bandwidth or burst settings. As a result, this can lead to unintentional exposure of the control plane to high traffic volumes or impose restrictive limits on certain protocols, thereby increasing the risk of successful volumetric DoS attacks.",Juniper Networks,Junos Os Evolved,7.5,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-07-11T16:04:46.412Z,0
CVE-2024-39530,https://securityvulnerability.io/vulnerability/CVE-2024-39530,Improper Check for Unusual or Exceptional Conditions in Junos OS Leads to Denial-of-Service Attack,"An Improper Check for Unusual or Exceptional Conditions vulnerability exists in the chassis management daemon (chassisd) of Juniper Networks Junos OS. This vulnerability allows an unauthenticated attacker to exploit specific sensors on platforms lacking support. When attempted via GRPC or netconf, the chassisd process will crash and subsequently restart, which can delay system functionality and disrupt access to other components. As a result, this can lead to a Denial-of-Service condition affecting all FPCs, resulting in a complete outage. Only Junos OS versions from 21.4 onward are impacted, making it crucial for users to monitor and manage their upgrade paths accordingly.",Juniper Networks,Junos Os,7.5,HIGH,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-07-11T16:04:13.075Z,0
CVE-2024-39529,https://securityvulnerability.io/vulnerability/CVE-2024-39529,Juniper Networks Junos OS Vulnerability Leads to Denial of Service,"A vulnerability exists in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS affecting the SRX Series. This vulnerability allows unauthenticated, network-based attackers to exploit a use of externally-controlled format string. When certain configurations, such as DNS Domain Generation Algorithm (DGA) detection, tunnel detection, and DNS-filtering traceoptions are enabled, the vulnerability can be triggered by specific valid transit DNS traffic. Consequently, this results in a crash and restart of the PFE, leading to a Denial-of-Service condition. Affected versions include all before 21.4R3-S6, as well as specific prior versions of 22.2, 22.3, 22.4, and 23.2.",Juniper Networks,Junos Os,7.5,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-07-11T16:03:26.980Z,0