This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Juniper First view 2004-08-18
Product Junos Last view 2022-04-14
Version Type Os
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:o:juniper:junos:18.3:r1-s1:*:*:*:*:*:* 172
cpe:2.3:o:juniper:junos:18.3:r1:*:*:*:*:*:* 171
cpe:2.3:o:juniper:junos:18.4:r1:*:*:*:*:*:* 171
cpe:2.3:o:juniper:junos:17.4:r1:*:*:*:*:*:* 169
cpe:2.3:o:juniper:junos:18.3:-:*:*:*:*:*:* 167
cpe:2.3:o:juniper:junos:18.4:-:*:*:*:*:*:* 167
cpe:2.3:o:juniper:junos:17.4:-:*:*:*:*:*:* 165
cpe:2.3:o:juniper:junos:18.3:r1-s2:*:*:*:*:*:* 164
cpe:2.3:o:juniper:junos:18.3:r1-s3:*:*:*:*:*:* 163
cpe:2.3:o:juniper:junos:18.4:r1-s2:*:*:*:*:*:* 163
cpe:2.3:o:juniper:junos:19.1:r1:*:*:*:*:*:* 158
cpe:2.3:o:juniper:junos:17.3:-:*:*:*:*:*:* 156
cpe:2.3:o:juniper:junos:19.1:r1-s1:*:*:*:*:*:* 156
cpe:2.3:o:juniper:junos:17.3:r2:*:*:*:*:*:* 155
cpe:2.3:o:juniper:junos:18.4:r1-s1:*:*:*:*:*:* 155
cpe:2.3:o:juniper:junos:18.2:-:*:*:*:*:*:* 154
cpe:2.3:o:juniper:junos:19.2:r1:*:*:*:*:*:* 153
cpe:2.3:o:juniper:junos:17.4:r2:*:*:*:*:*:* 152
cpe:2.3:o:juniper:junos:17.4:r1-s1:*:*:*:*:*:* 152
cpe:2.3:o:juniper:junos:17.4:r1-s2:*:*:*:*:*:* 152
cpe:2.3:o:juniper:junos:19.1:r1-s2:*:*:*:*:*:* 151
cpe:2.3:o:juniper:junos:18.1:r2:*:*:*:*:*:* 151
cpe:2.3:o:juniper:junos:18.3:r2:*:*:*:*:*:* 150
cpe:2.3:o:juniper:junos:19.2:r1-s1:*:*:*:*:*:* 150
cpe:2.3:o:juniper:junos:18.4:r2:*:*:*:*:*:* 149
cpe:2.3:o:juniper:junos:17.4:r1-s4:*:*:*:*:*:* 149
cpe:2.3:o:juniper:junos:19.1:-:*:*:*:*:*:* 147
cpe:2.3:o:juniper:junos:18.1:-:*:*:*:*:*:* 147
cpe:2.3:o:juniper:junos:18.1:r2-s1:*:*:*:*:*:* 146
cpe:2.3:o:juniper:junos:18.1:r2-s2:*:*:*:*:*:* 146
cpe:2.3:o:juniper:junos:19.2:r1-s2:*:*:*:*:*:* 145
cpe:2.3:o:juniper:junos:17.3:r2-s2:*:*:*:*:*:* 145
cpe:2.3:o:juniper:junos:18.4:r2-s1:*:*:*:*:*:* 144
cpe:2.3:o:juniper:junos:19.1:r1-s3:*:*:*:*:*:* 144
cpe:2.3:o:juniper:junos:18.3:r1-s5:*:*:*:*:*:* 143
cpe:2.3:o:juniper:junos:17.4:r1-s6:*:*:*:*:*:* 143
cpe:2.3:o:juniper:junos:17.4:r1-s7:*:*:*:*:*:* 143
cpe:2.3:o:juniper:junos:17.4:r2-s1:*:*:*:*:*:* 143
cpe:2.3:o:juniper:junos:17.3:r2-s1:*:*:*:*:*:* 143
cpe:2.3:o:juniper:junos:19.2:-:*:*:*:*:*:* 143
cpe:2.3:o:juniper:junos:18.2:r1-s5:*:*:*:*:*:* 141
cpe:2.3:o:juniper:junos:18.4:r1-s5:*:*:*:*:*:* 141
cpe:2.3:o:juniper:junos:18.2:r2-s1:*:*:*:*:*:* 141
cpe:2.3:o:juniper:junos:18.3:r2-s1:*:*:*:*:*:* 141
cpe:2.3:o:juniper:junos:18.4:r2-s2:*:*:*:*:*:* 140
cpe:2.3:o:juniper:junos:19.3:r1:*:*:*:*:*:* 139
cpe:2.3:o:juniper:junos:18.3:r2-s2:*:*:*:*:*:* 139
cpe:2.3:o:juniper:junos:18.1:r3:*:*:*:*:*:* 138
cpe:2.3:o:juniper:junos:18.2:r2-s2:*:*:*:*:*:* 138
cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:* 138

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
7.5 2022-04-14 CVE-2022-22198

An Access of Uninitialized Pointer vulnerability in the SIP ALG of Juniper Networks Junos OS allows an unauthenticated network-based attacker to cause a Denial of Service (DoS). Continued receipt of these specific packets will cause a sustained Denial of Service condition. On all MX and SRX platforms, if the SIP ALG is enabled, an MS-MPC or MS-MIC, or SPC will crash if it receives a SIP message with a specific contact header format. This issue affects Juniper Networks Junos OS on MX Series and SRX Series: 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2-S1, 21.1R3; 21.2 versions prior to 21.2R2. This issue does not affect versions prior to 20.4R1.

7.5 2022-04-14 CVE-2022-22197

An Operation on a Resource after Expiration or Release vulnerability in the Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker with an established BGP session to cause a Denial of Service (DoS). This issue occurs when proxy-generate route-target filtering is enabled, and certain proxy-route add and delete events are happening. This issue affects: Juniper Networks Junos OS All versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R2-S13, 17.4R3-S4; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R1-S8, 18.4R2-S8, 18.4R3-S6; 19.1 versions prior to 19.1R3-S4; 19.2 versions prior to 19.2R1-S6, 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S1; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3; 20.1 versions prior to 20.1R2; 20.2 versions prior to 20.2R2; 20.3 versions prior to 20.3R1-S2, 20.3R2. Juniper Networks Junos OS Evolved All versions prior to 20.1R3-EVO; 20.2 versions prior to 20.2R3-EVO; 20.3 versions prior to 20.3R2-EVO.

6.5 2022-04-14 CVE-2022-22196

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker with an established ISIS adjacency to cause a Denial of Service (DoS). The rpd CPU spikes to 100% after a malformed ISIS TLV has been received which will lead to processing issues of routing updates and in turn traffic impact. This issue affects: Juniper Networks Junos OS 19.3 versions prior to 19.3R3-S4; 19.4 versions prior to 19.4R2-S6, 19.4R3-S6; 20.1 versions prior to 20.1R3-S2; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R2. Juniper Networks Junos OS Evolved All versions prior to 20.4R3-S3-EVO; 21.2 versions prior to 21.2R2-EVO. This issue does not affect Juniper Networks Junos OS versions prior to 19.3R1.

5.5 2022-04-14 CVE-2022-22193

An Improper Handling of Unexpected Data Type vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). Continued execution of this command might cause a sustained Denial of Service condition. If BGP rib sharding is configured and a certain CLI command is executed the rpd process can crash. During the rpd crash and restart, the routing protocols might be impacted and traffic disruption might be seen due to the loss of routing information. This issue affects: Juniper Networks Junos OS 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R2. Juniper Networks Junos OS Evolved 20.4 versions prior to 20.4R3-EVO; 21.1 versions prior to 21.1R3-EVO; 21.2 versions prior to 21.2R2-EVO. This issue does not affect: Juniper Networks Junos OS versions prior to 20.3R1. Juniper Networks Junos OS Evolved versions prior to 20.3R1-EVO.

6.5 2022-04-14 CVE-2022-22191

A Denial of Service (DoS) vulnerability in the processing of a flood of specific ARP traffic in Juniper Networks Junos OS on the EX4300 switch, sent from the local broadcast domain, may allow an unauthenticated network-adjacent attacker to trigger a PFEMAN watchdog timeout, causing the Packet Forwarding Engine (PFE) to crash and restart. After the restart, transit traffic will be temporarily interrupted until the PFE is reprogrammed. In a virtual chassis (VC), the impacted Flexible PIC Concentrator (FPC) may split from the VC temporarily, and join back into the VC once the PFE restarts. Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS on the EX4300: All versions prior to 15.1R7-S12; 18.4 versions prior to 18.4R2-S10, 18.4R3-S11; 19.1 versions prior to 19.1R3-S8; 19.2 versions prior to 19.2R1-S9, 19.2R3-S4; 19.3 versions prior to 19.3R3-S5; 19.4 versions prior to 19.4R2-S6, 19.4R3-S7; 20.1 versions prior to 20.1R3-S3; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S2; 20.4 versions prior to 20.4R3-S1; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R2-S1, 21.2R3; 21.3 versions prior to 21.3R1-S2, 21.3R2.

7.5 2022-04-14 CVE-2022-22188

An Uncontrolled Memory Allocation vulnerability leading to a Heap-based Buffer Overflow in the packet forwarding engine (PFE) of Juniper Networks Junos OS allows a network-based unauthenticated attacker to flood the device with traffic leading to a Denial of Service (DoS). The device must be configured with storm control profiling limiting the number of unknown broadcast, multicast, or unicast traffic to be vulnerable to this issue. This issue affects: Juniper Networks Junos OS on QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650 Series; 20.2 version 20.2R1 and later versions prior to 20.2R2. This issue does not affect: Juniper Networks Junos OS versions prior to 20.2R1.

6.5 2022-04-14 CVE-2022-22186

Due to an Improper Initialization vulnerability in Juniper Networks Junos OS on EX4650 devices, packets received on the management interface (em0) but not destined to the device, may be improperly forwarded to an egress interface, instead of being discarded. Such traffic being sent by a client may appear genuine, but is non-standard in nature and should be considered as potentially malicious. This issue affects: Juniper Networks Junos OS on EX4650 Series: All versions prior to 19.1R3-S8; 19.2 versions prior to 19.2R3-S5; 19.3 versions prior to 19.3R3-S5; 19.4 versions prior to 19.4R3-S7; 20.1 versions prior to 20.1R3-S3; 20.2 versions prior to 20.2R3-S4; 20.3 versions prior to 20.3R3-S3; 20.4 versions prior to 20.4R3-S2; 21.1 versions prior to 21.1R3-S1; 21.2 versions prior to 21.2R3; 21.3 versions prior to 21.3R2; 21.4 versions prior to 21.4R2; 22.1 versions prior to 22.1R1.

7.5 2022-04-14 CVE-2022-22185

A vulnerability in Juniper Networks Junos OS on SRX Series, allows a network-based unauthenticated attacker to cause a Denial of Service (DoS) by sending a specific fragmented packet to the device, resulting in a flowd process crash, which is responsible for packet forwarding. Continued receipt and processing of this specific packet will create a sustained DoS condition. This issue only affects SRX Series when 'preserve-incoming-fragment-size' feature is enabled. This issue affects Juniper Networks Junos OS on SRX Series: 18.3 versions prior to 18.3R3-S6; 18.4 versions prior to 18.4R3-S10; 19.1 versions prior to 19.1R3-S7; 19.2 versions prior to 19.2R3-S4; 19.3 versions prior to 19.3R3-S4; 19.4 versions prior to 19.4R3-S6; 20.1 versions prior to 20.1R3-S2; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2-S1, 21.1R3; 21.2 versions prior to 21.2R2. This issue does not affect Juniper Networks Junos OS prior to 17.3R1.

6.1 2022-04-14 CVE-2022-22182

A Cross-site Scripting (XSS) vulnerability in Juniper Networks Junos OS J-Web allows an attacker to construct a URL that when visited by another user enables the attacker to execute commands with the target's permissions, including an administrator. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S19; 15.1 versions prior to 15.1R7-S10; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R2-S10, 18.4R3-S9; 19.1 versions prior to 19.1R2-S3, 19.1R3-S6; 19.2 versions prior to 19.2R1-S8, 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R3-S2; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R2-S2, 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2; 21.2 versions prior to 21.2R1-S1, 21.2R2.

5.4 2022-04-14 CVE-2022-22181

A reflected Cross-site Scripting (XSS) vulnerability in J-Web of Juniper Networks Junos OS allows a network-based authenticated attacker to run malicious scripts reflected off J-Web to the victim's browser in the context of their session within J-Web. This may allow the attacker to gain control of the device or attack other authenticated user sessions. This issue affects: Juniper Networks Junos OS All versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R3-S9; 19.1 versions prior to 19.1R3-S6; 19.2 versions prior to 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R3-S4; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2.

7.5 2022-01-19 CVE-2022-22180

An Improper Check for Unusual or Exceptional Conditions vulnerability in the processing of specific IPv6 packets on certain EX Series devices may lead to exhaustion of DMA memory causing a Denial of Service (DoS). Over time, exploitation of this vulnerability may cause traffic to stop being forwarded, or a crash of the fxpc process. An indication of the issue occurring may be observed through the following log messages: Sep 13 17:14:59 hostname : %PFE-3: fpc0 (buf alloc) failed allocating packet buffer Sep 13 17:14:59 hostname : %PFE-7: fpc0 brcm_pkt_buf_alloc:393 (buf alloc) failed allocating packet buffer When Packet DMA heap utilization reaches 99%, the system will become unstable. Packet DMA heap utilization can be monitored using the command: user@junos# request pfe execute target fpc0 timeout 30 command "show heap" ID Base Total(b) Free(b) Used(b) % Name -- ---------- ----------- ----------- ----------- --- ----------- 0 213301a8 536870488 387228840 149641648 27 Kernel 1 91800000 8388608 3735120 4653488 55 DMA 2 92000000 75497472 74452192 1045280 1 PKT DMA DESC 3 d330000 335544320 257091400 78452920 23 Bcm_sdk 4 96800000 184549376 2408 184546968 99 Packet DMA <<<< 5 903fffe0 20971504 20971504 0 0 Blob This issue affects: Juniper Networks Junos OS 18.4 versions prior to 18.4R2-S10, 18.4R3-S10 on EX2300 Series, EX2300-MP Series, EX3400 Series; 19.1 versions prior to 19.1R3-S7 on EX2300 Series, EX2300-MP Series, EX3400 Series; 19.2 versions prior to 19.2R1-S8, 19.2R3-S4 on EX2300 Series, EX2300-MP Series, EX3400 Series; 19.3 versions prior to 19.3R3-S5 on EX2300 Series, EX2300-MP Series, EX3400 Series; 19.4 versions prior to 19.4R3-S7 on EX2300 Series, EX2300-MP Series, EX3400 Series; 20.1 versions prior to 20.1R3-S3 on EX2300 Series, EX2300-MP Series, EX3400 Series; 20.2 versions prior to 20.2R3-S3 on EX2300 Series, EX2300-MP Series, EX3400 Series; 20.3 versions prior to 20.3R3-S2 on EX2300 Series, EX2300-MP Series, EX3400 Series; 20.4 versions prior to 20.4R3-S1 on EX2300 Series, EX2300-MP Series, EX3400 Series; 21.1 versions prior to 21.1R2-S2, 21.1R3 on EX2300 Series, EX2300-MP Series, EX3400 Series; 21.2 versions prior to 21.2R1-S2, 21.2R2 on EX2300 Series, EX2300-MP Series, EX3400 Series; 21.3 versions prior to 21.3R1-S1, 21.3R2 on EX2300 Series, EX2300-MP Series, EX3400 Series.

6.5 2022-01-19 CVE-2022-22179

A Improper Validation of Specified Index, Position, or Offset in Input vulnerability in the Juniper DHCP daemon (jdhcpd) of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to cause a crash of jdhcpd and thereby a Denial of Service (DoS). In a scenario where DHCP relay or local server is configured the problem can be triggered if a DHCPv4 packet with specific options is received leading to a corruption of the options read from the packet. This corruption can then lead to jdhcpd crash and restart. This issue affects: Juniper Networks Junos OS 17.4R1 and later versions prior to 18.4R3-S10; 19.1 versions prior to 19.1R3-S7; 19.2 versions prior to 19.2R1-S8, 19.2R3-S4; 19.3 versions prior to 19.3R3-S4; 19.4 versions prior to 19.4R3-S6; 20.1 versions prior to 20.1R3-S2; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S2; 20.4 versions prior to 20.4R3-S1; 21.1 versions prior to 21.1R2-S2, 21.1R3; 21.2 versions prior to 21.2R1-S2, 21.2R2, 21.2R3; 21.3 versions prior to 21.3R1-S1, 21.3R2.

7.5 2022-01-19 CVE-2022-22178

A Stack-based Buffer Overflow vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on MX Series and SRX series allows an unauthenticated networked attacker to cause a flowd crash and thereby a Denial of Service (DoS). Continued receipt of these specific packets will cause a sustained Denial of Service condition. This issue can be triggered by a specific Session Initiation Protocol (SIP) invite packet if the SIP ALG is enabled. Due to this, the PIC will be rebooted and all traffic that traverses the PIC will be dropped. This issue affects: Juniper Networks Junos OS 20.4 versions prior to 20.4R3-S2; 21.1 versions prior to 21.1R2-S1, 21.1R3; 21.2 versions prior to 21.2R2; 21.3 versions prior to 21.3R2. This issue does not affect Juniper Networks Junos OS versions prior to 20.4R1.

7.5 2022-01-19 CVE-2022-22177

A release of illegal memory vulnerability in the snmpd daemon of Juniper Networks Junos OS, Junos OS Evolved allows an attacker to halt the snmpd daemon causing a sustained Denial of Service (DoS) to the service until it is manually restarted. This issue impacts any version of SNMP – v1,v2, v3 This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S20; 15.1 versions prior to 15.1R7-S11; 18.3 versions prior to 18.3R3-S6; 18.4 versions prior to 18.4R2-S9, 18.4R3-S10; 19.1 versions prior to 19.1R2-S3, 19.1R3-S7; 19.2 versions prior to 19.2R1-S8, 19.2R3-S4; 19.3 versions prior to 19.3R3-S4; 19.4 versions prior to 19.4R2-S5, 19.4R3-S6; 20.1 versions prior to 20.1R3-S2; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2-S2, 21.1R3; 21.2 versions prior to 21.2R1-S2, 21.2R2. Juniper Networks Junos OS Evolved 21.2 versions prior to 21.2R3-EVO; 21.3 versions prior to 21.3R2-EVO.

6.5 2022-01-19 CVE-2022-22176

An Improper Validation of Syntactic Correctness of Input vulnerability in the Juniper DHCP daemon (jdhcpd) of Juniper Networks Junos OS allows an adjacent unauthenticated attacker sending a malformed DHCP packet to cause a crash of jdhcpd and thereby a Denial of Service (DoS). If option-82 is configured in a DHCP snooping / -security scenario, jdhcpd crashes if a specific malformed DHCP request packet is received. The DHCP functionality is impacted while jdhcpd restarts, and continued exploitation of the vulnerability will lead to the unavailability of the DHCP service and thereby a sustained DoS. This issue affects Juniper Networks Junos OS 13.2 version 13.2R1 and later versions prior to 15.1R7-S11; 18.3 versions prior to 18.3R3-S6; 18.4 versions prior to 18.4R2-S9, 18.4R3-S10; 19.1 versions prior to 19.1R2-S3, 19.1R3-S7; 19.2 versions prior to 19.2R1-S8, 19.2R3-S4; 19.3 versions prior to 19.3R2-S7, 19.3R3-S4; 19.4 versions prior to 19.4R3-S6; 20.1 versions prior to 20.1R3-S3; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2-S1, 21.1R3; 21.2 versions prior to 21.2R1-S1, 21.2R2. This issue does not affect Juniper Networks Junos OS version 12.3R12 and prior versions.

7.5 2022-01-19 CVE-2022-22175

An Improper Locking vulnerability in the SIP ALG of Juniper Networks Junos OS on MX Series and SRX Series allows an unauthenticated networked attacker to cause a flowprocessing daemon (flowd) crash and thereby a Denial of Service (DoS). Continued receipt of these specific packets will cause a sustained Denial of Service condition. This issue can occur in a scenario where the SIP ALG is enabled and specific SIP messages are being processed simultaneously. This issue affects: Juniper Networks Junos OS on MX Series and SRX Series 20.4 versions prior to 20.4R3-S1; 21.1 versions prior to 21.1R2-S2, 21.1R3; 21.2 versions prior to 21.2R1-S2, 21.2R2; 21.3 versions prior to 21.3R1-S1, 21.3R2. This issue does not affect Juniper Networks Junos OS versions prior to 20.4R1.

7.5 2022-01-19 CVE-2022-22174

A vulnerability in the processing of inbound IPv6 packets in Juniper Networks Junos OS on QFX5000 Series and EX4600 switches may cause the memory to not be freed, leading to a packet DMA memory leak, and eventual Denial of Service (DoS) condition. Once the condition occurs, further packet processing will be impacted, creating a sustained Denial of Service (DoS) condition. The following error logs may be observed using the "show heap" command and the device may eventually run out of memory if such packets are received continuously. Jan 12 12:00:00 device-name fpc0 (buf alloc) failed allocating packet buffer Jan 12 12:00:01 device-name fpc0 (buf alloc) failed allocating packet buffer user@device-name> request pfe execute target fpc0 timeout 30 command "show heap" ID Base Total(b) Free(b) Used(b) % Name -- ---------- ----------- ----------- ----------- --- ----------- 0 246fc1a8 536870488 353653752 183216736 34 Kernel 1 91800000 16777216 12069680 4707536 28 DMA 2 92800000 75497472 69997640 5499832 7 PKT DMA DESC 3 106fc000 335544320 221425960 114118360 34 Bcm_sdk 4 97000000 176160768 200 176160568 99 Packet DMA <<<<<<<<<<<<<< 5 903fffe0 20971504 20971504 0 0 Blob This issue affects Juniper Networks Junos OS on QFX5000 Series, EX4600: 18.3R3 versions prior to 18.3R3-S6; 18.4 versions prior to 18.4R2-S9, 18.4R3-S9; 19.1 versions prior to 19.1R2-S3, 19.1R3-S7; 19.2 versions prior to 19.2R1-S8, 19.2R3-S3; 19.3 versions prior to 19.3R2-S7, 19.3R3-S4; 19.4 versions prior to 19.4R2-S5, 19.4R3-S6; 20.1 versions prior to 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2-S1, 21.1R3; 21.2 versions prior to 21.2R1-S1, 21.2R2. This issue does not affect Juniper Networks Junos OS: Any versions prior to 17.4R3; 18.1 versions prior to 18.1R3-S6; 18.2 versions prior to 18.2R3; 18.3 versions prior to 18.3R3; 18.4 versions prior to 18.4R2; 19.1 versions prior to 19.1R2.

7.5 2022-01-19 CVE-2022-22173

A Missing Release of Memory after Effective Lifetime vulnerability in the Public Key Infrastructure daemon (pkid) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause Denial of Service (DoS). In a scenario where Public Key Infrastructure (PKI) is used in combination with Certificate Revocation List (CRL), if the CRL fails to download the memory allocated to store the CRL is not released. Repeated occurrences will eventually consume all available memory and lead to an inoperable state of the affected system causing a DoS. This issue affects Juniper Networks Junos OS: All versions prior to 18.3R3-S6; 18.4 versions prior to 18.4R2-S9, 18.4R3-S10; 19.1 versions prior to 19.1R2-S3, 19.1R3-S7; 19.2 versions prior to 19.2R1-S8, 19.2R3-S4; 19.3 versions prior to 19.3R3-S4; 19.4 versions prior to 19.4R2-S5, 19.4R3-S5; 20.1 versions prior to 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2, 21.1R3; 21.2 versions prior to 21.2R1-S1, 21.2R2. This issue can be observed by monitoring the memory utilization of the pkid process via: root@jtac-srx1500-r2003> show system processes extensive | match pki 20931 root 20 0 733M 14352K select 0:00 0.00% pkid which increases over time: root@jtac-srx1500-r2003> show system processes extensive | match pki 22587 root 20 0 901M 181M select 0:03 0.00% pkid

6.5 2022-01-19 CVE-2022-22172

A Missing Release of Memory after Effective Lifetime vulnerability in the Layer-2 control protocols daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause a memory leak. Continued exploitation can lead to memory exhaustion and thereby a Denial of Service (DoS). This issue occurs when specific LLDP packets are received. The impact of the l2cpd cores is that if any of the stp protocols (rstp, mstp or vstp) is used then stp re-converges and traffic loss will occur during that time. Also if any services depend on LLDP state (like PoE or VoIP device recognition) then these will also be affected. The memory utilization of the L2CPd process can be monitored with the following command: user@host> show system processes extensive | match l2cpd 1234 root 52 0 521M 43412K RUN 1 4:02 34.47% l2cpd This issue affects: Juniper Networks Junos OS 18.4 version 18.4R2-S4 and later versions prior to 18.4R2-S10. 19.2 versions prior to 19.2R1-S8, 19.2R3-S4; 19.3 versions prior to 19.3R3-S5; 19.4 versions prior to 19.4R3-S7; 20.1 versions prior to 20.1R3-S3; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2-S2, 21.1R3; 21.2 versions prior to 21.2R2; Juniper Networks Junos OS Evolved All versions prior to 20.4R3-S2-EVO; 21.1 version 21.1R1-EVO and later versions; 21.2 versions prior to 21.2R2-EVO. This issue does not affect: Juniper Networks Junos OS 19.1 version 19.1R1 and later versions.

7.5 2022-01-19 CVE-2022-22171

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a Denial of Service (DoS) by sending specific packets over VXLAN which cause the PFE to reset. This issue affects: Juniper Networks Junos OS 19.4 versions prior to 19.4R3-S7; 20.1 versions prior to 20.1R3-S3; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S2; 20.4 versions prior to 20.4R3-S1; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R2; 21.3 versions prior to 21.3R1-S1, 21.3R2. This issue does not affect versions of Junos OS prior to 19.4R1.

7.5 2022-01-19 CVE-2022-22170

A Missing Release of Resource after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a Denial of Service (DoS) by sending specific packets over VXLAN which cause heap memory to leak and on exhaustion the PFE to reset. The heap memory utilization can be monitored with the command: user@host> show chassis fpc This issue affects: Juniper Networks Junos OS 19.4 versions prior to 19.4R2-S6, 19.4R3-S6; 20.1 versions prior to 20.1R3-S2; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R2. This issue does not affect versions of Junos OS prior to 19.4R1.

5.9 2022-01-19 CVE-2022-22169

An Improper Initialization vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an attacker who sends specific packets in certain orders and at specific timings to force OSPFv3 to unexpectedly enter graceful-restart (GR helper mode) even though there is not any Grace-LSA received in OSPFv3 causing a Denial of Service (DoS). Unexpectedly entering GR helper mode might cause the OSPFv3 neighbor adjacency formed on this interface to be stuck in the "INIT" state which can be observed by issuing the following command: user@device> show ospf3 neighbor ID Interface State xx.xx.xx.xx ae100.0 Init <<<<<<<<<< An indicator of compromise can be seen in log files when traceoptions for OSPFv3 are enabled before the issue occurs. These logfile messages are as follows: OSPF restart signaling: Received hello with LR bit set from nbr ip=xx::xx id=xx.xx.xx.xx. Set oob-resync capabilty 1. OSPF Restart Signaling: Start helper mode for nbr ip xx::xx id xx.xx.xx.xx OSPF restart signaling: abort helper mode for nbr ip=xx::xx id=xx.xx.xx.xx OSPF neighbor xx::xx (realm ipv6-unicast area xx.xx.xx.xx) state changed from Full to Init due to 1WayRcvd (event reason: neighbor is in one-way mode) (nbr helped: 0) This issue affects: Juniper Networks Junos OS. 15.1 versions prior to 15.1R7-S11; 18.3 versions prior to 18.3R3-S6; 18.4 versions prior to 18.4R2-S9, 18.4R3-S10; 19.1 versions prior to 19.1R2-S3, 19.1R3-S7; 19.2 versions prior to 19.2R1-S7, 19.2R3-S4; 19.3 versions prior to 19.3R2-S7, 19.3R3-S4; 19.4 versions prior to 19.4R3-S6; 20.1 versions prior to 20.1R3-S1; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R2-S2, 20.4R3; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R1-S1, 21.2R2. This issue does not affect any version of Juniper Networks Junos OS 12.3. This issue affects Juniper Networks Junos OS Evolved all versions prior to 21.2R2-EVO.

6.5 2022-01-19 CVE-2022-22168

An Improper Validation of Specified Type of Input vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated adjacent attacker to trigger a Missing Release of Memory after Effective Lifetime vulnerability. Continued exploitation of this vulnerability will eventually lead to an FPC reboot and thereby a Denial of Service (DoS). This issue affects: Juniper Networks Junos OS on vMX and MX150: All versions prior to 19.2R1-S8, 19.2R3-S4; 19.3 versions prior to 19.3R3-S5; 19.4 versions prior to 19.4R2-S5, 19.4R3-S6; 20.1 versions prior to 20.1R3-S2; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2-S1, 21.1R3; 21.2 versions prior to 21.2R1-S1, 21.2R2; 21.3 versions prior to 21.3R1-S1, 21.3R2.

9.8 2022-01-19 CVE-2022-22167

A traffic classification vulnerability in Juniper Networks Junos OS on the SRX Series Services Gateways may allow an attacker to bypass Juniper Deep Packet Inspection (JDPI) rules and access unauthorized networks or resources, when 'no-syn-check' is enabled on the device. While JDPI correctly classifies out-of-state asymmetric TCP flows as the dynamic-application UNKNOWN, this classification is not provided to the policy module properly and hence traffic continues to use the pre-id-default-policy, which is more permissive, causing the firewall to allow traffic to be forwarded that should have been denied. This issue only occurs when 'set security flow tcp-session no-syn-check' is configured on the device. This issue affects Juniper Networks Junos OS on SRX Series: 18.4 versions prior to 18.4R2-S10, 18.4R3-S10; 19.1 versions prior to 19.1R3-S8; 19.2 versions prior to 19.2R1-S8, 19.2R3-S4; 19.3 versions prior to 19.3R3-S3; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R2-S2, 20.4R3; 21.1 versions prior to 21.1R2-S2, 21.1R3; 21.2 versions prior to 21.2R2. This issue does not affect Juniper Networks Junos OS versions prior to 18.4R1.

6.5 2022-01-19 CVE-2022-22166

An Improper Validation of Specified Quantity in Input vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause an rdp crash and thereby a Denial of Service (DoS). If a BGP update message is received over an established BGP session where a BGP SR-TE policy tunnel attribute is malformed and BGP update tracing flag is enabled, the rpd will core. This issue can happen with any BGP session as long as the previous conditions are met. This issue can not propagate as the crash occurs as soon as the malformed update is received. This issue affects Juniper Networks Junos OS: 20.4 versions prior to 20.4R3-S1; 21.1 versions prior to 21.1R2-S2, 21.1R3. This issue does not affect Juniper Networks Junos OS versions prior to 20.4R1.

CWE : Common Weakness Enumeration

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
%idName
17% (61) CWE-20 Improper Input Validation
8% (30) CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
5% (18) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
5% (17) CWE-754 Improper Check for Unusual or Exceptional Conditions
4% (15) CWE-755 Improper Handling of Exceptional Conditions
4% (14) CWE-399 Resource Management Errors
3% (13) CWE-401 Failure to Release Memory Before Removing Last Reference ('Memory L...
3% (12) CWE-287 Improper Authentication
3% (11) CWE-362 Race Condition
3% (11) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
2% (8) CWE-770 Allocation of Resources Without Limits or Throttling
2% (8) CWE-269 Improper Privilege Management
2% (8) CWE-200 Information Exposure
2% (7) CWE-772 Missing Release of Resource after Effective Lifetime
1% (6) CWE-798 Use of Hard-coded Credentials
1% (6) CWE-264 Permissions, Privileges, and Access Controls
1% (5) CWE-665 Improper Initialization
1% (5) CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflo...
1% (5) CWE-78 Improper Sanitization of Special Elements used in an OS Command ('O...
1% (5) CWE-77 Improper Sanitization of Special Elements used in a Command ('Comma...
1% (5) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...
1% (5) CWE-19 Data Handling
1% (4) CWE-787 Out-of-bounds Write
0% (3) CWE-476 NULL Pointer Dereference
0% (3) CWE-416 Use After Free

Oval Markup Language : Definitions

OvalID Name
oval:org.mitre.oval:def:5711 Cisco Systems Spoofed TCP Reset and SYN Denial of Service Vulnerability
oval:org.mitre.oval:def:4791 Win2k Large Window Size TCP RST Denial of Service
oval:org.mitre.oval:def:3508 WinXP Large Window Size TCP RST Denial of Service
oval:org.mitre.oval:def:270 TCP Connection Reset Vulnerability
oval:org.mitre.oval:def:2689 Server 2003 Large Window Size TCP RST Denial of Service
oval:org.mitre.oval:def:28134 Critical Patch Update January 2015

Open Source Vulnerability Database (OSVDB)

id Description
60993 Juniper Multiple Products ISAKMP Protocol Unspecified Malformed Input Remote ...
58515 Juniper Junos J-Web Interface Multiple Script m[] Parameter XSS
58514 Juniper Junos J-Web Interface /script.php Multiple Parameter XSS
58513 Juniper Junos J-Web Interface /configuration Multiple Parameter XSS
58512 Juniper Junos J-Web Interface /diagnose Multiple Parameter XSS
58511 Juniper Junos J-Web Interface Default URI PATH_INFO Parameter XSS
45434 Yamaha Routers Malformed BGP Update Message Remote DoS
45433 Hitachi GR Routers Malformed BGP Update Message Remote DoS
45432 AlaxalA AX Routers Malformed BGP Update Message Remote DoS
45431 Century Routers Malformed BGP Update Message Remote DoS
45430 Avici Routers Malformed BGP Update Message Remote DoS
44947 ALAXALA Networks AX Series Malformed BGP Update Message Remote DoS
44942 Hitachi GR Series Malformed BGP Update Message Remote DoS
39158 Juniper Junos IPv6 Traffic Handling Unspecified Remote Overflow DoS
39157 Juniper Junos Malformed BGP Update Message Remote DoS
27132 Juniper Junos IPv6 Packet Handling Memory Consumption Remote DoS
13619 SCO UnixWare / OpenServer TCP RST Injection DoS
13196 Juniper Junos Unspecified Packet Processing Remote DoS
7295 Juniper Junos IPv6 Packet Forwarding Engine Remote DoS
4030 TCP/IP Sequence Prediction Blind Reset Spoofing DoS

OpenVAS Exploits

id Description
2012-03-01 Name : TCP Sequence Number Approximation Reset Denial of Service Vulnerability
File : nvt/secpod_tcp_sequence_approx_dos_vuln.nasl
2011-11-21 Name : Microsoft Windows Internet Protocol Validation Remote Code Execution Vulnerab...
File : nvt/secpod_ms_windows_ip_validation_code_exec_vuln.nasl
0000-00-00 Name : Junos CVE-2004-0468
File : nvt/gb_junos_cve-2004-0468.nasl
0000-00-00 Name : Junos CVE-2009-3485
File : nvt/gb_junos_cve-2009-3485.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2015-A-0148 Multiple Vulnerabilities in Juniper JUNOS OS
Severity: Category I - VMSKEY: V0061071
2014-A-0108 Multiple Vulnerabilities in Juniper Junos OS
Severity: Category I - VMSKEY: V0053185
2014-A-0053 Multiple Vulnerabilities in Juniper Network JUNOS
Severity: Category I - VMSKEY: V0049589
2014-A-0003 Multiple Vulnerabilities in Juniper Networks JUNOS
Severity: Category I - VMSKEY: V0043408
2013-A-0194 Multiple Vulnerabilities in Juniper Networks JUNOS
Severity: Category I - VMSKEY: V0040788
2012-A-0136 Multiple Vulnerabilities in Juniper Network Management Products
Severity: Category I - VMSKEY: V0033662

Snort® IPS/IDS

Date Description
2018-06-05 DHCP cross site scripting attempt
RuleID : 46533 - Type : SERVER-WEBAPP - Revision : 2
2014-01-10 BGP spoofed connection reset attempt
RuleID : 2523-community - Type : SERVER-OTHER - Revision : 15
2014-01-10 BGP spoofed connection reset attempt
RuleID : 2523 - Type : SERVER-OTHER - Revision : 15

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2019-01-16 Name: The remote device is missing a vendor-supplied security patch.
File: juniper_jsa10911.nasl - Type: ACT_GATHER_INFO
2019-01-11 Name: The remote device is missing a vendor-supplied security patch.
File: juniper_jsa10903.nasl - Type: ACT_GATHER_INFO
2019-01-11 Name: The remote device is missing a vendor-supplied security patch.
File: juniper_jsa10912.nasl - Type: ACT_GATHER_INFO
2019-01-11 Name: The remote device is missing a vendor-supplied security patch.
File: juniper_jsa10914.nasl - Type: ACT_GATHER_INFO
2019-01-10 Name: The remote device is missing a vendor-supplied security patch.
File: juniper_jsa10906.nasl - Type: ACT_GATHER_INFO
2018-10-19 Name: The remote device is missing a vendor-supplied security patch.
File: juniper_jsa10877.nasl - Type: ACT_GATHER_INFO
2018-10-19 Name: The remote device is missing a vendor-supplied security patch.
File: juniper_jsa10882.nasl - Type: ACT_GATHER_INFO
2018-07-20 Name: The remote device is missing a vendor-supplied security patch.
File: juniper_jsa10857.nasl - Type: ACT_GATHER_INFO
2018-07-20 Name: The remote device is missing a vendor-supplied security patch.
File: juniper_jsa10858.nasl - Type: ACT_GATHER_INFO
2018-07-20 Name: The remote device is missing a vendor-supplied security patch.
File: juniper_jsa10859.nasl - Type: ACT_GATHER_INFO
2018-07-20 Name: The remote device is missing a vendor-supplied security patch.
File: juniper_jsa10861.nasl - Type: ACT_GATHER_INFO
2018-04-20 Name: The remote device is missing a vendor-supplied security patch.
File: juniper_jsa10844.nasl - Type: ACT_GATHER_INFO
2018-04-20 Name: The remote device is missing a vendor-supplied security patch.
File: juniper_jsa10845.nasl - Type: ACT_GATHER_INFO
2018-04-20 Name: The remote device is missing a vendor-supplied security patch.
File: juniper_jsa10846.nasl - Type: ACT_GATHER_INFO
2018-04-20 Name: The remote device is missing a vendor-supplied security patch.
File: juniper_jsa10847.nasl - Type: ACT_GATHER_INFO
2018-04-20 Name: The remote device is missing a vendor-supplied security patch.
File: juniper_jsa10848.nasl - Type: ACT_GATHER_INFO
2018-04-20 Name: The remote device is missing a vendor-supplied security patch.
File: juniper_jsa10854.nasl - Type: ACT_GATHER_INFO
2018-04-20 Name: The remote device is missing a vendor-supplied security patch.
File: juniper_jsa10855.nasl - Type: ACT_GATHER_INFO
2018-01-26 Name: The remote device is missing a vendor-supplied security patch.
File: juniper_jsa10828.nasl - Type: ACT_GATHER_INFO
2018-01-26 Name: The remote device is missing a vendor-supplied security patch.
File: juniper_jsa10829.nasl - Type: ACT_GATHER_INFO
2018-01-26 Name: The remote device is missing a vendor-supplied security patch.
File: juniper_jsa10830.nasl - Type: ACT_GATHER_INFO
2018-01-26 Name: The remote device is missing a vendor-supplied security patch.
File: juniper_jsa10831.nasl - Type: ACT_GATHER_INFO
2018-01-26 Name: The remote device is missing a vendor-supplied security patch.
File: juniper_jsa10832.nasl - Type: ACT_GATHER_INFO
2018-01-26 Name: The remote device is missing a vendor-supplied security patch.
File: juniper_jsa10833.nasl - Type: ACT_GATHER_INFO
2018-01-26 Name: The remote device is missing a vendor-supplied security patch.
File: juniper_jsa10834.nasl - Type: ACT_GATHER_INFO