Vulnerabilities > Juniper > Junos OS Evolved > 19.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-17 | CVE-2023-28964 | Unspecified vulnerability in Juniper Junos An Improper Handling of Length Parameter Inconsistency vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a network based, unauthenticated attacker to cause an RPD crash leading to a Denial of Service (DoS). | 7.5 |
| 2023-04-17 | CVE-2023-28966 | Incorrect Default Permissions vulnerability in Juniper Junos OS Evolved An Incorrect Default Permissions vulnerability in Juniper Networks Junos OS Evolved allows a low-privileged local attacker with shell access to modify existing files or execute commands as root. | 7.8 |
| 2023-04-17 | CVE-2023-28973 | Improper Authentication vulnerability in Juniper Junos OS Evolved An Improper Authorization vulnerability in the 'sysmanctl' shell command of Juniper Networks Junos OS Evolved allows a local, authenticated attacker to execute administrative commands that could impact the integrity of the system or system availability. | 7.1 |
| 2023-01-13 | CVE-2023-22397 | Allocation of Resources Without Limits or Throttling vulnerability in Juniper Junos OS Evolved An Allocation of Resources Without Limits or Throttling weakness in the memory management of the Packet Forwarding Engine (PFE) on Juniper Networks Junos OS Evolved PTX10003 Series devices allows an adjacently located attacker who has established certain preconditions and knowledge of the environment to send certain specific genuine packets to begin a Time-of-check Time-of-use (TOCTOU) Race Condition attack which will cause a memory leak to begin. | 6.1 |
| 2023-01-13 | CVE-2023-22406 | Memory Leak vulnerability in Juniper Junos A Missing Release of Memory after Effective Lifetime vulnerability in the kernel of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS). | 6.5 |
| 2023-01-13 | CVE-2023-22407 | Incomplete Cleanup vulnerability in Juniper Junos An Incomplete Cleanup vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS). | 6.5 |
| 2022-10-18 | CVE-2022-22211 | Allocation of Resources Without Limits or Throttling vulnerability in Juniper Junos OS Evolved A limitless resource allocation vulnerability in FPC resources of Juniper Networks Junos OS Evolved on PTX Series allows an unprivileged attacker to cause Denial of Service (DoS). | 7.5 |
| 2022-10-18 | CVE-2022-22220 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Juniper Junos A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Routing Protocol Daemon (rpd) of Juniper Networks Junos OS, Junos OS Evolved allows a network-based unauthenticated attacker to cause a Denial of Service (DoS). | 5.9 |
| 2022-10-18 | CVE-2022-22224 | Unspecified vulnerability in Juniper Junos An Improper Check or Handling of Exceptional Conditions vulnerability in the processing of a malformed OSPF TLV in Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause the periodic packet management daemon (PPMD) process to go into an infinite loop, which in turn can cause protocols and functions reliant on PPMD such as OSPF neighbor reachability to be impacted, resulting in a sustained Denial of Service (DoS) condition. low complexity juniper | 6.5 |
| 2022-10-18 | CVE-2022-22225 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Juniper Junos A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated attacker with an established BGP session to cause a Denial of Service (DoS). | 5.9 |