Vulnerabilities > Juniper > Junos OS Evolved
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-19 | CVE-2021-31374 | Unspecified vulnerability in Juniper Junos On Juniper Networks Junos OS and Junos OS Evolved devices processing a specially crafted BGP UPDATE or KEEPALIVE message can lead to a routing process daemon (RPD) crash and restart, causing a Denial of Service (DoS). | 7.5 |
| 2021-10-19 | CVE-2021-31383 | Out-of-bounds Write vulnerability in Juniper Junos and Junos OS Evolved In Point to MultiPoint (P2MP) scenarios within established sessions between network or adjacent neighbors the improper use of a source to destination copy write operation combined with a Stack-based Buffer Overflow on certain specific packets processed by the routing protocol daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved sent by a remote unauthenticated network attacker causes the RPD to crash causing a Denial of Service (DoS). | 7.5 |
| 2021-07-15 | CVE-2021-0286 | Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos OS Evolved A vulnerability in the handling of exceptional conditions in Juniper Networks Junos OS Evolved (EVO) allows an attacker to send specially crafted packets to the device, causing the Advanced Forwarding Toolkit manager (evo-aftmand-bt or evo-aftmand-zx) process to crash and restart, impacting all traffic going through the FPC, resulting in a Denial of Service (DoS). | 7.5 |
| 2021-07-15 | CVE-2021-0287 | Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos and Junos OS Evolved In a Segment Routing ISIS (SR-ISIS)/MPLS environment, on Juniper Networks Junos OS and Junos OS Evolved devices, configured with ISIS Flexible Algorithm for Segment Routing and sensor-based statistics, a flap of a ISIS link in the network, can lead to a routing process daemon (RPD) crash and restart, causing a Denial of Service (DoS). | 6.5 |
| 2021-07-15 | CVE-2021-0291 | Information Exposure vulnerability in Juniper Junos 15.1/17.3/17.4 An Exposure of System Data vulnerability in Juniper Networks Junos OS and Junos OS Evolved, where a sensitive system-level resource is not being sufficiently protected, allows a network-based unauthenticated attacker to send specific traffic which partially reaches this resource. | 6.5 |
| 2021-07-15 | CVE-2021-0292 | Resource Exhaustion vulnerability in Juniper Junos OS Evolved 19.4/20.1/20.2 An Uncontrolled Resource Consumption vulnerability in the ARP daemon (arpd) and Network Discovery Protocol (ndp) process of Juniper Networks Junos OS Evolved allows a malicious attacker on the local network to consume memory resources, ultimately resulting in a Denial of Service (DoS) condition. | 6.5 |
| 2021-04-22 | CVE-2021-0273 | Infinite Loop vulnerability in Juniper Junos 15.1/15.2/16.1 An always-incorrect control flow implementation in the implicit filter terms of Juniper Networks Junos OS and Junos OS Evolved on ACX5800, EX9200 Series, MX10000 Series, MX240, MX480, MX960 devices with affected Trio line cards allows an attacker to exploit an interdependency in the PFE UCODE microcode of the Trio chipset with various line cards to cause packets destined to the devices interfaces to cause a Denial of Service (DoS) condition by looping the packet with an unreachable exit condition ('Infinite Loop'). | 5.3 |
| 2021-04-22 | CVE-2021-0264 | Improper Handling of Exceptional Conditions vulnerability in Juniper Junos and Junos OS Evolved A vulnerability in the processing of traffic matching a firewall filter containing a syslog action in Juniper Networks Junos OS on MX Series with MPC10/MPC11 cards installed, PTX10003 and PTX10008 Series devices, will cause the line card to crash and restart, creating a Denial of Service (DoS). | 7.5 |
| 2021-04-22 | CVE-2021-0259 | Improper Handling of Exceptional Conditions vulnerability in Juniper Junos 17.3/17.4/18.1 Due to a vulnerability in DDoS protection in Juniper Networks Junos OS and Junos OS Evolved on QFX5K Series switches in a VXLAN configuration, instability might be experienced in the underlay network as a consequence of exceeding the default ddos-protection aggregate threshold. | 7.4 |
| 2021-04-22 | CVE-2021-0250 | Unspecified vulnerability in Juniper Junos In segment routing traffic engineering (SRTE) environments where the BGP Monitoring Protocol (BMP) feature is enable, a vulnerability in the Routing Protocol Daemon (RPD) process of Juniper Networks Junos OS allows an attacker to send a specific crafted BGP update message causing the RPD service to core, creating a Denial of Service (DoS) Condition. | 7.5 |