Vulnerabilities > Juniper > Junos OS Evolved > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-20 | CVE-2022-22213 | Unspecified vulnerability in Juniper Junos and Junos OS Evolved A vulnerability in Handling of Undefined Values in the routing protocol daemon (RPD) process of Juniper Networks Junos OS and Junos OS Evolved may allow an unauthenticated network-based attacker to crash the RPD process by sending a specific BGP update while the system is under heavy load, leading to a Denial of Service (DoS). | 5.9 |
| 2022-07-20 | CVE-2022-22214 | Improper Input Validation vulnerability in Juniper Junos An Improper Input Validation vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent attacker to cause a PFE crash and thereby a Denial of Service (DoS). | 6.5 |
| 2022-07-20 | CVE-2022-22215 | Missing Release of Resource after Effective Lifetime vulnerability in Juniper Junos A Missing Release of File Descriptor or Handle after Effective Lifetime vulnerability in plugable authentication module (PAM) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). | 5.5 |
| 2022-04-14 | CVE-2022-22193 | Improper Handling of Unexpected Data Type vulnerability in Juniper Junos and Junos OS Evolved An Improper Handling of Unexpected Data Type vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). | 5.5 |
| 2022-04-14 | CVE-2022-22196 | Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos and Junos OS Evolved An Improper Check for Unusual or Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker with an established ISIS adjacency to cause a Denial of Service (DoS). | 6.5 |
| 2022-01-19 | CVE-2022-22164 | Improper Initialization vulnerability in Juniper Junos OS Evolved 20.4/21.1/21.2 An Improper Initialization vulnerability in Juniper Networks Junos OS Evolved may cause a commit operation for disabling the telnet service to not take effect as expected, resulting in the telnet service staying enabled. | 5.3 |
| 2022-01-19 | CVE-2022-22169 | Improper Initialization vulnerability in Juniper Junos 15.1/18.3 An Improper Initialization vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an attacker who sends specific packets in certain orders and at specific timings to force OSPFv3 to unexpectedly enter graceful-restart (GR helper mode) even though there is not any Grace-LSA received in OSPFv3 causing a Denial of Service (DoS). | 5.9 |
| 2022-01-19 | CVE-2022-22172 | Memory Leak vulnerability in Juniper Junos and Junos OS Evolved A Missing Release of Memory after Effective Lifetime vulnerability in the Layer-2 control protocols daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause a memory leak. | 6.5 |
| 2021-10-19 | CVE-2021-0297 | Improper Handling of Exceptional Conditions vulnerability in Juniper Junos OS Evolved 20.3/20.4/21.1 A vulnerability in the processing of TCP MD5 authentication in Juniper Networks Junos OS Evolved may allow a BGP or LDP session configured with MD5 authentication to succeed, even if the peer does not have TCP MD5 authentication enabled. | 6.5 |
| 2021-10-19 | CVE-2021-0298 | Race Condition vulnerability in Juniper Junos OS Evolved A Race Condition in the 'show chassis pic' command in Juniper Networks Junos OS Evolved may allow an attacker to crash the port interface concentrator daemon (picd) process on the FPC, if the command is executed coincident with other system events outside the attacker's control, leading to a Denial of Service (DoS) condition. | 4.7 |