Vulnerabilities > Juniper > Junos OS Evolved > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-14 | CVE-2022-22197 | Operation on a Resource after Expiration or Release vulnerability in Juniper Junos and Junos OS Evolved An Operation on a Resource after Expiration or Release vulnerability in the Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker with an established BGP session to cause a Denial of Service (DoS). | 4.3 |
| 2022-01-19 | CVE-2022-22164 | Improper Initialization vulnerability in Juniper Junos OS Evolved 20.4/21.1/21.2 An Improper Initialization vulnerability in Juniper Networks Junos OS Evolved may cause a commit operation for disabling the telnet service to not take effect as expected, resulting in the telnet service staying enabled. | 5.0 |
| 2022-01-19 | CVE-2022-22169 | Improper Initialization vulnerability in Juniper Junos 15.1 An Improper Initialization vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an attacker who sends specific packets in certain orders and at specific timings to force OSPFv3 to unexpectedly enter graceful-restart (GR helper mode) even though there is not any Grace-LSA received in OSPFv3 causing a Denial of Service (DoS). | 4.3 |
| 2022-01-19 | CVE-2022-22177 | Improper Handling of Exceptional Conditions vulnerability in Juniper Junos 12.3/15.1 A release of illegal memory vulnerability in the snmpd daemon of Juniper Networks Junos OS, Junos OS Evolved allows an attacker to halt the snmpd daemon causing a sustained Denial of Service (DoS) to the service until it is manually restarted. | 5.0 |
| 2021-10-19 | CVE-2021-0297 | Improper Handling of Exceptional Conditions vulnerability in Juniper Junos OS Evolved 20.3/20.4/21.1 A vulnerability in the processing of TCP MD5 authentication in Juniper Networks Junos OS Evolved may allow a BGP or LDP session configured with MD5 authentication to succeed, even if the peer does not have TCP MD5 authentication enabled. | 6.4 |
| 2021-10-19 | CVE-2021-0298 | Race Condition vulnerability in Juniper Junos OS Evolved A Race Condition in the 'show chassis pic' command in Juniper Networks Junos OS Evolved may allow an attacker to crash the port interface concentrator daemon (picd) process on the FPC, if the command is executed coincident with other system events outside the attacker's control, leading to a Denial of Service (DoS) condition. | 4.0 |
| 2021-10-19 | CVE-2021-31353 | Improper Handling of Exceptional Conditions vulnerability in Juniper Junos and Junos OS Evolved An Improper Handling of Exceptional Conditions vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an attacker to inject a specific BGP update, causing the routing protocol daemon (RPD) to crash and restart, leading to a Denial of Service (DoS). | 5.0 |
| 2021-10-19 | CVE-2021-31354 | Out-of-bounds Read vulnerability in Juniper Junos An Out Of Bounds (OOB) access vulnerability in the handling of responses by a Juniper Agile License (JAL) Client in Juniper Networks Junos OS and Junos OS Evolved, configured in Network Mode (to use Juniper Agile License Manager) may allow an attacker to cause a partial Denial of Service (DoS), or lead to remote code execution (RCE). | 5.4 |
| 2021-10-19 | CVE-2021-31374 | Unspecified vulnerability in Juniper Junos 17.3/17.4/18.1 On Juniper Networks Junos OS and Junos OS Evolved devices processing a specially crafted BGP UPDATE or KEEPALIVE message can lead to a routing process daemon (RPD) crash and restart, causing a Denial of Service (DoS). | 5.0 |
| 2021-10-19 | CVE-2021-31383 | Out-of-bounds Write vulnerability in Juniper Junos In Point to MultiPoint (P2MP) scenarios within established sessions between network or adjacent neighbors the improper use of a source to destination copy write operation combined with a Stack-based Buffer Overflow on certain specific packets processed by the routing protocol daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved sent by a remote unauthenticated network attacker causes the RPD to crash causing a Denial of Service (DoS). | 4.3 |