Vulnerabilities > Juniper > Junos > High

DATE CVE VULNERABILITY TITLE RISK
2023-10-11 CVE-2023-44186 Improper Handling of Exceptional Conditions vulnerability in Juniper Junos
An Improper Handling of Exceptional Conditions vulnerability in AS PATH processing of Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a BGP update message with an AS PATH containing a large number of 4-byte ASes, leading to a Denial of Service (DoS).
network
low complexity
juniper CWE-755
7.5
2023-07-14 CVE-2023-36835 Unspecified vulnerability in Juniper Junos
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on QFX10000 Series allows a network based attacker to cause a Denial of Service (DoS). If a specific valid IP packet is received and that packet needs to be routed over a VXLAN tunnel, this will result in a PFE wedge condition due to which traffic gets impacted.
network
low complexity
juniper
7.5
2023-04-17 CVE-2023-28965 Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos
An Improper Check or Handling of Exceptional Conditions within the storm control feature of Juniper Networks Junos OS allows an attacker sending a high rate of traffic to cause a Denial of Service.
network
low complexity
juniper CWE-754
7.5
2023-01-13 CVE-2023-22393 Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos and Junos OS Evolved
An Improper Check for Unusual or Exceptional Conditions vulnerability in BGP route processing of Juniper Networks Junos OS and Junos OS Evolved allows an attacker to cause Routing Protocol Daemon (RPD) crash by sending a BGP route with invalid next-hop resulting in a Denial of Service (DoS).
network
low complexity
juniper CWE-754
7.5
2023-01-13 CVE-2023-22401 Improper Validation of Array Index vulnerability in Juniper Junos and Junos OS Evolved
An Improper Validation of Array Index vulnerability in the Advanced Forwarding Toolkit Manager daemon (aftmand) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS).
network
low complexity
juniper CWE-129
7.5
2023-01-13 CVE-2023-22417 Memory Leak vulnerability in Juniper Junos
A Missing Release of Memory after Effective Lifetime vulnerability in the Flow Processing Daemon (flowd) of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS).
network
low complexity
juniper CWE-401
7.5
2022-10-18 CVE-2022-22223 Improper Input Validation vulnerability in Juniper Junos
On QFX10000 Series devices using Juniper Networks Junos OS when configured as transit IP/MPLS penultimate hop popping (PHP) nodes with link aggregation group (LAG) interfaces, an Improper Validation of Specified Index, Position, or Offset in Input weakness allows an attacker sending certain IP packets to cause multiple interfaces in the LAG to detach causing a Denial of Service (DoS) condition.
network
low complexity
juniper CWE-20
7.5
2022-10-18 CVE-2022-22235 Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based, attacker to cause Denial of Service (DoS).
network
low complexity
juniper CWE-754
7.5
2022-10-18 CVE-2022-22246 Inclusion of Functionality from Untrusted Control Sphere vulnerability in Juniper Junos
A PHP Local File Inclusion (LFI) vulnerability in the J-Web component of Juniper Networks Junos OS may allow a low-privileged authenticated attacker to execute an untrusted PHP file.
network
low complexity
juniper CWE-829
8.8
2022-07-20 CVE-2022-22205 Unspecified vulnerability in Juniper Junos
A Missing Release of Memory after Effective Lifetime vulnerability in the Application Quality of Experience (appqoe) subsystem of the PFE of Juniper Networks Junos OS on SRX Series allows an unauthenticated network based attacker to cause a Denial of Service (DoS).
network
low complexity
juniper
7.5