Vulnerabilities > Juniper > Junos > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-10-18 CVE-2022-22219 Unspecified vulnerability in Juniper Junos and Junos OS Evolved
Due to the Improper Handling of an Unexpected Data Type in the processing of EVPN routes on Juniper Networks Junos OS and Junos OS Evolved, an attacker in direct control of a BGP client connected to a route reflector, or via a machine in the middle (MITM) attack, can send a specific EVPN route contained within a BGP Update, triggering a routing protocol daemon (RPD) crash, leading to a Denial of Service (DoS) condition.
network
high complexity
juniper
5.9
2022-10-18 CVE-2022-22220 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Juniper Junos
A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Routing Protocol Daemon (rpd) of Juniper Networks Junos OS, Junos OS Evolved allows a network-based unauthenticated attacker to cause a Denial of Service (DoS).
network
high complexity
juniper CWE-367
5.9
2022-10-18 CVE-2022-22224 Unspecified vulnerability in Juniper Junos
An Improper Check or Handling of Exceptional Conditions vulnerability in the processing of a malformed OSPF TLV in Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause the periodic packet management daemon (PPMD) process to go into an infinite loop, which in turn can cause protocols and functions reliant on PPMD such as OSPF neighbor reachability to be impacted, resulting in a sustained Denial of Service (DoS) condition.
low complexity
juniper
6.5
2022-10-18 CVE-2022-22225 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Juniper Junos
A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated attacker with an established BGP session to cause a Denial of Service (DoS).
network
high complexity
juniper CWE-367
5.9
2022-10-18 CVE-2022-22226 Allocation of Resources Without Limits or Throttling vulnerability in Juniper Junos
In VxLAN scenarios on EX4300-MP, EX4600, QFX5000 Series devices an Uncontrolled Memory Allocation vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated adjacently located attacker sending specific packets to cause a Denial of Service (DoS) condition by crashing one or more PFE's when they are received and processed by the device.
low complexity
juniper CWE-770
6.5
2022-10-18 CVE-2022-22230 Improper Input Validation vulnerability in Juniper Junos
An Improper Input Validation vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent unauthenticated attacker to cause DoS (Denial of Service).
low complexity
juniper CWE-20
6.5
2022-10-18 CVE-2022-22233 Unchecked Return Value vulnerability in Juniper Junos and Junos OS Evolved
An Unchecked Return Value to NULL Pointer Dereference vulnerability in Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS).
local
low complexity
juniper CWE-252
5.5
2022-10-18 CVE-2022-22234 Unspecified vulnerability in Juniper Junos
An Improper Preservation of Consistency Between Independent Representations of Shared State vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS).
local
low complexity
juniper
5.5
2022-10-18 CVE-2022-22237 Improper Authentication vulnerability in Juniper Junos
An Improper Authentication vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause an impact on confidentiality or integrity.
network
low complexity
juniper CWE-287
6.5
2022-10-18 CVE-2022-22238 Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos
An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS).
low complexity
juniper CWE-754
6.5