Vulnerabilities > Juniper > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-18 | CVE-2022-22223 | Improper Input Validation vulnerability in Juniper Junos On QFX10000 Series devices using Juniper Networks Junos OS when configured as transit IP/MPLS penultimate hop popping (PHP) nodes with link aggregation group (LAG) interfaces, an Improper Validation of Specified Index, Position, or Offset in Input weakness allows an attacker sending certain IP packets to cause multiple interfaces in the LAG to detach causing a Denial of Service (DoS) condition. | 7.5 |
| 2022-10-18 | CVE-2022-22235 | Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based, attacker to cause Denial of Service (DoS). | 7.5 |
| 2022-10-18 | CVE-2022-22239 | Improper Privilege Management vulnerability in Juniper Junos OS Evolved An Execution with Unnecessary Privileges vulnerability in Management Daemon (mgd) of Juniper Networks Junos OS Evolved allows a locally authenticated attacker with low privileges to escalate their privileges on the device and potentially remote systems. | 8.8 |
| 2022-10-18 | CVE-2022-22246 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Juniper Junos A PHP Local File Inclusion (LFI) vulnerability in the J-Web component of Juniper Networks Junos OS may allow a low-privileged authenticated attacker to execute an untrusted PHP file. | 8.8 |
| 2022-07-20 | CVE-2022-22205 | Unspecified vulnerability in Juniper Junos A Missing Release of Memory after Effective Lifetime vulnerability in the Application Quality of Experience (appqoe) subsystem of the PFE of Juniper Networks Junos OS on SRX Series allows an unauthenticated network based attacker to cause a Denial of Service (DoS). | 7.5 |
| 2022-07-20 | CVE-2022-22206 | Unspecified vulnerability in Juniper Junos A Buffer Overflow vulnerability in the PFE of Juniper Networks Junos OS on SRX series allows an unauthenticated network based attacker to cause a Denial of Service (DoS). | 7.5 |
| 2022-07-20 | CVE-2022-22207 | Unspecified vulnerability in Juniper Junos A Use After Free vulnerability in the Advanced Forwarding Toolkit (AFT) manager process (aftmand) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a kernel crash due to intensive polling of Abstracted Fabric (AF) interface statistics and thereby a Denial of Service (DoS). | 7.5 |
| 2022-07-20 | CVE-2022-22209 | Unspecified vulnerability in Juniper Junos 21.2/21.3/21.4 A Missing Release of Memory after Effective Lifetime vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated network based attacker to cause a Denial of Service (DoS). | 7.5 |
| 2022-07-20 | CVE-2022-22212 | Unspecified vulnerability in Juniper Junos OS Evolved 21.2/21.3 An Allocation of Resources Without Limits or Throttling vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved allows unauthenticated network based attacker to cause a Denial of Service (DoS). | 7.5 |
| 2022-07-20 | CVE-2022-22221 | Unspecified vulnerability in Juniper Junos An Improper Neutralization of Special Elements vulnerability in the download manager of Juniper Networks Junos OS on SRX Series and EX Series allows a locally authenticated attacker with low privileges to take full control over the device. | 7.8 |