Vulnerabilities > Juniper > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-17 | CVE-2023-28983 | OS Command Injection vulnerability in Juniper Junos OS Evolved 21.4 An OS Command Injection vulnerability in gRPC Network Operations Interface (gNOI) server module of Juniper Networks Junos OS Evolved allows an authenticated, low privileged, network based attacker to inject shell commands and execute code. | 8.8 |
| 2023-04-17 | CVE-2023-28960 | Incorrect Permission Assignment for Critical Resource vulnerability in Juniper Junos OS Evolved An Incorrect Permission Assignment for Critical Resource vulnerability in Juniper Networks Junos OS Evolved allows a local, authenticated low-privileged attacker to copy potentially malicious files into an existing Docker container on the local system. | 8.2 |
| 2023-04-17 | CVE-2023-28964 | Unspecified vulnerability in Juniper Junos An Improper Handling of Length Parameter Inconsistency vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a network based, unauthenticated attacker to cause an RPD crash leading to a Denial of Service (DoS). | 7.5 |
| 2023-04-17 | CVE-2023-28965 | Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos An Improper Check or Handling of Exceptional Conditions within the storm control feature of Juniper Networks Junos OS allows an attacker sending a high rate of traffic to cause a Denial of Service. | 7.5 |
| 2023-04-17 | CVE-2023-28966 | Incorrect Default Permissions vulnerability in Juniper Junos OS Evolved An Incorrect Default Permissions vulnerability in Juniper Networks Junos OS Evolved allows a low-privileged local attacker with shell access to modify existing files or execute commands as root. | 7.8 |
| 2023-04-17 | CVE-2023-28967 | Use of Uninitialized Resource vulnerability in Juniper Junos and Junos OS Evolved A Use of Uninitialized Resource vulnerability in the Border Gateway Protocol (BGP) software of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker to send specific genuine BGP packets to a device configured with BGP to cause a Denial of Service (DoS) by crashing the Routing Protocol Daemon (rpd). | 7.5 |
| 2023-04-17 | CVE-2023-28971 | Unspecified vulnerability in Juniper Paragon Active Assurance An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the timescaledb feature of Juniper Networks Paragon Active Assurance (PAA) (Formerly Netrounds) allows an attacker to bypass existing firewall rules and limitations used to restrict internal communcations. | 7.2 |
| 2023-04-17 | CVE-2023-28973 | Improper Authentication vulnerability in Juniper Junos OS Evolved An Improper Authorization vulnerability in the 'sysmanctl' shell command of Juniper Networks Junos OS Evolved allows a local, authenticated attacker to execute administrative commands that could impact the integrity of the system or system availability. | 7.1 |
| 2023-01-13 | CVE-2023-22391 | Improper Handling of Exceptional Conditions vulnerability in Juniper Junos A vulnerability in class-of-service (CoS) queue management in Juniper Networks Junos OS on the ACX2K Series devices allows an unauthenticated network-based attacker to cause a Denial of Service (DoS). | 7.5 |
| 2023-01-13 | CVE-2023-22393 | Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos and Junos OS Evolved An Improper Check for Unusual or Exceptional Conditions vulnerability in BGP route processing of Juniper Networks Junos OS and Junos OS Evolved allows an attacker to cause Routing Protocol Daemon (RPD) crash by sending a BGP route with invalid next-hop resulting in a Denial of Service (DoS). | 7.5 |