Vulnerabilities > Juniper > High

DATE CVE VULNERABILITY TITLE RISK
2022-01-19 CVE-2022-22153 Unspecified vulnerability in Juniper Junos
An Insufficient Algorithmic Complexity combined with an Allocation of Resources Without Limits or Throttling vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX Series and MX Series with SPC3 allows an unauthenticated network attacker to cause latency in transit packet processing and even packet loss.
network
low complexity
juniper
7.5
2022-01-19 CVE-2022-22156 Unspecified vulnerability in Juniper Junos
An Improper Certificate Validation weakness in the Juniper Networks Junos OS allows an attacker to perform Person-in-the-Middle (PitM) attacks when a system script is fetched from a remote source at a specified HTTPS URL, which may compromise the integrity and confidentiality of the device.
network
high complexity
juniper
7.4
2022-01-19 CVE-2022-22159 Unspecified vulnerability in Juniper Junos
A vulnerability in the NETISR network queue functionality of Juniper Networks Junos OS kernel allows an attacker to cause a Denial of Service (DoS) by sending crafted genuine packets to a device.
network
low complexity
juniper
7.5
2022-01-19 CVE-2022-22161 Unspecified vulnerability in Juniper Junos
An Uncontrolled Resource Consumption vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated network based attacker to cause 100% CPU load and the device to become unresponsive by sending a flood of traffic to the out-of-band management ethernet port.
network
low complexity
juniper
7.5
2022-01-19 CVE-2022-22162 Unspecified vulnerability in Juniper Junos
A Generation of Error Message Containing Sensitive Information vulnerability in the CLI of Juniper Networks Junos OS allows a locally authenticated attacker with low privileges to elevate these to the level of any other user logged in via J-Web at this time, potential leading to a full compromise of the device.
local
low complexity
juniper
7.8
2022-01-19 CVE-2022-22170 Unspecified vulnerability in Juniper Junos
A Missing Release of Resource after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a Denial of Service (DoS) by sending specific packets over VXLAN which cause heap memory to leak and on exhaustion the PFE to reset.
network
low complexity
juniper
7.5
2022-01-19 CVE-2022-22171 Unspecified vulnerability in Juniper Junos
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a Denial of Service (DoS) by sending specific packets over VXLAN which cause the PFE to reset.
network
low complexity
juniper
7.5
2022-01-19 CVE-2022-22173 Unspecified vulnerability in Juniper Junos
A Missing Release of Memory after Effective Lifetime vulnerability in the Public Key Infrastructure daemon (pkid) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause Denial of Service (DoS).
network
low complexity
juniper
7.5
2022-01-19 CVE-2022-22174 Unspecified vulnerability in Juniper Junos
A vulnerability in the processing of inbound IPv6 packets in Juniper Networks Junos OS on QFX5000 Series and EX4600 switches may cause the memory to not be freed, leading to a packet DMA memory leak, and eventual Denial of Service (DoS) condition.
network
low complexity
juniper
7.5
2022-01-19 CVE-2022-22175 Unspecified vulnerability in Juniper Junos
An Improper Locking vulnerability in the SIP ALG of Juniper Networks Junos OS on MX Series and SRX Series allows an unauthenticated networked attacker to cause a flowprocessing daemon (flowd) crash and thereby a Denial of Service (DoS).
network
low complexity
juniper
7.5