Vulnerabilities > Juniper > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-17 | CVE-2023-28959 | Improper Check or Handling of Exceptional Conditions vulnerability in Juniper Junos An Improper Check or Handling of Exceptional Conditions vulnerability in packet processing of Juniper Networks Junos OS on QFX10002 allows an unauthenticated, adjacent attacker on the local broadcast domain sending a malformed packet to the device, causing all PFEs other than the inbound PFE to wedge and to eventually restart, resulting in a Denial of Service (DoS) condition. | 6.5 |
| 2023-04-17 | CVE-2023-28961 | Unspecified vulnerability in Juniper Junos An Improper Handling of Unexpected Data Type vulnerability in IPv6 firewall filter processing of Juniper Networks Junos OS on the ACX Series devices will prevent a firewall filter with the term 'from next-header ah' from being properly installed in the packet forwarding engine (PFE). | 5.3 |
| 2023-04-17 | CVE-2023-28963 | Improper Authentication vulnerability in Juniper Junos An Improper Authentication vulnerability in cert-mgmt.php, used by the J-Web component of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to read arbitrary files from temporary folders on the device. | 5.3 |
| 2023-04-17 | CVE-2023-28968 | Allocation of Resources Without Limits or Throttling vulnerability in Juniper Appid Service Sigpack, Jdpi-Decoder Engine and Junos An Improperly Controlled Sequential Memory Allocation vulnerability in the Juniper Networks Deep Packet Inspection-Decoder (JDPI-Decoder) Application Signature component of Junos OS's AppID service on SRX Series devices will stop the JDPI-Decoder from identifying dynamic application traffic, allowing an unauthenticated network-based attacker to send traffic to the target device using the JDPI-Decoder, designed to inspect dynamic application traffic and take action upon this traffic, to instead begin to not take action and to pass the traffic through. | 5.3 |
| 2023-04-17 | CVE-2023-28970 | Improper Handling of Exceptional Conditions vulnerability in Juniper Junos An Improper Check or Handling of Exceptional Conditions vulnerability in packet processing on the network interfaces of Juniper Networks Junos OS on JRR200 route reflector appliances allows an adjacent, network-based attacker sending a specific packet to the device to cause a kernel crash, resulting in a Denial of Service (DoS). | 6.5 |
| 2023-04-17 | CVE-2023-28972 | Link Following vulnerability in Juniper Junos An Improper Link Resolution Before File Access vulnerability in console port access of Juniper Networks Junos OS on NFX Series allows an attacker to bypass console access controls. | 6.8 |
| 2023-04-17 | CVE-2023-28974 | Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos An Improper Check for Unusual or Exceptional Conditions vulnerability in the bbe-smgd of Juniper Networks Junos OS allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). | 6.5 |
| 2023-04-17 | CVE-2023-28975 | Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos An Unexpected Status Code or Return Value vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated attacker with physical access to the device to cause a Denial of Service (DoS). | 4.6 |
| 2023-01-13 | CVE-2023-22395 | Memory Leak vulnerability in Juniper Junos A Missing Release of Memory after Effective Lifetime vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). | 6.5 |
| 2023-01-13 | CVE-2023-22397 | Allocation of Resources Without Limits or Throttling vulnerability in Juniper Junos OS Evolved An Allocation of Resources Without Limits or Throttling weakness in the memory management of the Packet Forwarding Engine (PFE) on Juniper Networks Junos OS Evolved PTX10003 Series devices allows an adjacently located attacker who has established certain preconditions and knowledge of the environment to send certain specific genuine packets to begin a Time-of-check Time-of-use (TOCTOU) Race Condition attack which will cause a memory leak to begin. | 6.1 |