Vulnerabilities > Juniper > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-20 | CVE-2022-22213 | Unspecified vulnerability in Juniper Junos and Junos OS Evolved A vulnerability in Handling of Undefined Values in the routing protocol daemon (RPD) process of Juniper Networks Junos OS and Junos OS Evolved may allow an unauthenticated network-based attacker to crash the RPD process by sending a specific BGP update while the system is under heavy load, leading to a Denial of Service (DoS). | 5.9 |
| 2022-07-20 | CVE-2022-22214 | Unspecified vulnerability in Juniper Junos An Improper Input Validation vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent attacker to cause a PFE crash and thereby a Denial of Service (DoS). low complexity juniper | 6.5 |
| 2022-07-20 | CVE-2022-22215 | Missing Release of Resource after Effective Lifetime vulnerability in Juniper Junos A Missing Release of File Descriptor or Handle after Effective Lifetime vulnerability in plugable authentication module (PAM) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). | 5.5 |
| 2022-07-20 | CVE-2022-22216 | Unspecified vulnerability in Juniper Junos An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the PFE of Juniper Networks Junos OS on PTX Series and QFX10k Series allows an adjacent unauthenticated attacker to gain access to sensitive information. low complexity juniper | 4.3 |
| 2022-07-20 | CVE-2022-22217 | Unspecified vulnerability in Juniper Junos An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to cause a Denial of Service (DoS). low complexity juniper | 6.5 |
| 2022-04-14 | CVE-2022-22181 | Unspecified vulnerability in Juniper Junos A reflected Cross-site Scripting (XSS) vulnerability in J-Web of Juniper Networks Junos OS allows a network-based authenticated attacker to run malicious scripts reflected off J-Web to the victim's browser in the context of their session within J-Web. | 5.4 |
| 2022-04-14 | CVE-2022-22182 | Unspecified vulnerability in Juniper Junos A Cross-site Scripting (XSS) vulnerability in Juniper Networks Junos OS J-Web allows an attacker to construct a URL that when visited by another user enables the attacker to execute commands with the target's permissions, including an administrator. | 6.1 |
| 2022-04-14 | CVE-2022-22186 | Unspecified vulnerability in Juniper Junos Due to an Improper Initialization vulnerability in Juniper Networks Junos OS on EX4650 devices, packets received on the management interface (em0) but not destined to the device, may be improperly forwarded to an egress interface, instead of being discarded. | 6.5 |
| 2022-04-14 | CVE-2022-22191 | Resource Exhaustion vulnerability in Juniper Junos A Denial of Service (DoS) vulnerability in the processing of a flood of specific ARP traffic in Juniper Networks Junos OS on the EX4300 switch, sent from the local broadcast domain, may allow an unauthenticated network-adjacent attacker to trigger a PFEMAN watchdog timeout, causing the Packet Forwarding Engine (PFE) to crash and restart. | 6.5 |
| 2022-04-14 | CVE-2022-22193 | Unspecified vulnerability in Juniper Junos and Junos OS Evolved An Improper Handling of Unexpected Data Type vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). | 5.5 |