8.7
CVE-2024-30397 - Junos OS: An invalid certificate causes a Denial of Service in the Internet Key Exchange (IKE) proc…
An Improper Check for Unusual or Exceptional Conditions vulnerability in the the Public Key Infrastructure daemon (pkid) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause Denial of Service (DoS). The pkid is responsible for the certificate verification. Upon a fail…
6.3
CVE-2024-30391 - Junos OS: MX Series with SPC3, and SRX Series: When IPsec authentication is configured with "hmac-s…
A Missing Authentication for Critical Function vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series with SPC3, and SRX Series allows an unauthenticated network-based attacker to cause limited impact to the integrity or availability of the device. If a devic…
6.9
CVE-2024-30390 - Junos OS Evolved: Connection limits is not being enforced while the resp. rate limit is being enfor…
An Improper Restriction of Excessive Authentication Attempts vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a limited Denial of Service (DoS) to the management plane. When an incoming connection was blocked because it exceeded the conn…
6.9
CVE-2024-30389 - Junos OS: EX4300 Series: Firewall filter not blocking egress traffic
An Incorrect Behavior Order vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on EX4300 Series allows an unauthenticated, network-based attacker to cause an integrity impact to networks downstream of the vulnerable device. When an output firewall filter is applied to…
7.1
CVE-2024-30386 - Junos OS and Junos OS Evolved: In a EVPN-VXLAN scenario state changes on adjacent systems can cause…
A Use-After-Free vulnerability in the Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause l2ald to crash leading to a Denial-of-Service (DoS). In an EVPN-VXLAN scenario, when state updates are received …
6.8
CVE-2024-30384 - Junos OS: EX4300 Series: If a specific CLI command is issued PFE crashes will occur
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on EX4300 Series allows a locally authenticated attacker with low privileges to cause a Denial-of-Service (Dos). If a specific CLI command is issued, a PFE crash…
8.7
CVE-2024-30382 - Junos OS and Junos OS Evolved: RPD crash when CoS-based forwarding (CBF) policy is configured
An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated attacker to send a specific routing update, causing an rpd core due to memory corruption, leading to a Denial o…
9.6
CVE-2024-28878 - IOSIX IO-1020 Micro ELD Download of Code Without Integrity Check
IO-1020 Micro ELD downloads source code or an executable from an adjacent location and executes the code without sufficiently verifying the origin or integrity of the code.
7.1
CVE-2024-30387 - Junos OS: ACX5448 & ACX710: Due to interface flaps the PFE process can crash
A Missing Synchronization vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on ACX5448 and ACX710 allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS). If an interface flaps while the system gathers statistics on that interface, two process…
7.4
CVE-2024-31069 - IOSIX IO-1020 Micro ELD Use of Default Credentials
IO-1020 Micro ELD web server uses a default password for authentication.