Juniper JUNOS 23.4 R1-S2

CPE Details

Juniper JUNOS 23.4 R1-S2
juniper
junos
23.4
2024-12-19
14h00 +00:00
2024-12-19
14h00 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:juniper:junos:23.4:r1-s2:*:*:*:*:*:*

Informations

Vendor

juniper

Product

junos

Version

23.4

Update

r1-s2

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2025-21590 2025-03-12 13h59 +00:00 An Improper Isolation or Compartmentalization vulnerability in the kernel of Juniper Networks Junos OS allows a local attacker with high privileges to compromise the integrity of the device. A local attacker with access to the shell is able to inject arbitrary code which can compromise an affected device. This issue is not exploitable from the Junos CLI. This issue affects Junos OS:  * All versions before 21.2R3-S9, * 21.4 versions before 21.4R3-S10,  * 22.2 versions before 22.2R3-S6,  * 22.4 versions before 22.4R3-S6,  * 23.2 versions before 23.2R2-S3,  * 23.4 versions before 23.4R2-S4, * 24.2 versions before 24.2R1-S2, 24.2R2.
6.7
Medium
CVE-2024-39550 2024-07-11 16h29 +00:00 A Missing Release of Memory after Effective Lifetime vulnerability in the rtlogd process of Juniper Networks Junos OS on MX Series with SPC3 allows an unauthenticated, adjacent attacker to trigger internal events cause ( which can be done by repeated port flaps) to cause a slow memory leak, ultimately leading to a Denial of Service (DoS). Memory can only be recovered by manually restarting rtlogd process.  The memory usage can be monitored using the below command.     user@host> show system processes extensive | match rtlog  This issue affects Junos OS on MX Series with SPC3 line card:  * from 21.2R3 before 21.2R3-S8,  * from 21.4R2 before 21.4R3-S6,  * from 22.1 before 22.1R3-S5,  * from 22.2 before 22.2R3-S3,  * from 22.3 before 22.3R3-S2,  * from 22.4 before 22.4R3-S1,  * from 23.2 before 23.2R2,  * from 23.4 before 23.4R2.
7.1
High
CVE-2004-0468 2004-07-08 02h00 +00:00 Memory leak in Juniper JUNOS Packet Forwarding Engine (PFE) allows remote attackers to cause a denial of service (memory exhaustion and device reboot) via certain IPv6 packets.
5
CVE-2004-0230 2004-05-05 02h00 +00:00 TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.
5
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.