296,138
Total vulnerabilities in the database
An Improper Following of Specification by Caller vulnerability in web management (J-Web, Captive Portal, 802.1X, Juniper Secure Connect (JSC) of Juniper Networks Junos OS on SRX Series, EX Series, MX240, MX480, MX960, QFX5120 Series, allows an unauthenticated, network-based attacker, sending genuine traffic targeted to the device to cause the CPU to climb until the device becomes unresponsive.
Continuous receipt of these packets will create a sustained Denial of Service (DoS) condition.
This issue affects Junos OS:
An indicator of compromise is to review the CPU % of the httpd process in the CLI: e.g. show system processes extensive | match httpd PID nobody 52 0 20M 191M select 2 0:01 80.00% httpd{httpd} <<<<< the percentage of httpd usage if high may be an indicator
| Software | From | Fixed in |
|---|---|---|
| juniper / junos | 21.4-r1-s1 | 21.4-r1-s1.x |
| juniper / junos | 21.4-r1 | 21.4-r1.x |
| juniper / junos | 21.4-r1-s2 | 21.4-r1-s2.x |
| juniper / junos | 21.4-r2 | 21.4-r2.x |
| juniper / junos | 21.4-r2-s1 | 21.4-r2-s1.x |
| juniper / junos | 21.4-r3 | 21.4-r3.x |
| juniper / junos | 22.2-r1 | 22.2-r1.x |
| juniper / junos | 22.2-r1-s1 | 22.2-r1-s1.x |
| juniper / junos | 22.2-r2 | 22.2-r2.x |
| juniper / junos | 22.2-r1-s2 | 22.2-r1-s2.x |
| juniper / junos | 22.2-r2-s1 | 22.2-r2-s1.x |
| juniper / junos | 22.4-r1 | 22.4-r1.x |
| juniper / junos | 22.2-r2-s2 | 22.2-r2-s2.x |
| juniper / junos | 22.2-r3 | 22.2-r3.x |
| juniper / junos | 21.4-r2-s2 | 21.4-r2-s2.x |
| juniper / junos | 21.4-r3-s1 | 21.4-r3-s1.x |
| juniper / junos | 21.4-r3-s2 | 21.4-r3-s2.x |
| juniper / junos | 21.4-r3-s3 | 21.4-r3-s3.x |
| juniper / junos | 22.4-r1-s1 | 22.4-r1-s1.x |
| juniper / junos | 22.4-r1-s2 | 22.4-r1-s2.x |
| juniper / junos | 22.4-r2 | 22.4-r2.x |
| juniper / junos | 22.2-r3-s1 | 22.2-r3-s1.x |
| juniper / junos | 22.2-r3-s2 | 22.2-r3-s2.x |
| juniper / junos | 22.4-r3 | 22.4-r3.x |
| juniper / junos | 22.4-r2-s2 | 22.4-r2-s2.x |
| juniper / junos | 22.4-r2-s1 | 22.4-r2-s1.x |
| juniper / junos | 23.2-r1-s1 | 23.2-r1-s1.x |
| juniper / junos | 23.2-r1 | 23.2-r1.x |
| juniper / junos | 22.2-r3-s3 | 22.2-r3-s3.x |
| juniper / junos | 22.2 | 22.2.x |
| juniper / junos | 22.4-r3-s2 | 22.4-r3-s2.x |
| juniper / junos | 22.4-r3-s1 | 22.4-r3-s1.x |
| juniper / junos | 22.4 | 22.4.x |
| juniper / junos | 23.2-r1-s2 | 23.2-r1-s2.x |
| juniper / junos | 23.2 | 23.2.x |
| juniper / junos | 23.4-r1-s1 | 23.4-r1-s1.x |
| juniper / junos | 23.4-r1 | 23.4-r1.x |
| juniper / junos | 23.4 | 23.4.x |
| juniper / junos | 21.4-r3-s4 | 21.4-r3-s4.x |
| juniper / junos | 21.4-r3-s5 | 21.4-r3-s5.x |
| juniper / junos | 21.4-r3-s6 | 21.4-r3-s6.x |
| juniper / junos | 21.4-r3-s7 | 21.4-r3-s7.x |
| juniper / junos | 22.2-r3-s4 | 22.2-r3-s4.x |
| juniper / junos | 22.4-r3-s3 | 22.4-r3-s3.x |
| juniper / junos | 23.2-r2-s2 | 23.2-r2-s2.x |
| juniper / junos | 23.2-r2-s1 | 23.2-r2-s1.x |
| juniper / junos | 23.2-r2 | 23.2-r2.x |
| juniper / junos | 23.4-r1-s2 | 23.4-r1-s2.x |
| juniper / junos | 24.2-r1 | 24.2-r1.x |
| juniper / junos | 24.2 | 24.2.x |
| juniper / junos | 23.4-r2-s2 | 23.4-r2-s2.x |
| juniper / junos | 23.4-r2-s1 | 23.4-r2-s1.x |
| juniper / junos | 23.4-r2 | 23.4-r2.x |
| juniper / junos | 21.4-r3-s8 | 21.4-r3-s8.x |
| juniper / junos | - | 21.4.x |