A vulnerability allowing out-of-bounds read has been identified in the routing protocol daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved. This vulnerability allows an unauthenticated, network-based attacker to send malformed BGP packets to a device with packet receive trace options enabled, causing RPD to crash. The issue affects multiple Junos OS and Junos OS Evolved versions, requires an established BGP session, and can propagate through multiple ASes, impacting both iBGP and eBGP for IPv4 and IPv6.
Exploitation of this vulnerability leads to a crash of the routing protocol daemon (RPD), disrupting BGP operations on the affected device.
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.
