Vulnerabilities in Juniper Networks

893 results

Vexday analysis

Com 893 CVEs catalogadas e 7 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração de dispositivos Juniper Networks está 1,7× acima da média geral do catálogo, o que indica risco operacional elevado para organizações que dependem dessas soluções. A CVE mais crítica em exploração ativa no momento é CVE-2023-36846, com escore EPSS de 0,9421 — valor que sinaliza altíssima probabilidade de exploração em curto prazo e deve concentrar esforços imediatos de remediação. O tipo de falha mais recorrente, CWE-754 (verificação inadequada de condições excepcionais), aponta para uma fragilidade estrutural de tratamento de erros que tende a se manifestar em múltiplos componentes. Com 38 CVEs de severidade crítica, 4 com prova de conceito pública disponível e 27 vulnerabilidades surgidas nos últimos 90 dias, o ritmo de exposição recente exige monitoramento contínuo e priorização ativa de patches.

CVE-2021-0228MEDIUMJunos OS: MX Series: DDoS LACP violation upon receipt of specific layer 2 frames in EVPN-VXLAN deploymentEPSS 0.4%CVE-2021-0257MEDIUMJunos OS: MX Series, EX9200 Series: Trio-based MPCs memory leak in VPLS with integrated routing and bridging (IRB) interfaceEPSS 0.4%CVE-2021-0241HIGHJunos OS: Receipt of specific DHCPv6 packet may cause jdhcpd to crash and restartEPSS 0.4%CVE-2022-22155MEDIUMJunos OS: ACX5448: FPC memory leak due to IPv6 neighbor flapsEPSS 0.4%CVE-2019-0035MEDIUMJunos OS: 'set system ports console insecure' allows root password recovery on OAM volumesEPSS 0.4%CVE-2024-39553MEDIUMJunos OS Evolved: Receipt of arbitrary data when sampling service is enabled, leads to partial Denial of Service (DoS).EPSS 0.4%CVE-2024-39559HIGHJunos OS Evolved: Receipt of a specific TCP packet may result in a system crash (vmcore) on dual RE systems with NSR enabledEPSS 0.4%CVE-2023-44195MEDIUMJunos OS Evolved: Packets which are not destined to the router can reach the REEPSS 0.4%CVE-2021-0240HIGHJunos OS: Receipt of malformed DHCPv6 packets causes jdhcpd to crash and restart.EPSS 0.4%CVE-2022-22237MEDIUMJunos OS: Peers not configured for TCP-AO can establish a BGP or LDP session even if authentication is configured locallyEPSS 0.4%CVE-2019-0070HIGHJunos OS: NFX Series: An Improper Input Validation weakness allows a malicious local attacker to elevate their permissions.EPSS 0.4%CVE-2022-22168MEDIUMJunos OS: vMX and MX150: Specific packets might cause a memory leak and eventually an FPC rebootEPSS 0.4%CVE-2021-31363MEDIUMJunos OS and Junos OS Evolved: Receipt of a specific LDP message will cause a Denial of ServiceEPSS 0.4%CVE-2025-52984HIGHJunos OS and Junos OS Evolved: When a static route points to a reject next-hop and a gNMI query for this route is processed, RPD crashesEPSS 0.4%CVE-2024-39564HIGHJunos OS and Junos OS Evolved: Receipt of malformed BGP path attributes leads to RPD crashEPSS 0.4%CVE-2021-31367MEDIUMJunos OS: PTX Series: An FPC heap memory leak will be triggered by certain Flowspec route operations which can lead to an FPC crashEPSS 0.4%CVE-2021-31365MEDIUMJunos OS: EX2300, EX3400 and EX4300 Series: An Aggregated Ethernet (AE) interface will go down due to a stream of specific layer 2 framesEPSS 0.4%CVE-2025-60004HIGHJunos OS and Junos OS Evolved: Specific BGP EVPN update message causes rpd crashEPSS 0.4%CVE-2021-0223HIGHJunos OS: telnetd.real Local Privilege Escalation vulnerabilities in SUID binariesEPSS 0.4%CVE-2021-0259HIGHJunos OS and Junos OS Evolved: QFX5K Series: Underlay network traffic might not be processed upon receipt of high rate of specific genuine overlay packets in VXLAN scenarioEPSS 0.4%

← previouspage 28 / 45next →