Vulnerabilities in Juniper Networks

893 results
Vexday analysis

Com 893 CVEs catalogadas e 7 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração de dispositivos Juniper Networks está 1,7× acima da média geral do catálogo, o que indica risco operacional elevado para organizações que dependem dessas soluções. A CVE mais crítica em exploração ativa no momento é CVE-2023-36846, com escore EPSS de 0,9421 — valor que sinaliza altíssima probabilidade de exploração em curto prazo e deve concentrar esforços imediatos de remediação. O tipo de falha mais recorrente, CWE-754 (verificação inadequada de condições excepcionais), aponta para uma fragilidade estrutural de tratamento de erros que tende a se manifestar em múltiplos componentes. Com 38 CVEs de severidade crítica, 4 com prova de conceito pública disponível e 27 vulnerabilidades surgidas nos últimos 90 dias, o ritmo de exposição recente exige monitoramento contínuo e priorização ativa de patches.

CVE-2022-22240MEDIUMJunos OS and Junos OS Evolved: An rpd memory leak might be observed while running a specific cli command in a RIB sharding scenarioEPSS 0.2%CVE-2021-31377MEDIUMJunos OS: A local authenticated attacker can cause RPD to coreEPSS 0.2%CVE-2025-30648HIGHJunos OS and Junos OS Evolved: Receipt of a specifically malformed DHCP packet causes jdhcpd process to crashEPSS 0.2%CVE-2019-0071HIGHJunos OS: EX2300, EX3400 Series: Veriexec signature checking not enforced in specific versions of Junos OSEPSS 0.2%CVE-2023-36840MEDIUMJunos OS and Junos OS Evolved: An rpd crash occurs when a specific L2VPN command is runEPSS 0.2%CVE-2025-59967HIGHJunos OS Evolved: ACX7024, ACX7024X, ACX7100-32C, ACX7100-48L, ACX7348, ACX7509: When specific valid multicast traffic is received on the L3 interface on a vulnerable device evo-pfemand crashes and restartsEPSS 0.2%CVE-2026-33774MEDIUMJunos OS: MX Series: Firewall filters on lo0.<non-0> in the default routing instance are not in effectEPSS 0.2%CVE-2024-39546HIGHJunos OS Evolved: Local low-privilege user can gain root permissions leading to privilege escalationEPSS 0.2%CVE-2022-22248HIGHJunos OS Evolved: Incorrect file permissions can allow low-privileged user to cause another user to execute arbitrary commandsEPSS 0.2%CVE-2023-22397MEDIUMJunos OS Evolved: PTX10003: An attacker sending specific genuine packets will cause a memory leak in the PFE leading to a Denial of ServiceEPSS 0.2%CVE-2026-21907HIGHJunos Space: TLS/SSL server supports use of static key ciphers (ssl-static-key-ciphers)EPSS 0.2%CVE-2023-44189MEDIUMJunos OS Evolved: PTX10003 Series: MAC address validation bypass vulnerabilityEPSS 0.2%CVE-2025-59969HIGHJunos OS Evolved: QFX5000 Series and PTX Series: An attacker sending crafted multicast packets will cause evo-aftmand / evo-pfemand to crash and restartEPSS 0.2%CVE-2024-30378MEDIUMJunos OS: MX Series: bbe-smgd process crash upon execution of specific CLI commandsEPSS 0.2%CVE-2022-22239HIGHJunos OS Evolved: The ssh CLI command always runs as root which can lead to privilege escalationEPSS 0.2%CVE-2023-36838MEDIUMJunos OS: SRX Series: A flowd core occurs when running a low privileged CLI commandEPSS 0.2%CVE-2023-22409MEDIUMJunos OS: SRX Series, MX Series with SPC3: When an inconsistent NAT configuration exists and a specific CLI command is issued the SPC will rebootEPSS 0.2%CVE-2022-22234MEDIUMJunos OS: EX2300 and EX3400 Series: One of more SFPs might become unavailable when the system is very busyEPSS 0.2%CVE-2026-33780HIGHJunos OS and Junos OS Evolved: In an EVPN-MPLS scenario churn of ESI routes causes a memory leak in l2aldEPSS 0.2%CVE-2024-21594MEDIUMJunos OS: SRX 5000 Series: Repeated execution of a specific CLI command causes a flowd crashEPSS 0.2%