Vulnerabilidades en Juniper Networks

893 resultados

Análisis Vexday

Com 893 CVEs catalogadas e 7 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração de dispositivos Juniper Networks está 1,7× acima da média geral do catálogo, o que indica risco operacional elevado para organizações que dependem dessas soluções. A CVE mais crítica em exploração ativa no momento é CVE-2023-36846, com escore EPSS de 0,9421 — valor que sinaliza altíssima probabilidade de exploração em curto prazo e deve concentrar esforços imediatos de remediação. O tipo de falha mais recorrente, CWE-754 (verificação inadequada de condições excepcionais), aponta para uma fragilidade estrutural de tratamento de erros que tende a se manifestar em múltiplos componentes. Com 38 CVEs de severidade crítica, 4 com prova de conceito pública disponível e 27 vulnerabilidades surgidas nos últimos 90 dias, o ritmo de exposição recente exige monitoramento contínuo e priorização ativa de patches.

CVE-2024-21598HIGHJunos OS and Junos OS Evolved: A malformed BGP tunnel encapsulation attribute will lead to an rpd crashEPSS 0.6%CVE-2017-10620HIGHSRX Series: Antivirus updates are downloaded without verificationEPSS 0.6%CVE-2022-22219MEDIUMJunos OS and Junos OS Evolved: RPD core upon receipt of a specific EVPN route by a BGP route reflector in an EVPN environmentEPSS 0.6%CVE-2023-22396HIGHJunos OS: Receipt of crafted TCP packets destined to the device results in MBUF leak leading to a Denial of Service (DoS)EPSS 0.6%CVE-2023-28968MEDIUMJunos OS: SRX Series: Policies that rely on JDPI-Decoder actions may fail openEPSS 0.6%CVE-2024-47490HIGHJunos OS Evolved: ACX 7000 Series: Receipt of specific transit MPLS packets causes resources to be exhaustedEPSS 0.6%CVE-2018-0029MEDIUMJunos OS: Kernel crash (vmcore) during broadcast storm after enabling 'monitor traffic interface fxp0'EPSS 0.6%CVE-2023-28962MEDIUMJunos OS: Unauthenticated access vulnerability in J-WebEPSS 0.6%CVE-2025-59978CRITICALJunos Space: Stored cross-site scripting vulnerability in web applicationEPSS 0.6%CVE-2022-22227MEDIUMJunos OS Evolved: ACX7000 Series: Specific IPv6 transit traffic gets exceptioned to the routing-engine which causes increased CPU utilizationEPSS 0.6%CVE-2021-0247MEDIUMJunos OS: PTX Series, QFX Series: Due to a race condition input loopback firewall filters applied to interfaces may not operate even when listed in the running configuration.EPSS 0.6%CVE-2024-21606HIGHJunos OS: SRX Series: When "tcp-encap" is configured and specific packets are received flowd will crashEPSS 0.6%CVE-2022-22156MEDIUMJunos OS: Certificate validation is skipped when fetching system scripts from a HTTPS URLEPSS 0.5%CVE-2023-36843HIGHJunos OS: SRX Series: The PFE will crash on receiving malformed SSL traffic when Sky ATP is enabledEPSS 0.5%CVE-2021-0253HIGHJunos OS: NFX Series: Local Command Execution Vulnerability in JDMD Leads to Privilege EscalationEPSS 0.5%CVE-2024-30395HIGHJunos OS and Junos OS Evolved: A malformed BGP tunnel encapsulation attribute will lead to an rpd crashEPSS 0.5%CVE-2024-21596MEDIUMJunos OS and Junos OS Evolved: A specific BGP UPDATE message will cause a crash in the backup Routing Engine in NSR-enabled devicesEPSS 0.5%CVE-2022-22215MEDIUMJunos OS and Junos OS Evolved: /var/run/<pid>.env files are potentially not deleted during termination of a gRPC connection causing inode exhaustionEPSS 0.5%CVE-2023-44199HIGHJunos OS: MX Series: In a PTP scenario a prolonged routing protocol churn can trigger an FPC rebootEPSS 0.5%CVE-2024-21595HIGHJunos OS: EX4100, EX4400, EX4600, QFX5000 Series: A high rate of specific ICMP traffic will cause the PFE to hangEPSS 0.5%

← anteriorpágina 22 / 45siguiente →