Vulnerabilidades en Juniper Networks

893 resultados

Análisis Vexday

Com 893 CVEs catalogadas e 7 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração de dispositivos Juniper Networks está 1,7× acima da média geral do catálogo, o que indica risco operacional elevado para organizações que dependem dessas soluções. A CVE mais crítica em exploração ativa no momento é CVE-2023-36846, com escore EPSS de 0,9421 — valor que sinaliza altíssima probabilidade de exploração em curto prazo e deve concentrar esforços imediatos de remediação. O tipo de falha mais recorrente, CWE-754 (verificação inadequada de condições excepcionais), aponta para uma fragilidade estrutural de tratamento de erros que tende a se manifestar em múltiplos componentes. Com 38 CVEs de severidade crítica, 4 com prova de conceito pública disponível e 27 vulnerabilidades surgidas nos últimos 90 dias, o ritmo de exposição recente exige monitoramento contínuo e priorização ativa de patches.

CVE-2024-39562HIGHJunos OS Evolved: A high rate of SSH connections causes a Denial of ServiceEPSS 0.4%CVE-2024-39516HIGHJunos OS and Junos OS Evolved: With certain BGP options enabled, receipt of specifically malformed BGP update causes RPD crashEPSS 0.4%CVE-2024-21589HIGHParagon Active Assurance Control Center: Information disclosure vulnerabilityEPSS 0.4%CVE-2022-22208MEDIUMJunos OS and Junos OS Evolved: An rpd crash can occur due to memory corruption caused by flapping BGP sessionsEPSS 0.4%CVE-2017-10602HIGHJunos OS: buffer overflow vulnerability in Junos CLIEPSS 0.4%CVE-2024-39518HIGHJunos OS: MX240, MX480, MX960 platforms using MPC10E: Memory leak will be observed when subscribed to a specific subscription on Junos Telemetry InterfaceEPSS 0.4%CVE-2021-0272MEDIUMJunos OS: QFX10002-32Q, QFX10002-60C, QFX10002-72Q, QFX10008, QFX10016: In EVPN-VXLAN scenarios receipt of specific genuine packets by an adjacent attacker will cause a kernel memory leak in FPC.EPSS 0.4%CVE-2020-1677HIGHJuniper Networks Mist Cloud UI: SAML authentication attribute elements handling vulnerability.EPSS 0.4%CVE-2023-28961MEDIUMJunos OS: ACX Series: IPv6 firewall filter is not installed in PFE when "from next-header ah" is usedEPSS 0.4%CVE-2025-60011MEDIUMJunos OS and Junos OS Evolved: Optional transitive BGP attribute is modified before propagation to peers causing sessions to flapEPSS 0.4%CVE-2021-31370MEDIUMJunos OS: QFX5000 Series and EX4600 Series: Control traffic might be dropped if a high rate of specific multicast traffic is receivedEPSS 0.4%CVE-2021-31362MEDIUMJunos OS and Junos OS Evolved: An IS-IS adjacency might be taken down if a bad hello PDU is received for an existing adjacency causing a DoSEPSS 0.4%CVE-2020-1678MEDIUMJunos OS and Junos OS Evolved: RPD can crash due to a slow memory leak.EPSS 0.4%CVE-2020-1664HIGHJunos OS: Buffer overflow vulnerability in device control daemonEPSS 0.4%CVE-2022-22218HIGHJunos OS: SRX Series: Upon processing of a genuine packet the pkid process will crash during CMPv2 auto-re-enrollmentEPSS 0.4%CVE-2021-31366MEDIUMJunos OS: MX Series: In subscriber management / BBE configuration authd can crash if a subscriber with a specific username tries to login leading to a DoSEPSS 0.4%CVE-2021-0271MEDIUMJunos OS: EX2200-C Series, EX3200 Series, EX3300 Series, EX4200 Series, EX4500 Series, EX4550 Series, EX6210 Series, EX8208 Series, EX8216 Series: Receipt of a crafted ARP packet by an adjacent attacker will cause the sfid process to core.EPSS 0.4%CVE-2021-0262MEDIUMJunos OS: QFX10002-60C: Use after free vulnerability found during static code analysisEPSS 0.4%CVE-2021-0242MEDIUMJunos OS: EX4300: FPC crash upon receipt of specific frames on an interface without L2PT or dot1x configuredEPSS 0.4%CVE-2021-0216MEDIUMJunos OS: ACX5448, ACX710: BFD sessions might flap due to high rate of transit ARP packetsEPSS 0.4%

← anteriorpágina 27 / 45siguiente →