Vulnerabilidades en Juniper Networks

893 resultados

Análisis Vexday

Com 893 CVEs catalogadas e 7 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração de dispositivos Juniper Networks está 1,7× acima da média geral do catálogo, o que indica risco operacional elevado para organizações que dependem dessas soluções. A CVE mais crítica em exploração ativa no momento é CVE-2023-36846, com escore EPSS de 0,9421 — valor que sinaliza altíssima probabilidade de exploração em curto prazo e deve concentrar esforços imediatos de remediação. O tipo de falha mais recorrente, CWE-754 (verificação inadequada de condições excepcionais), aponta para uma fragilidade estrutural de tratamento de erros que tende a se manifestar em múltiplos componentes. Com 38 CVEs de severidade crítica, 4 com prova de conceito pública disponível e 27 vulnerabilidades surgidas nos últimos 90 dias, o ritmo de exposição recente exige monitoramento contínuo e priorização ativa de patches.

CVE-2026-21918HIGHJunos OS: SRX and MX Series: When TCP packets occur in a specific sequence flowd crashesEPSS 0.4%CVE-2021-0287MEDIUMJunos OS and Junos OS Evolved: RPD could crash in SR-ISIS/MPLS environment due to a flap of an ISIS link in the networkEPSS 0.4%CVE-2025-52950MEDIUMJuniper Security Director: Insufficient authorization for multiple endpoints in web interfaceEPSS 0.4%CVE-2022-22179MEDIUMJunos OS: jdhcpd crashes upon receiving a specific DHCP packetEPSS 0.4%CVE-2022-22196MEDIUMJunos OS and Junos OS Evolved: The rpd CPU spikes to 100% after a malformed ISIS TLV has been receivedEPSS 0.4%CVE-2022-22172MEDIUMJunos OS and Junos OS Evolved: An l2cpd memory leak can occur when specific LLDP packets are received leading to a DoSEPSS 0.4%CVE-2022-22166MEDIUMJunos OS: An rpd core will occur if BGP update tracing is configured and an update containing a malformed BGP SR-TE policy tunnel attribute is receivedEPSS 0.4%CVE-2022-22176HIGHJunos OS: In a scenario with dhcp-security and option-82 configured jdhcpd crashes upon receipt of a malformed DHCP packetEPSS 0.4%CVE-2022-22163HIGHJunos OS: jdhcpd crashes upon receipt of a specific DHCPv6 packetEPSS 0.4%CVE-2025-60003HIGHJunos OS and Junos OS Evolved: BGP update with a set of specific attributes causes rpd crashEPSS 0.4%CVE-2026-21905HIGHJunos OS: SRX Series, MX Series with MX-SPC3 or MS-MPC: Receipt of multiple specific SIP messages results in flow management process crashEPSS 0.4%CVE-2024-39554HIGHJunos OS and Junos OS Evolved: BGP multipath incremental calculation is resulting in an rpd crashEPSS 0.4%CVE-2024-21590HIGHJunos OS Evolved: Packets which are not destined to the device can reach the REEPSS 0.4%CVE-2017-10624HIGHJunos Space: Insufficient verification of node certificates.EPSS 0.4%CVE-2024-30410MEDIUMJunos OS: EX4300 Series: Loopback filter not blocking traffic despite having discard term.EPSS 0.4%CVE-2024-30389MEDIUMJunos OS: EX4300 Series: Firewall filter not blocking egress trafficEPSS 0.4%CVE-2017-2329—An insufficient authentication vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may EPSS 0.4%CVE-2023-28972MEDIUMJunos OS: NFX Series: 'set system ports console insecure' allows root password recoveryEPSS 0.4%CVE-2022-22160MEDIUMJunos OS: MX Series: The bbe-smgd process crashes if an unsupported configuration exists and a PPPoE client sends a specific messageEPSS 0.4%CVE-2017-2341HIGHJunos OS: VM to host privilege escalation in platforms with Junos OS running in a virtualized environment.EPSS 0.4%

← anteriorpágina 30 / 45siguiente →