Vulnerabilidades en Juniper Networks

893 resultados

Análisis Vexday

Com 893 CVEs catalogadas e 7 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração de dispositivos Juniper Networks está 1,7× acima da média geral do catálogo, o que indica risco operacional elevado para organizações que dependem dessas soluções. A CVE mais crítica em exploração ativa no momento é CVE-2023-36846, com escore EPSS de 0,9421 — valor que sinaliza altíssima probabilidade de exploração em curto prazo e deve concentrar esforços imediatos de remediação. O tipo de falha mais recorrente, CWE-754 (verificação inadequada de condições excepcionais), aponta para uma fragilidade estrutural de tratamento de erros que tende a se manifestar em múltiplos componentes. Com 38 CVEs de severidade crítica, 4 com prova de conceito pública disponível e 27 vulnerabilidades surgidas nos últimos 90 dias, o ritmo de exposição recente exige monitoramento contínuo e priorização ativa de patches.

CVE-2023-36850MEDIUMJunos OS: MX Series: An MPC will crash upon receipt of a malformed CFM packet.EPSS 0.3%CVE-2023-36849MEDIUMJunos OS and Junos OS Evolved: The l2cpd will crash when a malformed LLDP packet is receivedEPSS 0.3%CVE-2023-36839MEDIUMJunos OS and Junos OS Evolved: An l2cpd crash will occur when specific LLDP packets are receivedEPSS 0.3%CVE-2022-22187HIGHJIMS: Local Privilege Escalation vulnerability via repair functionalityEPSS 0.3%CVE-2023-44203MEDIUMJunos OS: QFX5000 Series, EX2300, EX3400, EX4100, EX4400 and EX4600: Packet flooding will occur when IGMP traffic is sent to an isolated VLANEPSS 0.3%CVE-2023-44204MEDIUMJunos OS and Junos OS Evolved: The rpd will crash upon receiving a malformed BGP UPDATE messageEPSS 0.3%CVE-2024-30386HIGHJunos OS and Junos OS Evolved: In a EVPN-VXLAN scenario state changes on adjacent systems can cause an l2ald process crashEPSS 0.3%CVE-2021-0289MEDIUMJunos OS: User-defined ARP Policer isn't applied on Aggregated Ethernet (AE) interface until firewall process is restartedEPSS 0.3%CVE-2025-59976HIGHJunos Space: Arbitrary file download vulnerability in web interfaceEPSS 0.3%CVE-2025-52964HIGHJunos OS and Junos OS Evolved: Receipt of a specific BGP UPDATE causes an rpd crash on devices with BGP multipath configuredEPSS 0.3%CVE-2025-52947HIGHJunos OS: ACX Series: When 'hot-standby' mode is configured for an L2 circuit, interface flap causes the FEB to crashEPSS 0.3%CVE-2025-30644HIGHJunos OS: EX2300, EX3400, EX4000 Series, QFX5k Series: Receipt of a specific DHCP packet causes FPC crash when DHCP Option 82 is enabledEPSS 0.3%CVE-2024-39558HIGHJunos OS and Junos OS Evolved: Receipt of specific PIM packet causes rpd crash when PIM is configured along with MoFRREPSS 0.3%CVE-2025-52949HIGHJunos OS and Junos OS Evolved: In an EVPN environment, receipt of specifically malformed BGP update causes RPD crashEPSS 0.3%CVE-2025-11198HIGHSecurity Director Policy Enforcer: An unrestricted API allows a network-based unauthenticated attacker to deploy malicious vSRX images to VMWare NSX ServerEPSS 0.3%CVE-2025-59958MEDIUMJunos OS Evolved: PTX Series: When a firewall filter rejects traffic these packets are erroneously sent to the REEPSS 0.3%CVE-2025-59981MEDIUMJunos Space: Device Template Definition page is vulnerable to reflected cross-site script injectionEPSS 0.3%CVE-2025-59982MEDIUMJunos Space: Dashboard Search field is vulnerable to reflected cross-site script injectionEPSS 0.3%CVE-2020-1669MEDIUMJunos OS: NFX350: Password hashes stored in world-readable formatEPSS 0.3%CVE-2024-39521HIGHJunos OS Evolved: CLI parameter processing issue allows privilege escalationEPSS 0.3%

← anteriorpágina 37 / 45siguiente →