Vulnerabilidades en Juniper Networks

893 resultados
Análisis Vexday

Com 893 CVEs catalogadas e 7 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração de dispositivos Juniper Networks está 1,7× acima da média geral do catálogo, o que indica risco operacional elevado para organizações que dependem dessas soluções. A CVE mais crítica em exploração ativa no momento é CVE-2023-36846, com escore EPSS de 0,9421 — valor que sinaliza altíssima probabilidade de exploração em curto prazo e deve concentrar esforços imediatos de remediação. O tipo de falha mais recorrente, CWE-754 (verificação inadequada de condições excepcionais), aponta para uma fragilidade estrutural de tratamento de erros que tende a se manifestar em múltiplos componentes. Com 38 CVEs de severidade crítica, 4 com prova de conceito pública disponível e 27 vulnerabilidades surgidas nos últimos 90 dias, o ritmo de exposição recente exige monitoramento contínuo e priorização ativa de patches.

CVE-2024-39523HIGHJunos OS Evolved: CLI parameter processing issue allows privilege escalationEPSS 0.3%CVE-2024-39520HIGHJunos OS Evolved: CLI parameter processing issue allows privilege escalationEPSS 0.3%CVE-2024-39524HIGHJunos OS Evolved: CLI parameter processing issue allows privilege escalationEPSS 0.3%CVE-2024-39522HIGHJunos OS Evolved: CLI parameter processing issue allows privilege escalationEPSS 0.3%CVE-2025-59983MEDIUMJunos Space: Template Definition page is vulnerable to reflected cross-site script injectionEPSS 0.3%CVE-2021-0293MEDIUMJunos OS: Out-of-memory condition and crashes can occur after executing a certain CLI command repeatedlyEPSS 0.2%CVE-2026-21910HIGHJunos OS: EX4k Series, QFX5k Series: In an EVPN-VXLAN configuration link flaps cause Inter-VNI traffic dropEPSS 0.2%CVE-2026-0203HIGHJunos OS: Receipt of a specifically malformed ICMP packet causes an FPC restartEPSS 0.2%CVE-2024-39557HIGHJunos OS Evolved: MAC table changes cause a memory leakEPSS 0.2%CVE-2024-39514HIGHJunos OS and Junos OS Evolved: Receiving specific traffic on devices with EVPN-VPWS with IGMP-snooping enabled will cause the rpd to crashEPSS 0.2%CVE-2024-39517HIGHJunos OS and Junos OS Evolved: Upon processing specific L2 traffic, rpd can hang in devices with EVPN/VXLAN configuredEPSS 0.2%CVE-2024-39519HIGHJunos OS Evolved: ACX 7000 Series: Multicast traffic is looped in a multihoming EVPN MPLS scenarioEPSS 0.2%CVE-2024-39560HIGHJunos OS and Junos OS Evolved: Memory leak due to RSVP neighbor persistent error leading to kernel crashEPSS 0.2%CVE-2022-22154MEDIUMJunos Fusion: A Satellite Device can be controlled by rewiring it to a foreign AD causing a DoSEPSS 0.2%CVE-2026-33771CRITICALCTP OS: Configuring password requirements does not work which permits the use of weak passwordsEPSS 0.2%CVE-2022-22162HIGHJunos OS: A low privileged user can elevate their privileges to the ones of the highest privileged j-web user logged inEPSS 0.2%CVE-2025-52987MEDIUMParagon Automation: A clickjacking vulnerability in the web server configuration has been addressedEPSS 0.2%CVE-2021-0245HIGHJunos OS: Junos Fusion: Hard-coded credentials on satellite devices allows a locally authenticated attacker to elevate their privileges.EPSS 0.2%CVE-2023-44196MEDIUMJunos OS Evolved: PTX10003 Series: Packets which are not destined to the router can reach the REEPSS 0.2%CVE-2026-33783HIGHJunos OS Evolved: PTX Series: If SRTE tunnels provisioned via PCEP are present and specific gRPC queries are received evo-aftmand crashesEPSS 0.2%