Vulnerabilidades en Juniper Networks

893 resultados

Análisis Vexday

Com 893 CVEs catalogadas e 7 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração de dispositivos Juniper Networks está 1,7× acima da média geral do catálogo, o que indica risco operacional elevado para organizações que dependem dessas soluções. A CVE mais crítica em exploração ativa no momento é CVE-2023-36846, com escore EPSS de 0,9421 — valor que sinaliza altíssima probabilidade de exploração em curto prazo e deve concentrar esforços imediatos de remediação. O tipo de falha mais recorrente, CWE-754 (verificação inadequada de condições excepcionais), aponta para uma fragilidade estrutural de tratamento de erros que tende a se manifestar em múltiplos componentes. Com 38 CVEs de severidade crítica, 4 com prova de conceito pública disponível e 27 vulnerabilidades surgidas nos últimos 90 dias, o ritmo de exposição recente exige monitoramento contínuo e priorização ativa de patches.

CVE-2025-59999MEDIUMJunos Space: API Access Profiles page is vulnerable to reflected cross-site script injectionEPSS 0.2%CVE-2020-1630MEDIUMJunos OS: Privilege escalation vulnerability in dual REs, VC or HA cluster may allow unauthorized configuration change.EPSS 0.2%CVE-2025-52958MEDIUMJunos OS and Junos OS Evolved: When route validation is enabled, BGP connection establishment failure causes RPD crashEPSS 0.2%CVE-2026-21904MEDIUMJunos Space: ilpFilter field on nLegacy.jsp is vulnerable to reflected cross-site script injectionEPSS 0.2%CVE-2025-21595HIGHJunos OS and Junos OS Evolved: In an EVPN-VXLAN scenario specific ARP or NDP packets cause FPC to crashEPSS 0.2%CVE-2023-28984MEDIUMJunos OS: QFX Series: The PFE may crash when a lot of MAC addresses are being learned and agedEPSS 0.2%CVE-2024-30387HIGHJunos OS: ACX5448 & ACX710: Due to interface flaps the PFE process can crashEPSS 0.2%CVE-2024-47495HIGHJunos OS Evolved: In a dual-RE scenario a locally authenticated attacker with shell privileges can take over the device.EPSS 0.2%CVE-2025-6549MEDIUMJunos OS: SRX Series: J-Web can be exposed on additional interfacesEPSS 0.2%CVE-2022-22221HIGHJunos OS: SRX and EX Series: Local privilege escalation flaw in "download" functionalityEPSS 0.2%CVE-2021-0256MEDIUMJunos OS: mosquitto Local Privilege Escalation vulnerability in SUID binariesEPSS 0.2%CVE-2024-47501MEDIUMJunos OS: MX304, MX with MPC10/11/LC9600, and EX9200 with EX9200-15C: In a VPLS or Junos Fusion scenario specific show commands cause FPCs to crashEPSS 0.2%CVE-2021-0255MEDIUMJunos OS: ethtraceroute Local Privilege Escalation vulnerability in SUID binariesEPSS 0.2%CVE-2025-59984MEDIUMJunos Space: Global Search is vulnerable to reflected cross-site script injectionEPSS 0.2%CVE-2025-59997MEDIUMJunos Space: Fields in the CLI Configlets are vulnerable to reflected cross-site script injectionEPSS 0.2%CVE-2025-59998MEDIUMJunos Space: Archive Logs screen is vulnerable to reflected cross-site script injectionEPSS 0.2%CVE-2025-60001MEDIUMJunos Space: Create Quick Template page is vulnerable to reflected cross-site script injectionEPSS 0.2%CVE-2025-59995MEDIUMJunos Space: Template creation through Definition is vulnerable to reflected cross-site script injectionEPSS 0.2%CVE-2025-21597MEDIUMJunos OS and Junos OS Evolved: When BGP rib-sharding and update-threading are configured and a peer flaps, an rpd core is observedEPSS 0.2%CVE-2025-59990MEDIUMJunos Space: Template creation pages are vulnerable to reflected cross-site script injectionEPSS 0.2%

← anteriorpágina 40 / 45siguiente →