Vulnerabilidades en Juniper Networks

893 resultados

Análisis Vexday

Com 893 CVEs catalogadas e 7 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração de dispositivos Juniper Networks está 1,7× acima da média geral do catálogo, o que indica risco operacional elevado para organizações que dependem dessas soluções. A CVE mais crítica em exploração ativa no momento é CVE-2023-36846, com escore EPSS de 0,9421 — valor que sinaliza altíssima probabilidade de exploração em curto prazo e deve concentrar esforços imediatos de remediação. O tipo de falha mais recorrente, CWE-754 (verificação inadequada de condições excepcionais), aponta para uma fragilidade estrutural de tratamento de erros que tende a se manifestar em múltiplos componentes. Com 38 CVEs de severidade crítica, 4 com prova de conceito pública disponível e 27 vulnerabilidades surgidas nos últimos 90 dias, o ritmo de exposição recente exige monitoramento contínuo e priorização ativa de patches.

CVE-2025-59991MEDIUMJunos Space: Device Management pages are vulnerable to reflected cross-site script injectionEPSS 0.2%CVE-2025-59994MEDIUMJunos Space: Quick Template page is vulnerable to reflected cross-site script injectionEPSS 0.2%CVE-2025-59985MEDIUMJunos Space: Purging Policy field is vulnerable to reflected cross-site script injectionEPSS 0.2%CVE-2025-59986MEDIUMJunos Space: Input fields in Model Devices are vulnerable to reflected cross-site script injectionEPSS 0.2%CVE-2025-60002MEDIUMJunos Space: Template Definitions page is vulnerable to reflected cross-site script injectionEPSS 0.2%CVE-2025-60009MEDIUMJunos Space: CLI Configlet page is vulnerable to reflected cross-site script injectionEPSS 0.2%CVE-2025-60000MEDIUMJunos Space: Generate Report page is vulnerable to reflected cross-site script injectionEPSS 0.2%CVE-2025-59993MEDIUMJunos Space: Space Node Setting fields are vulnerable to reflected cross-site script injectionEPSS 0.2%CVE-2025-59996MEDIUMJunos Space: Configuration View page is vulnerable to reflected cross-site script injectionEPSS 0.2%CVE-2025-59987MEDIUMJunos Space: The arbitrary device search field is vulnerable to reflected cross-site script injectionEPSS 0.2%CVE-2025-59988MEDIUMJunos Space: Generate Report page is vulnerable to reflected cross-site script injectionEPSS 0.2%CVE-2025-59992MEDIUMJunos Space: Secure Console page is vulnerable to reflected cross-site script injectionEPSS 0.2%CVE-2025-30647HIGHJunos OS: MX Series: Subscriber login/logout activity will lead to a memory leakEPSS 0.2%CVE-2026-33773MEDIUMJunos OS: EX Series, QFX Series: If the same egress filter is configured on both an IRB and a physical interface one of those is not appliedEPSS 0.2%CVE-2021-31360HIGHJunos OS and Junos OS Evolved: Denial of Service vulnerability in local file processingEPSS 0.2%CVE-2025-30653MEDIUMJunos OS and Junos OS Evolved: LSP flap in a specific MPLS scenario leads to rpd crashEPSS 0.2%CVE-2025-30646HIGHJunos OS and Junos OS Evolved: Receipt of a malformed LLDP TLV results in l2cpd crashEPSS 0.2%CVE-2024-47496MEDIUMJunos OS: MX Series: The PFE will crash on running specific commandEPSS 0.2%CVE-2024-39544MEDIUMJunos OS Evolved: Low privileged local user able to view NETCONF traceoptions filesEPSS 0.2%CVE-2026-33775HIGHJunos OS: MX Series: Mismatch between configured and received packet types causes memory leak in bbe-smgdEPSS 0.2%

← anteriorpágina 41 / 45siguiente →