Vulnerabilities in Juniper Networks

893 results
Vexday analysis

Com 893 CVEs catalogadas e 7 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração de dispositivos Juniper Networks está 1,7× acima da média geral do catálogo, o que indica risco operacional elevado para organizações que dependem dessas soluções. A CVE mais crítica em exploração ativa no momento é CVE-2023-36846, com escore EPSS de 0,9421 — valor que sinaliza altíssima probabilidade de exploração em curto prazo e deve concentrar esforços imediatos de remediação. O tipo de falha mais recorrente, CWE-754 (verificação inadequada de condições excepcionais), aponta para uma fragilidade estrutural de tratamento de erros que tende a se manifestar em múltiplos componentes. Com 38 CVEs de severidade crítica, 4 com prova de conceito pública disponível e 27 vulnerabilidades surgidas nos últimos 90 dias, o ritmo de exposição recente exige monitoramento contínuo e priorização ativa de patches.

CVE-2025-59996MEDIUMJunos Space: Configuration View page is vulnerable to reflected cross-site script injectionEPSS 0.2%CVE-2025-59997MEDIUMJunos Space: Fields in the CLI Configlets are vulnerable to reflected cross-site script injectionEPSS 0.2%CVE-2025-59984MEDIUMJunos Space: Global Search is vulnerable to reflected cross-site script injectionEPSS 0.2%CVE-2025-59991MEDIUMJunos Space: Device Management pages are vulnerable to reflected cross-site script injectionEPSS 0.2%CVE-2025-59985MEDIUMJunos Space: Purging Policy field is vulnerable to reflected cross-site script injectionEPSS 0.2%CVE-2025-59998MEDIUMJunos Space: Archive Logs screen is vulnerable to reflected cross-site script injectionEPSS 0.2%CVE-2025-60001MEDIUMJunos Space: Create Quick Template page is vulnerable to reflected cross-site script injectionEPSS 0.2%CVE-2025-59993MEDIUMJunos Space: Space Node Setting fields are vulnerable to reflected cross-site script injectionEPSS 0.2%CVE-2025-59995MEDIUMJunos Space: Template creation through Definition is vulnerable to reflected cross-site script injectionEPSS 0.2%CVE-2025-59994MEDIUMJunos Space: Quick Template page is vulnerable to reflected cross-site script injectionEPSS 0.2%CVE-2025-59988MEDIUMJunos Space: Generate Report page is vulnerable to reflected cross-site script injectionEPSS 0.2%CVE-2025-59992MEDIUMJunos Space: Secure Console page is vulnerable to reflected cross-site script injectionEPSS 0.2%CVE-2025-59987MEDIUMJunos Space: The arbitrary device search field is vulnerable to reflected cross-site script injectionEPSS 0.2%CVE-2025-60002MEDIUMJunos Space: Template Definitions page is vulnerable to reflected cross-site script injectionEPSS 0.2%CVE-2025-60009MEDIUMJunos Space: CLI Configlet page is vulnerable to reflected cross-site script injectionEPSS 0.2%CVE-2025-60000MEDIUMJunos Space: Generate Report page is vulnerable to reflected cross-site script injectionEPSS 0.2%CVE-2026-33773MEDIUMJunos OS: EX Series, QFX Series: If the same egress filter is configured on both an IRB and a physical interface one of those is not appliedEPSS 0.2%CVE-2021-31360HIGHJunos OS and Junos OS Evolved: Denial of Service vulnerability in local file processingEPSS 0.2%CVE-2024-47496MEDIUMJunos OS: MX Series: The PFE will crash on running specific commandEPSS 0.2%CVE-2024-39544MEDIUMJunos OS Evolved: Low privileged local user able to view NETCONF traceoptions filesEPSS 0.2%