Vulnerabilidades en Juniper Networks

893 resultados

Análisis Vexday

Com 893 CVEs catalogadas e 7 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração de dispositivos Juniper Networks está 1,7× acima da média geral do catálogo, o que indica risco operacional elevado para organizações que dependem dessas soluções. A CVE mais crítica em exploração ativa no momento é CVE-2023-36846, com escore EPSS de 0,9421 — valor que sinaliza altíssima probabilidade de exploração em curto prazo e deve concentrar esforços imediatos de remediação. O tipo de falha mais recorrente, CWE-754 (verificação inadequada de condições excepcionais), aponta para uma fragilidade estrutural de tratamento de erros que tende a se manifestar em múltiplos componentes. Com 38 CVEs de severidade crítica, 4 com prova de conceito pública disponível e 27 vulnerabilidades surgidas nos últimos 90 dias, o ritmo de exposição recente exige monitoramento contínuo e priorização ativa de patches.

CVE-2021-0244HIGHJunos OS: A race condition in the storm control profile may allow an attacker to cause a Denial of Service conditionEPSS 0.6%CVE-2018-0063MEDIUMJunos OS: Nexthop index allocation failed: private index space exhausted after incoming ARP requests to management interfaceEPSS 0.6%CVE-2023-22399HIGHJunos OS: QFX10K Series: PFE crash upon receipt of specific genuine packets when sFlow is enabledEPSS 0.6%CVE-2018-0021HIGHJunos OS: Short MacSec keys may allow man-in-the-middle attacks.EPSS 0.6%CVE-2019-0024MEDIUMJuniper ATP: Persistent Cross-Site Scripting vulnerability in the Email Collectors menuEPSS 0.6%CVE-2024-47489MEDIUMJunos OS Evolved: ACX Series: Receipt of specific transit protocol packets is incorrectly processed by the REEPSS 0.6%CVE-2021-31357HIGHJunos OS Evolved: shell-injection vulnerabilities in evo_tcpdump UI wrapper scriptEPSS 0.6%CVE-2024-30405HIGHJunos OS: SRX 5000 Series with SPC2: Processing of specific crafted packets when ALG is enabled causes a transit traffic Denial of ServiceEPSS 0.6%CVE-2023-22404MEDIUMJunos OS: SRX Series and MX Series with SPC3: When IPsec VPN is configured iked will core when a specifically formatted payload is receivedEPSS 0.6%CVE-2019-0026MEDIUMJuniper ATP: Persistent Cross-Site Scripting vulnerability in Zone configurationEPSS 0.6%CVE-2020-1645HIGHJunos OS: MX Series: Services card might restart when DNS filtering is enabledEPSS 0.6%CVE-2023-22408HIGHJunos OS: SRX 5000 Series: Upon processing of a specific SIP packet an FPC can crashEPSS 0.6%CVE-2024-21585MEDIUMJunos OS and Junos OS Evolved: BGP session flaps on NSR-enabled devices can cause rpd crashEPSS 0.6%CVE-2019-0025MEDIUMJuniper ATP: Persistent Cross-Site Scripting vulnerability in RADIUS configuration menuEPSS 0.6%CVE-2019-0027MEDIUMJuniper ATP: Persistent Cross-Site Scripting vulnerability in Snort Rules configurationEPSS 0.6%CVE-2021-31358HIGHJunos OS Evolved: shell-injection vulnerabilities in evo_sftp UI wrapper scriptEPSS 0.6%CVE-2021-0279HIGHContrail Cloud: Hardcoded credentials for RabbitMQ serviceEPSS 0.6%CVE-2022-22245MEDIUMJunos OS: Path traversal vulnerability in J-WebEPSS 0.6%CVE-2024-47499HIGHJunos OS and Junos OS Evolved: In a BMP scenario receipt of a malformed AS PATH attribute can cause an RPD crashEPSS 0.6%CVE-2024-47502HIGHJunos OS Evolved: TCP session state is not always cleared on the Routing Engine leading to DoSEPSS 0.6%

← anteriorpágina 19 / 45siguiente →