Vulnerabilidades em Juniper Networks

893 resultados

Análise Vexday

Com 893 CVEs catalogadas e 7 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração de dispositivos Juniper Networks está 1,7× acima da média geral do catálogo, o que indica risco operacional elevado para organizações que dependem dessas soluções. A CVE mais crítica em exploração ativa no momento é CVE-2023-36846, com escore EPSS de 0,9421 — valor que sinaliza altíssima probabilidade de exploração em curto prazo e deve concentrar esforços imediatos de remediação. O tipo de falha mais recorrente, CWE-754 (verificação inadequada de condições excepcionais), aponta para uma fragilidade estrutural de tratamento de erros que tende a se manifestar em múltiplos componentes. Com 38 CVEs de severidade crítica, 4 com prova de conceito pública disponível e 27 vulnerabilidades surgidas nos últimos 90 dias, o ritmo de exposição recente exige monitoramento contínuo e priorização ativa de patches.

CVE-2020-1602HIGHJunos OS and Junos OS Evolved: A vulnerability in JDHCPD allows an attacker to send crafted IPv4 packets may take over the code execution of the JDHCPD process.EPSS 0.8%CVE-2021-31373HIGHJunos OS: SRX Series: Persistent XSS vulnerability in J-WebEPSS 0.8%CVE-2023-22410HIGHJunos OS: MX Series with MPC10/MPC11: When Suspicious Control Flow Detection (scfd) is enabled and an attacker is sending specific traffic, this causes a memory leak.EPSS 0.8%CVE-2021-31355HIGHJunos OS: Stored Cross-Site Scripting (XSS) vulnerability in captive portalEPSS 0.8%CVE-2023-22415HIGHJunos OS: MX Series and SRX Series: The flow processing daemon (flowd) will crash when specific H.323 packets are receivedEPSS 0.8%CVE-2020-1660HIGHJunos OS: MX Series: Receipt of specific packets can cause services card to restart when DNS filtering is configured.EPSS 0.8%CVE-2022-22152HIGHContrail Service Orchestration: Tenants able to see other tenants policies via REST API interfaceEPSS 0.8%CVE-2020-1625MEDIUMJunos OS: Kernel memory leak in virtual-memory due to interface flapsEPSS 0.8%CVE-2021-31375HIGHJunos OS: Receipt of a specific BGP update may cause RPKI policy-checks to be bypassedEPSS 0.8%CVE-2022-22223MEDIUMJunos OS: QFX10000 Series: In IP/MPLS PHP node scenarios upon receipt of certain crafted packets multiple interfaces in LAG configurations may detach.EPSS 0.8%CVE-2020-1685MEDIUMJunos OS: EX4600, QFX5K Series: Stateless firewall filter matching 'user-vlan-id' will cause incomplete discard actionEPSS 0.8%CVE-2020-1652MEDIUMJunos Space: OpenNMS is accessible via port 9443EPSS 0.7%CVE-2019-0038MEDIUMSRX Series: Crafted packets destined to fxp0 management interface on SRX340/SRX345 devices can lead to DoSEPSS 0.7%CVE-2021-0217HIGHJunos OS: EX Series and QFX Series: Memory leak issue processing specific DHCP packetsEPSS 0.7%CVE-2021-0270HIGHJunos OS: PTX Series, QFX10K Series: A PTX/QFX FPC may restart unexpectedly with the "inline-Jflow" feature enabled on a large-scale deploymentEPSS 0.7%CVE-2018-0005HIGHSecurity Bulletin: Junos OS: MAC move limit configured to drop traffic may forward traffic.EPSS 0.7%CVE-2022-22206HIGHJunos OS: SRX series: The PFE will crash when specific traffic is scanned by Enhanced Web Filtering safe-searchEPSS 0.7%CVE-2024-30382HIGHJunos OS and Junos OS Evolved: RPD crash when CoS-based forwarding (CBF) policy is configuredEPSS 0.7%CVE-2021-0297MEDIUMJunos OS Evolved: BGP and LDP sessions with TCP MD5 authentication established with peers not configured for authenticationEPSS 0.7%CVE-2021-0225MEDIUMJunos OS Evolved: Stateless IP firewall filter does not work as expectedEPSS 0.7%

← anteriorpágina 16 / 45próxima →