Vulnerabilidades em Juniper Networks

893 resultados

Análise Vexday

Com 893 CVEs catalogadas e 7 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração de dispositivos Juniper Networks está 1,7× acima da média geral do catálogo, o que indica risco operacional elevado para organizações que dependem dessas soluções. A CVE mais crítica em exploração ativa no momento é CVE-2023-36846, com escore EPSS de 0,9421 — valor que sinaliza altíssima probabilidade de exploração em curto prazo e deve concentrar esforços imediatos de remediação. O tipo de falha mais recorrente, CWE-754 (verificação inadequada de condições excepcionais), aponta para uma fragilidade estrutural de tratamento de erros que tende a se manifestar em múltiplos componentes. Com 38 CVEs de severidade crítica, 4 com prova de conceito pública disponível e 27 vulnerabilidades surgidas nos últimos 90 dias, o ritmo de exposição recente exige monitoramento contínuo e priorização ativa de patches.

CVE-2021-0219MEDIUMJunos OS: Command injection vulnerability in 'request system software' CLI commandEPSS 0.7%CVE-2022-22164MEDIUMJunos OS Evolved: Telnet service may be enabled when it is expected to be disabled.EPSS 0.7%CVE-2025-21598HIGHJunos OS and Junos OS Evolved: When BGP traceoptions are configured, receipt of malformed BGP packets causes RPD to crashEPSS 0.7%CVE-2022-22205HIGHJunos OS: SRX Series: An FPC memory leak can occur in an APBR scenarioEPSS 0.7%CVE-2022-22212HIGHJunos OS Evolved: A high rate of specific hostbound traffic will cause unexpected hostbound traffic delays or dropsEPSS 0.7%CVE-2022-22192HIGHJunos OS Evolved: PTX Series: An attacker can cause a kernel panic by sending a malformed TCP packet to the deviceEPSS 0.7%CVE-2024-21614HIGHJunos OS and Junos OS Evolved: A specific query via DREND causes rpd crashEPSS 0.7%CVE-2024-30392HIGHJunos OS: MX Series with SPC3 and MS-MPC/-MIC: When URL filtering is enabled and a specific URL request is received a flowd crash occursEPSS 0.7%CVE-2026-33791HIGHJunos OS and Junos OS Evolved: Execution of crafted CLI commands allows for arbitrary shell injection as rootEPSS 0.7%CVE-2021-31386MEDIUMJunos OS: When using J-Web with HTTP an attacker may retrieve encryption keys via Person-in-the-Middle attacks.EPSS 0.7%CVE-2022-22175HIGHJunos OS: MX Series and SRX Series: The flowd daemon will crash if the SIP ALG is enabled and specific SIP messages are processedEPSS 0.7%CVE-2022-22182HIGHJunos OS: A XSS vulnerability allows an attacker to execute commands on a target J-Web sessionEPSS 0.7%CVE-2020-1667HIGHJunos OS: MX Series: Services card might restart due to a race condition when DNS filtering is enabled.EPSS 0.7%CVE-2022-22229HIGHParagon Active Assurance (Formerly Netrounds): Stored Cross-site Scripting (XSS) vulnerability in web administrationEPSS 0.7%CVE-2022-22207HIGHJunos OS: MX Series with MPC11: In a GNF / node slicing scenario gathering AF interface statistics can lead to a kernel crashEPSS 0.7%CVE-2022-22167HIGHJunos OS: SRX Series: If no-syn-check is enabled, traffic classified as UNKNOWN gets permitted by pre-id-default-policyEPSS 0.7%CVE-2018-0006MEDIUMJunos OS: bbe-smgd process denial of service while processing VLAN authentication requests/rejectsEPSS 0.7%CVE-2020-1629MEDIUMJunos OS: A race condition vulnerability may cause RPD daemon to crash when processing a BGP NOTIFICATION message.EPSS 0.7%CVE-2022-22184HIGHJunos OS and Junos OS Evolved: A BGP session will flap upon receipt of a specific, optional transitive attribute in version 22.3R1EPSS 0.7%CVE-2019-0046MEDIUMJunos OS: EX4300 Series: Denial of Service upon receipt of large number of specific valid packets on management interface.EPSS 0.7%

← anteriorpágina 17 / 45próxima →