Vulnerabilidades em Juniper Networks

893 resultados

Análise Vexday

Com 893 CVEs catalogadas e 7 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração de dispositivos Juniper Networks está 1,7× acima da média geral do catálogo, o que indica risco operacional elevado para organizações que dependem dessas soluções. A CVE mais crítica em exploração ativa no momento é CVE-2023-36846, com escore EPSS de 0,9421 — valor que sinaliza altíssima probabilidade de exploração em curto prazo e deve concentrar esforços imediatos de remediação. O tipo de falha mais recorrente, CWE-754 (verificação inadequada de condições excepcionais), aponta para uma fragilidade estrutural de tratamento de erros que tende a se manifestar em múltiplos componentes. Com 38 CVEs de severidade crítica, 4 com prova de conceito pública disponível e 27 vulnerabilidades surgidas nos últimos 90 dias, o ritmo de exposição recente exige monitoramento contínuo e priorização ativa de patches.

CVE-2023-44199HIGHJunos OS: MX Series: In a PTP scenario a prolonged routing protocol churn can trigger an FPC rebootEPSS 0.5%CVE-2023-36832HIGHJunos OS: MX Series: PFE crash upon receipt of specific packet destined to an AMS interfaceEPSS 0.5%CVE-2023-36835HIGHJunos OS: QFX10000 Series: All traffic will be dropped after a specific valid IP packet has been received which needs to be routed over a VXLAN tunnelEPSS 0.5%CVE-2019-0030MEDIUMJuniper ATP: Password hashing uses DES and a hardcoded saltEPSS 0.5%CVE-2021-0252HIGHJunos OS: NFX Series: Local Code Execution Vulnerability in JDMD Leads to Privilege EscalationEPSS 0.5%CVE-2024-21604HIGHJunos OS Evolved: A high rate of specific traffic will cause a complete system outageEPSS 0.5%CVE-2024-21612HIGHJunos OS Evolved: Specific TCP traffic causes OFP core and restart of REEPSS 0.5%CVE-2024-21616HIGHJunos OS: MX Series and SRX Series: Processing of a specific SIP packet causes NAT IP allocation to failEPSS 0.5%CVE-2023-44181HIGHJunos OS: QFX5k: l2 loop in the overlay impacts the stability in a EVPN/VXLAN environmentEPSS 0.5%CVE-2024-21602HIGHJunos OS Evolved: ACX7024, ACX7100-32C and ACX7100-48L: Traffic stops when a specific IPv4 UDP packet is received by the REEPSS 0.5%CVE-2023-36831HIGHJunos OS: SRX Series: jbuf memory leak when SSL Proxy and UTM Web-Filtering is appliedEPSS 0.5%CVE-2019-0067MEDIUMJunos OS: Kernel crash (vmcore) upon receipt of a specific link-local IPv6 packet on devices configured with Multi-Chassis Link Aggregation Group (MC-LAG)EPSS 0.5%CVE-2023-28985HIGHSRX Series and MX Series: An FPC core is observed when IDP is enabled on the device and a specific malformed SSL packet is receivedEPSS 0.5%CVE-2024-30402HIGHJunos OS and Junos OS Evolved: The l2ald crashes on receiving telemetry messages from a specific subscriptionEPSS 0.5%CVE-2023-22402MEDIUMJunos OS Evolved: The kernel might restart in a BGP scenario where "bgp auto-discovery" is enabled and such a neighbor flapsEPSS 0.5%CVE-2019-0018MEDIUMJuniper ATP: Persistent Cross-Site Scripting (XSS) vulnerability in file upload menuEPSS 0.5%CVE-2019-0023MEDIUMJuniper ATP: Persistent Cross-Site Scripting vulnerability in the Golden VM menuEPSS 0.5%CVE-2020-1670MEDIUMJunos OS: EX4300 Series: High CPU load due to receipt of specific IPv4 packetsEPSS 0.5%CVE-2022-22202MEDIUMJunos OS: PTX Series: FPCs may restart unexpectedly upon receipt of specific MPLS packets with certain multi-unit interface configurationsEPSS 0.5%CVE-2023-36841HIGHJunos OS: MX Series: Receipt of malformed TCP traffic will cause a Denial of ServiceEPSS 0.5%

← anteriorpágina 23 / 45próxima →