Vulnerabilidades em Juniper Networks

893 resultados

Análise Vexday

Com 893 CVEs catalogadas e 7 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração de dispositivos Juniper Networks está 1,7× acima da média geral do catálogo, o que indica risco operacional elevado para organizações que dependem dessas soluções. A CVE mais crítica em exploração ativa no momento é CVE-2023-36846, com escore EPSS de 0,9421 — valor que sinaliza altíssima probabilidade de exploração em curto prazo e deve concentrar esforços imediatos de remediação. O tipo de falha mais recorrente, CWE-754 (verificação inadequada de condições excepcionais), aponta para uma fragilidade estrutural de tratamento de erros que tende a se manifestar em múltiplos componentes. Com 38 CVEs de severidade crítica, 4 com prova de conceito pública disponível e 27 vulnerabilidades surgidas nos últimos 90 dias, o ritmo de exposição recente exige monitoramento contínuo e priorização ativa de patches.

CVE-2022-22217MEDIUMJunos OS: QFX10K Series: Denial of Service (DoS) upon receipt of crafted MLD packets on multi-homing ESI in VXLANEPSS 0.3%CVE-2020-1666MEDIUMJunos OS Evolved: 'console log-out-on-disconnect' fails to terminate session on console cable disconnectionEPSS 0.3%CVE-2024-21600MEDIUMJunos OS: PTX Series: In an FTI scenario MPLS packets hitting reject next-hop will cause a host path wedge conditionEPSS 0.3%CVE-2017-2328—An information leak vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unEPSS 0.3%CVE-2023-44183MEDIUMJunos OS: QFX5000 Series, EX4600 Series: In a VxLAN scenario an adjacent attacker within the VxLAN sending genuine packets may cause a DMA memory leak to occur.EPSS 0.3%CVE-2024-47503HIGHJunos OS: SRX4600 and SRX5000 Series: Sequence of specific PIM packets causes a flowd crashEPSS 0.3%CVE-2024-47498HIGHJunos OS Evolved: QFX5000 Series: Configured MAC learning and move limits are not in effectEPSS 0.3%CVE-2017-10606MEDIUMSRX Series: Cryptographic weakness in SRX300 Series TPM FirmwareEPSS 0.3%CVE-2025-52951MEDIUMJunos OS: IPv6 firewall filter fails to match payload-protocolEPSS 0.3%CVE-2017-2316—A buffer overflow vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an authEPSS 0.3%CVE-2017-2330—A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unEPSS 0.3%CVE-2023-1697MEDIUMJunos OS: QFX10000 Series, PTX1000 Series: The dcpfe process will crash when a malformed ethernet frame is receivedEPSS 0.3%CVE-2020-1688MEDIUMJunos OS: SRX and NFX Series: Insufficient Web API private key protectionEPSS 0.3%CVE-2024-39561MEDIUMJunos OS: SRX4600, SRX5000 Series: TCP packets with SYN/FIN or SYN/RST are transferred after enabling no-syn-check with Express PathEPSS 0.3%CVE-2021-0212MEDIUMContrail Networking: Administrator credentials are exposed in a plaintext fileEPSS 0.3%CVE-2020-1682MEDIUMJunos OS: SRX1500, vSRX, SRX4K, NFX150, NFX250: Denial of service vulnerability executing local CLI commandEPSS 0.3%CVE-2016-4924HIGHvMX: Information leak vulnerabilityEPSS 0.3%CVE-2024-21607MEDIUMJunos OS: MX Series and EX9200 Series: If the "tcp-reset" option used in an IPv6 filter, matched packets are accepted instead of rejectedEPSS 0.3%CVE-2022-22214MEDIUMJunos OS and Junos OS Evolved: In an MPLS scenario upon receipt of a specific IPv6 packet an FPC will crashEPSS 0.3%CVE-2020-1619MEDIUMJunos OS: QFX10K Series, EX9200 Series, MX Series, PTX Series: Privilege escalation vulnerability in NG-RE.EPSS 0.3%

← anteriorpágina 33 / 45próxima →