Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-33788 (GCVE-0-2026-33788)
Vulnerability from cvelistv5 – Published: 2026-04-09 21:27 – Updated: 2026-04-13 13:04
VLAI?
EPSS
Title
Junos OS Evolved: Local, authenticated attacker can gain privileged access to FPCs
Summary
A Missing Authentication for Critical Function vulnerability in the Flexible PIC Concentrators (FPCs) of Juniper Networks Junos OS Evolved on PTX Series allows a local, authenticated attacker with low privileges to gain direct access to FPCs installed in the device.
A local user with low privileges can gain direct access to the installed FPCs as a high privileged user, which can potentially lead to a full compromise of the affected component.
This issue affects Junos OS Evolved on PTX10004, PTX10008, PTX100016, with JNP10K-LC1201 or JNP10K-LC1202:
* All versions before 21.2R3-S8-EVO,
* 21.4-EVO versions before 21.4R3-S7-EVO,
* 22.2-EVO versions before 22.2R3-S4-EVO,
* 22.3-EVO versions before 22.3R3-S3-EVO,
* 22.4-EVO versions before 22.4R3-S2-EVO,
* 23.2-EVO versions before 23.2R2-EVO.
Severity ?
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://kb.juniper.net/JSA107806 | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Juniper Networks | Junos OS Evolved |
Affected:
0 , < 21.2R3-S8-EVO
(semver)
Affected: 21.4-EVO , < 21.4R3-S7-EVO (semver) Affected: 22.2-EVO , < 22.2R3-S4-EVO (semver) Affected: 22.3-EVO , < 22.3R3-S3-EVO (semver) Affected: 22.4-EVO , < 22.4R3-S2-EVO (semver) Affected: 23.2-EVO , < 23.2R2-EVO (semver) |
Date Public ?
2026-04-08 16:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-33788",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-10T03:56:13.066855Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T13:04:16.251Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"PTX Series"
],
"product": "Junos OS Evolved",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "21.2R3-S8-EVO",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "21.4R3-S7-EVO",
"status": "affected",
"version": "21.4-EVO",
"versionType": "semver"
},
{
"lessThan": "22.2R3-S4-EVO",
"status": "affected",
"version": "22.2-EVO",
"versionType": "semver"
},
{
"lessThan": "22.3R3-S3-EVO",
"status": "affected",
"version": "22.3-EVO",
"versionType": "semver"
},
{
"lessThan": "22.4R3-S2-EVO",
"status": "affected",
"version": "22.4-EVO",
"versionType": "semver"
},
{
"lessThan": "23.2R2-EVO",
"status": "affected",
"version": "23.2-EVO",
"versionType": "semver"
}
]
}
],
"datePublic": "2026-04-08T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A Missing Authentication for Critical Function vulnerability in the Flexible PIC Concentrators (FPCs) of Juniper Networks Junos OS Evolved on PTX Series allows a local, authenticated attacker with low privileges to gain direct access to FPCs installed in the device.\u003cbr\u003e\u003cbr\u003eA local user with low privileges can gain direct access to the installed FPCs as a high privileged user, which can potentially lead to a full compromise of the affected component.\u003cbr\u003e\u003cbr\u003e\u003cp\u003eThis issue affects\u0026nbsp;Junos OS Evolved on PTX10004, PTX10008, PTX100016, with JNP10K-LC1201 or JNP10K-LC1202:\u003cbr\u003e\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eAll versions before 21.2R3-S8-EVO,\u003c/li\u003e\u003cli\u003e21.4-EVO versions before 21.4R3-S7-EVO,\u003c/li\u003e\u003cli\u003e22.2-EVO versions before 22.2R3-S4-EVO,\u003c/li\u003e\u003cli\u003e22.3-EVO versions before 22.3R3-S3-EVO,\u003c/li\u003e\u003cli\u003e22.4-EVO versions before 22.4R3-S2-EVO,\u003c/li\u003e\u003cli\u003e23.2-EVO versions before 23.2R2-EVO.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "A Missing Authentication for Critical Function vulnerability in the Flexible PIC Concentrators (FPCs) of Juniper Networks Junos OS Evolved on PTX Series allows a local, authenticated attacker with low privileges to gain direct access to FPCs installed in the device.\n\nA local user with low privileges can gain direct access to the installed FPCs as a high privileged user, which can potentially lead to a full compromise of the affected component.\n\nThis issue affects\u00a0Junos OS Evolved on PTX10004, PTX10008, PTX100016, with JNP10K-LC1201 or JNP10K-LC1202:\n\n\n\n\n * All versions before 21.2R3-S8-EVO,\n * 21.4-EVO versions before 21.4R3-S7-EVO,\n * 22.2-EVO versions before 22.2R3-S4-EVO,\n * 22.3-EVO versions before 22.3R3-S3-EVO,\n * 22.4-EVO versions before 22.4R3-S2-EVO,\n * 23.2-EVO versions before 23.2R2-EVO."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eJuniper SIRT is not aware of any malicious exploitation of this vulnerability.\u003c/p\u003e"
}
],
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:L/AU:Y/R:U/RE:M",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-09T21:27:44.046Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.juniper.net/JSA107806"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The following software releases have been updated to resolve this specific issue: 21.2R3-S8-EVO, 21.4R3-S7-EVO, 22.2R3-S4-EVO, 22.3R3-S3-EVO, 22.4R3-S2-EVO, 23.2R2-EVO, 23.4R1-EVO, and all subsequent releases."
}
],
"value": "The following software releases have been updated to resolve this specific issue: 21.2R3-S8-EVO, 21.4R3-S7-EVO, 22.2R3-S4-EVO, 22.3R3-S3-EVO, 22.4R3-S2-EVO, 23.2R2-EVO, 23.4R1-EVO, and all subsequent releases."
}
],
"source": {
"advisory": "JSA107806",
"defect": [
"1621525"
],
"discovery": "INTERNAL"
},
"title": "Junos OS Evolved: Local, authenticated attacker can gain privileged access to FPCs",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use access lists or firewall filters to limit access to the CLI only from trusted hosts and administrators.\u003cbr\u003e"
}
],
"value": "Use access lists or firewall filters to limit access to the CLI only from trusted hosts and administrators."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-av217"
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2026-33788",
"datePublished": "2026-04-09T21:27:44.046Z",
"dateReserved": "2026-03-23T19:46:13.671Z",
"dateUpdated": "2026-04-13T13:04:16.251Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-33788",
"date": "2026-05-25",
"epss": "0.00018",
"percentile": "0.0515"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-33788\",\"sourceIdentifier\":\"sirt@juniper.net\",\"published\":\"2026-04-09T22:16:28.593\",\"lastModified\":\"2026-04-13T15:02:27.760\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A Missing Authentication for Critical Function vulnerability in the Flexible PIC Concentrators (FPCs) of Juniper Networks Junos OS Evolved on PTX Series allows a local, authenticated attacker with low privileges to gain direct access to FPCs installed in the device.\\n\\nA local user with low privileges can gain direct access to the installed FPCs as a high privileged user, which can potentially lead to a full compromise of the affected component.\\n\\nThis issue affects\u00a0Junos OS Evolved on PTX10004, PTX10008, PTX100016, with JNP10K-LC1201 or JNP10K-LC1202:\\n\\n\\n\\n\\n * All versions before 21.2R3-S8-EVO,\\n * 21.4-EVO versions before 21.4R3-S7-EVO,\\n * 22.2-EVO versions before 22.2R3-S4-EVO,\\n * 22.3-EVO versions before 22.3R3-S3-EVO,\\n * 22.4-EVO versions before 22.4R3-S2-EVO,\\n * 23.2-EVO versions before 23.2R2-EVO.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:X/RE:M/U:X\",\"baseScore\":8.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"LOW\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"YES\",\"Recovery\":\"USER\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"MODERATE\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-306\"}]}],\"references\":[{\"url\":\"https://kb.juniper.net/JSA107806\",\"source\":\"sirt@juniper.net\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-33788\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-04-10T03:56:13.066855Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-04-13T13:00:21.486Z\"}}], \"cna\": {\"title\": \"Junos OS Evolved: Local, authenticated attacker can gain privileged access to FPCs\", \"source\": {\"defect\": [\"1621525\"], \"advisory\": \"JSA107806\", \"discovery\": \"INTERNAL\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}, {\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"USER\", \"baseScore\": 8.5, \"Automatable\": \"YES\", \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:L/AU:Y/R:U/RE:M\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"LOW\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"LOW\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"HIGH\", \"vulnerabilityResponseEffort\": \"MODERATE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Juniper Networks\", \"product\": \"Junos OS Evolved\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"21.2R3-S8-EVO\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"21.4-EVO\", \"lessThan\": \"21.4R3-S7-EVO\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"22.2-EVO\", \"lessThan\": \"22.2R3-S4-EVO\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"22.3-EVO\", \"lessThan\": \"22.3R3-S3-EVO\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"22.4-EVO\", \"lessThan\": \"22.4R3-S2-EVO\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"23.2-EVO\", \"lessThan\": \"23.2R2-EVO\", \"versionType\": \"semver\"}], \"platforms\": [\"PTX Series\"], \"defaultStatus\": \"unaffected\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eJuniper SIRT is not aware of any malicious exploitation of this vulnerability.\u003c/p\u003e\", \"base64\": false}]}], \"solutions\": [{\"lang\": \"en\", \"value\": \"The following software releases have been updated to resolve this specific issue: 21.2R3-S8-EVO, 21.4R3-S7-EVO, 22.2R3-S4-EVO, 22.3R3-S3-EVO, 22.4R3-S2-EVO, 23.2R2-EVO, 23.4R1-EVO, and all subsequent releases.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"The following software releases have been updated to resolve this specific issue: 21.2R3-S8-EVO, 21.4R3-S7-EVO, 22.2R3-S4-EVO, 22.3R3-S3-EVO, 22.4R3-S2-EVO, 23.2R2-EVO, 23.4R1-EVO, and all subsequent releases.\", \"base64\": false}]}], \"datePublic\": \"2026-04-08T16:00:00.000Z\", \"references\": [{\"url\": \"https://kb.juniper.net/JSA107806\", \"tags\": [\"vendor-advisory\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Use access lists or firewall filters to limit access to the CLI only from trusted hosts and administrators.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Use access lists or firewall filters to limit access to the CLI only from trusted hosts and administrators.\u003cbr\u003e\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-av217\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A Missing Authentication for Critical Function vulnerability in the Flexible PIC Concentrators (FPCs) of Juniper Networks Junos OS Evolved on PTX Series allows a local, authenticated attacker with low privileges to gain direct access to FPCs installed in the device.\\n\\nA local user with low privileges can gain direct access to the installed FPCs as a high privileged user, which can potentially lead to a full compromise of the affected component.\\n\\nThis issue affects\\u00a0Junos OS Evolved on PTX10004, PTX10008, PTX100016, with JNP10K-LC1201 or JNP10K-LC1202:\\n\\n\\n\\n\\n * All versions before 21.2R3-S8-EVO,\\n * 21.4-EVO versions before 21.4R3-S7-EVO,\\n * 22.2-EVO versions before 22.2R3-S4-EVO,\\n * 22.3-EVO versions before 22.3R3-S3-EVO,\\n * 22.4-EVO versions before 22.4R3-S2-EVO,\\n * 23.2-EVO versions before 23.2R2-EVO.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"A Missing Authentication for Critical Function vulnerability in the Flexible PIC Concentrators (FPCs) of Juniper Networks Junos OS Evolved on PTX Series allows a local, authenticated attacker with low privileges to gain direct access to FPCs installed in the device.\u003cbr\u003e\u003cbr\u003eA local user with low privileges can gain direct access to the installed FPCs as a high privileged user, which can potentially lead to a full compromise of the affected component.\u003cbr\u003e\u003cbr\u003e\u003cp\u003eThis issue affects\u0026nbsp;Junos OS Evolved on PTX10004, PTX10008, PTX100016, with JNP10K-LC1201 or JNP10K-LC1202:\u003cbr\u003e\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eAll versions before 21.2R3-S8-EVO,\u003c/li\u003e\u003cli\u003e21.4-EVO versions before 21.4R3-S7-EVO,\u003c/li\u003e\u003cli\u003e22.2-EVO versions before 22.2R3-S4-EVO,\u003c/li\u003e\u003cli\u003e22.3-EVO versions before 22.3R3-S3-EVO,\u003c/li\u003e\u003cli\u003e22.4-EVO versions before 22.4R3-S2-EVO,\u003c/li\u003e\u003cli\u003e23.2-EVO versions before 23.2R2-EVO.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-306\", \"description\": \"CWE-306 Missing Authentication for Critical Function\"}]}], \"providerMetadata\": {\"orgId\": \"8cbe9d5a-a066-4c94-8978-4b15efeae968\", \"shortName\": \"juniper\", \"dateUpdated\": \"2026-04-09T21:27:44.046Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-33788\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-04-13T13:04:16.251Z\", \"dateReserved\": \"2026-03-23T19:46:13.671Z\", \"assignerOrgId\": \"8cbe9d5a-a066-4c94-8978-4b15efeae968\", \"datePublished\": \"2026-04-09T21:27:44.046Z\", \"assignerShortName\": \"juniper\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
CERTFR-2026-AVI-0408
Vulnerability from certfr_avis - Published: 2026-04-09 - Updated: 2026-04-09
De multiples vulnérabilités ont été découvertes dans les produits Juniper Networks. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | N/A | Junos OS versions 24.2 antérieures à 24.2R2-S4 sur SRX Series et MX Series | ||
| Juniper Networks | N/A | Junos OS versions 24.4R2 antérieures à 24.4R2-S3 | ||
| Juniper Networks | N/A | Junos OS Evolved versions 23.4-EVO antérieures à 23.4R2-S8-EVO | ||
| Juniper Networks | N/A | Junos OS versions 22.4 antérieures à 22.4R3-S9 sur SRX Series | ||
| Juniper Networks | N/A | Junos OS Evolved versions 22.4R3 antérieures à 22.4R3-S8-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions antérieures à 21.2R3-S8-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202 | ||
| Juniper Networks | N/A | Junos OS versions 24.4R1 antérieures à 24.4R1-S3 | ||
| Juniper Networks | N/A | Junos OS Evolved versions 24.4R1-EVO antérieures à 24.4R1-S3-EVO | ||
| Juniper Networks | N/A | Junos OS versions 21.4 antérieures à 21.4R3-S12 sur SRX Series | ||
| Juniper Networks | N/A | Junos OS Evolved versions 21.4-EVO antérieures à 21.4R3-S7-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202 | ||
| Juniper Networks | N/A | Junos OS versions 23.4 antérieures à 23.4R2-S7 | ||
| Juniper Networks | N/A | Junos OS versions 24.2 antérieures à 24.2R2-S3 sur SRX Series | ||
| Juniper Networks | N/A | Junos OS versions antérieures à 23.2R2-S6 sur SRX Series et MX Series | ||
| Juniper Networks | N/A | Junos OS Evolved versions 22.3-EVO antérieures à 22.3R3-S3-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202 | ||
| Juniper Networks | N/A | Junos OS Evolved versions 22.4R3 antérieures à 22.4R3-S9-EVO sur PTX Series | ||
| Juniper Networks | N/A | Junos OS versions 23.4 antérieures à 23.4R2-S7 sur SRX Series | ||
| Juniper Networks | N/A | Junos OS versions 25.2R2 antérieures à 25.2R2 | ||
| Juniper Networks | N/A | Junos OS versions 25.2R1 antérieures à 25.2R1-S2 | ||
| Juniper Networks | N/A | Junos OS versions antérieures à 23.4R2-S7 sur SRX Series et MX Series | ||
| Juniper Networks | N/A | Junos OS versions 24.2R2 antérieures à 24.2R2-S4 | ||
| Juniper Networks | N/A | Junos OS versions 23.2 antérieures à 23.2R2-S6 sur SRX Series | ||
| Juniper Networks | N/A | Junos OS Evolved versions 25.2R2-EVO antérieures à 25.2R2-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions 24.2-EVO antérieures à 24.2R2-S4-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions 22.4-EVO antérieures à 22.4R3-S2-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202 | ||
| Juniper Networks | N/A | Junos OS versions 21.2R3 antérieures à 21.2R3-S10 sur SRX Series | ||
| Juniper Networks | N/A | Junos OS versions 22.4 antérieures à 22.4R3-S9 sur SRX Series et MX Series | ||
| Juniper Networks | N/A | Junos OS versions 25.2 antérieures à 25.2R2 sur SRX Series et MX Series | ||
| Juniper Networks | N/A | Junos OS Evolved versions 23.2-EVO antérieures à 23.2R2-S5-EVO | ||
| Juniper Networks | N/A | Junos OS versions 23.2R2 antérieures à 23.2R2-S7 | ||
| Juniper Networks | N/A | JSI vLWC versions antérieures à 3.0.94 | ||
| Juniper Networks | N/A | Junos OS Evolved versions 23.2-EVO antérieures à 23.2R2-S6-EVO sur PTX Series | ||
| Juniper Networks | N/A | Junos OS Evolved versions 23.2-EVO antérieures à 23.2R2-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202 | ||
| Juniper Networks | N/A | Junos OS versions 22.2 antérieures à 22.2R3-S8 sur SRX Series | ||
| Juniper Networks | N/A | Junos OS versions 22.4R3 antérieures à 22.4R3-S9 | ||
| Juniper Networks | N/A | Junos OS Evolved versions 25.2R1-EVO antérieures à 25.2R1-S2-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions 24.4R2-EVO antérieures à 24.4R2-S3-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions 22.2-EVO antérieures à 22.2R3-S4-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Junos OS versions 24.2 ant\u00e9rieures \u00e0 24.2R2-S4 sur SRX Series et MX Series",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 24.4R2 ant\u00e9rieures \u00e0 24.4R2-S3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 23.4-EVO ant\u00e9rieures \u00e0 23.4R2-S8-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 22.4 ant\u00e9rieures \u00e0 22.4R3-S9 sur SRX Series ",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 22.4R3 ant\u00e9rieures \u00e0 22.4R3-S8-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 21.2R3-S8-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 24.4R1 ant\u00e9rieures \u00e0 24.4R1-S3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 24.4R1-EVO ant\u00e9rieures \u00e0 24.4R1-S3-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 21.4 ant\u00e9rieures \u00e0 21.4R3-S12 sur SRX Series ",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 21.4-EVO ant\u00e9rieures \u00e0 21.4R3-S7-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 23.4 ant\u00e9rieures \u00e0 23.4R2-S7",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 24.2 ant\u00e9rieures \u00e0 24.2R2-S3 sur SRX Series ",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 23.2R2-S6 sur SRX Series et MX Series",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 22.3-EVO ant\u00e9rieures \u00e0 22.3R3-S3-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 22.4R3 ant\u00e9rieures \u00e0 22.4R3-S9-EVO sur PTX Series ",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 23.4 ant\u00e9rieures \u00e0 23.4R2-S7 sur SRX Series ",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 25.2R2 ant\u00e9rieures \u00e0 25.2R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 25.2R1 ant\u00e9rieures \u00e0 25.2R1-S2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 23.4R2-S7 sur SRX Series et MX Series",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 24.2R2 ant\u00e9rieures \u00e0 24.2R2-S4",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 23.2 ant\u00e9rieures \u00e0 23.2R2-S6 sur SRX Series ",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 25.2R2-EVO ant\u00e9rieures \u00e0 25.2R2-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 24.2-EVO ant\u00e9rieures \u00e0 24.2R2-S4-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 22.4-EVO ant\u00e9rieures \u00e0 22.4R3-S2-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 21.2R3 ant\u00e9rieures \u00e0 21.2R3-S10 sur SRX Series ",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 22.4 ant\u00e9rieures \u00e0 22.4R3-S9 sur SRX Series et MX Series",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 25.2 ant\u00e9rieures \u00e0 25.2R2 sur SRX Series et MX Series",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 23.2-EVO ant\u00e9rieures \u00e0 23.2R2-S5-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 23.2R2 ant\u00e9rieures \u00e0 23.2R2-S7",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": " JSI vLWC versions ant\u00e9rieures \u00e0 3.0.94",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 23.2-EVO ant\u00e9rieures \u00e0 23.2R2-S6-EVO sur PTX Series",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 23.2-EVO ant\u00e9rieures \u00e0 23.2R2-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 22.2 ant\u00e9rieures \u00e0 22.2R3-S8 sur SRX Series ",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 22.4R3 ant\u00e9rieures \u00e0 22.4R3-S9",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 25.2R1-EVO ant\u00e9rieures \u00e0 25.2R1-S2-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 24.4R2-EVO ant\u00e9rieures \u00e0 24.4R2-S3-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 22.2-EVO ant\u00e9rieures \u00e0 22.2R3-S4-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-33773",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33773"
},
{
"name": "CVE-2026-33785",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33785"
},
{
"name": "CVE-2026-33780",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33780"
},
{
"name": "CVE-2022-24805",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24805"
},
{
"name": "CVE-2026-21919",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21919"
},
{
"name": "CVE-2026-33771",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33771"
},
{
"name": "CVE-2025-30650",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30650"
},
{
"name": "CVE-2026-33797",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33797"
},
{
"name": "CVE-2026-33779",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33779"
},
{
"name": "CVE-2025-13914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13914"
},
{
"name": "CVE-2026-33784",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33784"
},
{
"name": "CVE-2026-33786",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33786"
},
{
"name": "CVE-2026-33776",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33776"
},
{
"name": "CVE-2026-21916",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21916"
},
{
"name": "CVE-2026-33781",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33781"
},
{
"name": "CVE-2026-33787",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33787"
},
{
"name": "CVE-2026-33778",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33778"
},
{
"name": "CVE-2026-33791",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33791"
},
{
"name": "CVE-2026-33790",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33790"
},
{
"name": "CVE-2026-33783",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33783"
},
{
"name": "CVE-2026-33774",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33774"
},
{
"name": "CVE-2026-33775",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33775"
},
{
"name": "CVE-2026-33788",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33788"
},
{
"name": "CVE-2026-33782",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33782"
},
{
"name": "CVE-2026-21915",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21915"
}
],
"initial_release_date": "2026-04-09T00:00:00",
"last_revision_date": "2026-04-09T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0408",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-04-09T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Juniper Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper Networks",
"vendor_advisories": [
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107868",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-SRX-Series-MX-Series-When-a-specifically-malformed-first-ISAKMP-packet-is-received-kmd-iked-crashes-CVE-2026-33778"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107864",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-CTP-OS-Configuring-password-requirements-does-not-work-which-permits-the-use-of-weak-passwords-CVE-2026-33771"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107863",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-Privileged-local-user-can-gain-access-to-a-Linux-based-FPC-as-root-CVE-2025-30650"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107823",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-SRX-Series-Insufficient-certificate-verification-for-device-to-SD-cloud-communication-CVE-2026-33779"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107822",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-CVE-2022-24805-resolved-in-net-SNMP"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107872",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-MX-Series-Missing-Authorization-for-specific-request-CLI-commands-in-a-JDM-CSDS-scenario-CVE-2026-33785"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107869",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-EX-Series-QFX-Series-In-a-VXLAN-scenario-when-specific-control-protocol-packets-are-received-memory-leaks-and-eventually-no-traffic-is-passed-CVE-2026-33781"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107821",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-MX-Series-Mismatch-between-configured-and-received-packet-types-causes-memory-leak-in-bbe-smgd-CVE-2026-33775"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107865",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-MX-Series-Firewall-filters-on-lo0-non-0-in-the-default-routing-instance-are-not-in-effect-CVE-2026-33774"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107810",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-SRX1600-SRX2300-SRX4300-When-a-specific-show-command-is-executed-chassisd-crashes-CVE-2026-33786"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107871",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-vLWC-Default-password-is-not-required-to-be-changed-which-allows-unauthorized-high-privileged-access-CVE-2026-33784"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107820",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-MX-Series-In-specific-DHCPv6-scenarios-jdhcpd-memory-increases-continuously-with-subscriber-logouts-CVE-2026-33782"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107815",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-EX-Series-QFX-Series-If-the-same-egress-filter-is-configured-on-both-an-IRB-and-a-physical-interface-one-of-those-is-not-applied-CVE-2026-33773"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA106019",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-A-high-frequency-of-connecting-and-disconnecting-netconf-sessions-causes-management-unavailability-CVE-2026-21919"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107850",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-An-attacker-sending-a-specific-genuine-BGP-packet-causes-a-BGP-reset-CVE-2026-33797"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107866",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Specific-low-privileged-CLI-command-exposes-sensitive-information-CVE-2026-33776"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107873",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-SRX1500-SRX4100-SRX4200-SRX4600-When-a-specific-show-command-is-executed-chassisd-crashes-CVE-2026-33787"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107874",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-SRX-Series-In-a-NAT64-configuration-receipt-of-a-specific-malformed-ICMPv6-packet-will-cause-the-srxpfe-process-to-crash-and-restart-CVE-2026-33790"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107875",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Execution-of-crafted-CLI-commands-allows-for-arbitrary-shell-injection-as-root-CVE-2026-33791"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107807",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-A-low-privileged-user-can-escalate-their-privileges-so-that-they-can-login-as-root-CVE-2026-21916"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107806",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-Evolved-Local-authenticated-attackers-can-gain-access-to-FPCs-CVE-2026-33788"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA106016",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-JSI-Virtual-Lightweight-Collector-Shell-escape-allows-privilege-escalation-to-root-CVE-2026-21915"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107819",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-an-EVPN-MPLS-scenario-churn-of-ESI-routes-causes-a-memory-leak-in-l2ald-CVE-2026-33780"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107862",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Apstra-SSH-host-key-validation-vulnerability-for-managed-devices-CVE-2025-13914"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107870",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-Evolved-PTX-Series-If-SRTE-tunnels-provisioned-via-PCEP-are-present-and-specific-gRPC-queries-are-received-evo-aftman-crashes-CVE-2026-33783"
}
]
}
FKIE_CVE-2026-33788
Vulnerability from fkie_nvd - Published: 2026-04-09 22:16 - Updated: 2026-04-13 15:02
Severity ?
Summary
A Missing Authentication for Critical Function vulnerability in the Flexible PIC Concentrators (FPCs) of Juniper Networks Junos OS Evolved on PTX Series allows a local, authenticated attacker with low privileges to gain direct access to FPCs installed in the device.
A local user with low privileges can gain direct access to the installed FPCs as a high privileged user, which can potentially lead to a full compromise of the affected component.
This issue affects Junos OS Evolved on PTX10004, PTX10008, PTX100016, with JNP10K-LC1201 or JNP10K-LC1202:
* All versions before 21.2R3-S8-EVO,
* 21.4-EVO versions before 21.4R3-S7-EVO,
* 22.2-EVO versions before 22.2R3-S4-EVO,
* 22.3-EVO versions before 22.3R3-S3-EVO,
* 22.4-EVO versions before 22.4R3-S2-EVO,
* 23.2-EVO versions before 23.2R2-EVO.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Missing Authentication for Critical Function vulnerability in the Flexible PIC Concentrators (FPCs) of Juniper Networks Junos OS Evolved on PTX Series allows a local, authenticated attacker with low privileges to gain direct access to FPCs installed in the device.\n\nA local user with low privileges can gain direct access to the installed FPCs as a high privileged user, which can potentially lead to a full compromise of the affected component.\n\nThis issue affects\u00a0Junos OS Evolved on PTX10004, PTX10008, PTX100016, with JNP10K-LC1201 or JNP10K-LC1202:\n\n\n\n\n * All versions before 21.2R3-S8-EVO,\n * 21.4-EVO versions before 21.4R3-S7-EVO,\n * 22.2-EVO versions before 22.2R3-S4-EVO,\n * 22.3-EVO versions before 22.3R3-S3-EVO,\n * 22.4-EVO versions before 22.4R3-S2-EVO,\n * 23.2-EVO versions before 23.2R2-EVO."
}
],
"id": "CVE-2026-33788",
"lastModified": "2026-04-13T15:02:27.760",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "sirt@juniper.net",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "YES",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:X/RE:M/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"source": "sirt@juniper.net",
"type": "Secondary"
}
]
},
"published": "2026-04-09T22:16:28.593",
"references": [
{
"source": "sirt@juniper.net",
"url": "https://kb.juniper.net/JSA107806"
}
],
"sourceIdentifier": "sirt@juniper.net",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "sirt@juniper.net",
"type": "Primary"
}
]
}
GHSA-W5Q7-9FQR-F6HX
Vulnerability from github – Published: 2026-04-10 00:30 – Updated: 2026-04-10 00:30
VLAI?
Details
A Missing Authentication for Critical Function vulnerability in the Flexible PIC Concentrators (FPCs) of Juniper Networks Junos OS Evolved on PTX Series allows a local, authenticated attacker with low privileges to gain direct access to FPCs installed in the device.
A local user with low privileges can gain direct access to the installed FPCs as a high privileged user, which can potentially lead to a full compromise of the affected component.
This issue affects Junos OS Evolved on PTX10004, PTX10008, PTX100016, with JNP10K-LC1201 or JNP10K-LC1202:
- All versions before 21.2R3-S8-EVO,
- 21.4-EVO versions before 21.4R3-S7-EVO,
- 22.2-EVO versions before 22.2R3-S4-EVO,
- 22.3-EVO versions before 22.3R3-S3-EVO,
- 22.4-EVO versions before 22.4R3-S2-EVO,
- 23.2-EVO versions before 23.2R2-EVO.
Severity ?
{
"affected": [],
"aliases": [
"CVE-2026-33788"
],
"database_specific": {
"cwe_ids": [
"CWE-306"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-09T22:16:28Z",
"severity": "HIGH"
},
"details": "A Missing Authentication for Critical Function vulnerability in the Flexible PIC Concentrators (FPCs) of Juniper Networks Junos OS Evolved on PTX Series allows a local, authenticated attacker with low privileges to gain direct access to FPCs installed in the device.\n\nA local user with low privileges can gain direct access to the installed FPCs as a high privileged user, which can potentially lead to a full compromise of the affected component.\n\nThis issue affects\u00a0Junos OS Evolved on PTX10004, PTX10008, PTX100016, with JNP10K-LC1201 or JNP10K-LC1202:\n\n\n\n\n * All versions before 21.2R3-S8-EVO,\n * 21.4-EVO versions before 21.4R3-S7-EVO,\n * 22.2-EVO versions before 22.2R3-S4-EVO,\n * 22.3-EVO versions before 22.3R3-S3-EVO,\n * 22.4-EVO versions before 22.4R3-S2-EVO,\n * 23.2-EVO versions before 23.2R2-EVO.",
"id": "GHSA-w5q7-9fqr-f6hx",
"modified": "2026-04-10T00:30:29Z",
"published": "2026-04-10T00:30:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33788"
},
{
"type": "WEB",
"url": "https://kb.juniper.net/JSA107806"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:X/RE:M/U:X",
"type": "CVSS_V4"
}
]
}
NCSC-2026-0108
Vulnerability from csaf_ncscnl - Published: 2026-04-10 12:06 - Updated: 2026-04-10 12:06Summary
Kwetsbaarheid verholpen in Juniper Networks Junos OS Evolved
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten: Juniper heeft een kwetsbaarheid verholpen in Junos OS Evolved draaiend op PTX Series apparaten.
Interpretaties: Een kwaadwillende kan deze kwetsbaarheid misbruiken om zijn rechten te verhogen. De kwetsbaarheid zit in de Flexible PIC Concentrators (FPC’s) van Juniper Networks Junos OS Evolved op PTX-systemen. De kwetsbaarheid kan leiden tot volledige compromittering van de Flexible PIC Concentrator component. De oorzaak ligt in onvoldoende access controls binnen de Junos OS Evolved omgeving op PTX Series hardware.
Oplossingen: Juniper heeft patches uitgebracht om de kwetsbaarheid te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans: medium
Schade: high
CWE-306: Missing Authentication for Critical Function
A missing authentication vulnerability in Juniper Networks Junos OS Evolved on PTX Series allows low-privileged local users to gain high-privileged access to Flexible PIC Concentrators, risking full component compromise.
7.8 (High)
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Juniper Networks / Junos OS Evolved
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / PTX100016
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / PTX10004
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / PTX10008
|
vers:unknown/* |
References
2 references
| URL | Category |
|---|---|
| https://supportportal.juniper.net/s/article/2026-… | external |
| https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-… | self |
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Juniper heeft een kwetsbaarheid verholpen in Junos OS Evolved draaiend op PTX Series apparaten.",
"title": "Feiten"
},
{
"category": "description",
"text": "Een kwaadwillende kan deze kwetsbaarheid misbruiken om zijn rechten te verhogen. De kwetsbaarheid zit in de Flexible PIC Concentrators (FPC\u2019s) van Juniper Networks Junos OS Evolved op PTX-systemen. De kwetsbaarheid kan leiden tot volledige compromittering van de Flexible PIC Concentrator component. De oorzaak ligt in onvoldoende access controls binnen de Junos OS Evolved omgeving op PTX Series hardware.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Juniper heeft patches uitgebracht om de kwetsbaarheid te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Missing Authentication for Critical Function",
"title": "CWE-306"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-Evolved-Local-authenticated-attackers-can-gain-access-to-FPCs-CVE-2026-33788"
}
],
"title": "Kwetsbaarheid verholpen in Juniper Networks Junos OS Evolved",
"tracking": {
"current_release_date": "2026-04-10T12:06:13.479822Z",
"generator": {
"date": "2025-08-04T16:30:00Z",
"engine": {
"name": "V.A.",
"version": "1.3"
}
},
"id": "NCSC-2026-0108",
"initial_release_date": "2026-04-10T12:06:13.479822Z",
"revision_history": [
{
"date": "2026-04-10T12:06:13.479822Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-1"
}
}
],
"category": "product_name",
"name": "Junos OS Evolved"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-2"
}
}
],
"category": "product_name",
"name": "PTX100016"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-3"
}
}
],
"category": "product_name",
"name": "PTX10004"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-4"
}
}
],
"category": "product_name",
"name": "PTX10008"
}
],
"category": "vendor",
"name": "Juniper Networks"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-33788",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"notes": [
{
"category": "other",
"text": "Missing Authentication for Critical Function",
"title": "CWE-306"
},
{
"category": "description",
"text": "A missing authentication vulnerability in Juniper Networks Junos OS Evolved on PTX Series allows low-privileged local users to gain high-privileged access to Flexible PIC Concentrators, risking full component compromise.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:L/AU:Y/R:U/RE:M",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-33788 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-33788.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4"
]
}
],
"title": "CVE-2026-33788"
}
]
}
WID-SEC-W-2026-1022
Vulnerability from csaf_certbund - Published: 2026-04-08 22:00 - Updated: 2026-04-09 22:00Summary
Juniper Patchday April 2026: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Juniper Apstra (ehemals bekannt als AOS) automatisiert alle Aspekte der Rechnzentrums-Netzwerkplanung, des Aufbaus, der Bereitstellung und des Betriebs.
JUNOS ist das "Juniper Network Operating System", das in Juniper Appliances verwendet wird.
Die Switches der QFX-Serie von Juniper sichern und automatisieren Netzwerke in Rechenzentren.
Die Juniper MX-Serie ist eine Produktfamilie von Routern.
SRX Series Services Gateways ist ein Next-Generation Anti-Threat Firewall von Juniper.
Junos Space ist eine Software-Plattform, die eine Reihe von Applikationen für das Netzwerkmanagement beinhaltet.
Angriff: Ein Angreifer kann mehrere Schwachstellen in Juniper Apstra, Junos OS, Junos OS Evolved und Junos Space ausnutzen, um erweiterte Berechtigungen – sogar Root-Rechte – zu erlangen, beliebigen Code auszuführen – auch mit erweiterten Berechtigungen –, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, Cross-Site-Scripting-Angriffe durchzuführen oder Daten zu manipulieren.
Betroffene Betriebssysteme: - Sonstiges
- UNIX
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <24.1R5 Patch V3
Juniper / Junos Space
|
<24.1R5 Patch V3 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Apstra <6.1.1
Juniper / Apstra
|
<6.1.1 |
References
31 references
| URL | Category |
|---|---|
| https://wid.cert-bund.de/.well-known/csaf/white/2… | self |
| https://wid.cert-bund.de/portal/wid/securityadvis… | self |
| https://supportportal.juniper.net/s/global-search… | external |
| https://supportportal.juniper.net/s/article/2026-… | external |
| https://supportportal.juniper.net/s/article/2026-… | external |
| https://supportportal.juniper.net/s/article/2026-… | external |
| https://supportportal.juniper.net/s/article/2026-… | external |
| https://supportportal.juniper.net/s/article/2026-… | external |
| https://supportportal.juniper.net/s/article/2026-… | external |
| https://supportportal.juniper.net/s/article/2026-… | external |
| https://supportportal.juniper.net/s/article/2026-… | external |
| https://supportportal.juniper.net/s/article/2026-… | external |
| https://supportportal.juniper.net/s/article/2026-… | external |
| https://supportportal.juniper.net/s/article/2026-… | external |
| https://supportportal.juniper.net/s/article/2026-… | external |
| https://supportportal.juniper.net/s/article/2026-… | external |
| https://supportportal.juniper.net/s/article/2026-… | external |
| https://supportportal.juniper.net/s/article/2026-… | external |
| https://supportportal.juniper.net/s/article/2026-… | external |
| https://supportportal.juniper.net/s/article/2026-… | external |
| https://supportportal.juniper.net/s/article/2026-… | external |
| https://supportportal.juniper.net/s/article/2026-… | external |
| https://supportportal.juniper.net/s/article/2026-… | external |
| https://supportportal.juniper.net/s/article/2026-… | external |
| https://supportportal.juniper.net/s/article/2026-… | external |
| https://supportportal.juniper.net/s/article/2026-… | external |
| https://supportportal.juniper.net/s/article/2026-… | external |
| https://supportportal.juniper.net/s/article/2026-… | external |
| https://supportportal.juniper.net/s/article/2026-… | external |
| https://supportportal.juniper.net/s/article/2026-… | external |
| https://supportportal.juniper.net/s/article/2026-… | external |
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Juniper Apstra (ehemals bekannt als AOS) automatisiert alle Aspekte der Rechnzentrums-Netzwerkplanung, des Aufbaus, der Bereitstellung und des Betriebs.\r\nJUNOS ist das \"Juniper Network Operating System\", das in Juniper Appliances verwendet wird.\r\nDie Switches der QFX-Serie von Juniper sichern und automatisieren Netzwerke in Rechenzentren. \r\nDie Juniper MX-Serie ist eine Produktfamilie von Routern.\r\nSRX Series Services Gateways ist ein Next-Generation Anti-Threat Firewall von Juniper.\r\nJunos Space ist eine Software-Plattform, die eine Reihe von Applikationen f\u00fcr das Netzwerkmanagement beinhaltet.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Juniper Apstra, Junos OS, Junos OS Evolved und Junos Space ausnutzen, um erweiterte Berechtigungen \u2013 sogar Root-Rechte \u2013 zu erlangen, beliebigen Code auszuf\u00fchren \u2013 auch mit erweiterten Berechtigungen \u2013, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, Cross-Site-Scripting-Angriffe durchzuf\u00fchren oder Daten zu manipulieren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-1022 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1022.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-1022 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1022"
},
{
"category": "external",
"summary": "Juniper Patchday April 2026 vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/global-search/%40uri#sortCriteria=date%20descending\u0026f-sf_primarysourcename=Knowledge\u0026f-sf_articletype=Security%20Advisories\u0026numberOfResults=100"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Apstra: SSH host key validation vulnerability for managed devices (CVE-2025-13914) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Apstra-SSH-host-key-validation-vulnerability-for-managed-devices-CVE-2025-13914"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - CTP OS: Configuring password requirements does not work which permits the use of weak passwords (CVE-2026-33771) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-CTP-OS-Configuring-password-requirements-does-not-work-which-permits-the-use-of-weak-passwords-CVE-2026-33771"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - JSI Virtual Lightweight Collector: Shell escape allows privilege escalation to root (CVE-2026-21915) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-JSI-Virtual-Lightweight-Collector-Shell-escape-allows-privilege-escalation-to-root-CVE-2026-21915"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS and Junos OS Evolved: A high frequency of connecting and disconnecting netconf sessions causes management unavailability (CVE-2026-21919) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-A-high-frequency-of-connecting-and-disconnecting-netconf-sessions-causes-management-unavailability-CVE-2026-21919"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS and Junos OS Evolved: An attacker sending a specific genuine BGP packet causes a BGP reset (CVE-2026-33797) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-An-attacker-sending-a-specific-genuine-BGP-packet-causes-a-BGP-reset-CVE-2026-33797"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS and Junos OS Evolved: CVE-2022-24805 resolved in net-SNMP vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-CVE-2022-24805-resolved-in-net-SNMP"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS and Junos OS Evolved: Execution of crafted CLI commands allows for arbitrary shell injection as root (CVE-2026-33791) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Execution-of-crafted-CLI-commands-allows-for-arbitrary-shell-injection-as-root-CVE-2026-33791"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS and Junos OS Evolved: In an EVPN-MPLS scenario churn of ESI routes causes a memory leak in l2ald (CVE-2026-33780) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-an-EVPN-MPLS-scenario-churn-of-ESI-routes-causes-a-memory-leak-in-l2ald-CVE-2026-33780"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS and Junos OS Evolved: Specific low privileged CLI command exposes sensitive information (CVE-2026-33776) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Specific-low-privileged-CLI-command-exposes-sensitive-information-CVE-2026-33776"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS and Junos OS Evolved: When an unsigned Python op script configuration is present, a local low privileged user can compromise the system (CVE-2026-33793) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-When-an-unsigned-Python-op-script-configuration-is-present-a-local-low-privileged-user-can-compromise-the-system-CVE-2026-33793"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS Evolved: Local, authenticated attackers can gain access to FPCs (CVE-2026-33788) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-Evolved-Local-authenticated-attackers-can-gain-access-to-FPCs-CVE-2026-33788"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS Evolved: PTX Series: If SRTE tunnels provisioned via PCEP are present and specific gRPC queries are received evo-aftman crashes (CVE-2026-33783) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-Evolved-PTX-Series-If-SRTE-tunnels-provisioned-via-PCEP-are-present-and-specific-gRPC-queries-are-received-evo-aftman-crashes-CVE-2026-33783"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS Evolved: QFX5000 Series and PTX Series: An attacker sending crafted multicast packets will cause evo-aftmand / evo-pfemand to crash and restart (CVE-2025-59969) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-Evolved-QFX5000-Series-and-PTX-Series-An-attacker-sending-crafted-multicast-packets-will-cause-evo-aftmand-evo-pfemand-to-crash-and-restart-CVE-2025-59969"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS: A low privileged user can escalate their privileges so that they can login as root (CVE-2026-21916) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-A-low-privileged-user-can-escalate-their-privileges-so-that-they-can-login-as-root-CVE-2026-21916"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS: EX Series, QFX Series: If the same egress filter is configured on both an IRB and a physical interface one of those is not applied (CVE-2026-33773) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-EX-Series-QFX-Series-If-the-same-egress-filter-is-configured-on-both-an-IRB-and-a-physical-interface-one-of-those-is-not-applied-CVE-2026-33773"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS: EX Series, QFX Series: In a VXLAN scenario when specific control protocol packets are received, memory leaks and eventually no traffic is passed (CVE-2026-33781) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-EX-Series-QFX-Series-In-a-VXLAN-scenario-when-specific-control-protocol-packets-are-received-memory-leaks-and-eventually-no-traffic-is-passed-CVE-2026-33781"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS: MX Series: Firewall filters on lo0. in the default routing instance are not in effect (CVE-2026-33774) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-MX-Series-Firewall-filters-on-lo0-non-0-in-the-default-routing-instance-are-not-in-effect-CVE-2026-33774"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS: MX Series: In specific DHCPv6 scenarios jdhcpd memory increases continuously with subscriber logouts (CVE-2026-33782) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-MX-Series-In-specific-DHCPv6-scenarios-jdhcpd-memory-increases-continuously-with-subscriber-logouts-CVE-2026-33782"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS: MX Series: Mismatch between configured and received packet types causes memory leak in bbe-smgd (CVE-2026-33775) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-MX-Series-Mismatch-between-configured-and-received-packet-types-causes-memory-leak-in-bbe-smgd-CVE-2026-33775"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS: MX Series: Missing Authorization for specific \u0027request\u0027 CLI commands in a JDM/CSDS scenario (CVE-2026-33785) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-MX-Series-Missing-Authorization-for-specific-request-CLI-commands-in-a-JDM-CSDS-scenario-CVE-2026-33785"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS: Privileged local user can gain access to a Linux-based FPC as root (CVE-2025-30650) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-Privileged-local-user-can-gain-access-to-a-Linux-based-FPC-as-root-CVE-2025-30650"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS: SRX Series, MX Series: When a specifically malformed first ISAKMP packet is received kmd/iked crashes (CVE-2026-33778) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-SRX-Series-MX-Series-When-a-specifically-malformed-first-ISAKMP-packet-is-received-kmd-iked-crashes-CVE-2026-33778"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS: SRX Series: In a NAT64 configuration, receipt of a specific, malformed ICMPv6 packet will cause the srxpfe process to crash and restart. (CVE-2026-33790) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-SRX-Series-In-a-NAT64-configuration-receipt-of-a-specific-malformed-ICMPv6-packet-will-cause-the-srxpfe-process-to-crash-and-restart-CVE-2026-33790"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS: SRX Series: Insufficient certificate verification for device to SD cloud communication (CVE-2026-33779) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-SRX-Series-Insufficient-certificate-verification-for-device-to-SD-cloud-communication-CVE-2026-33779"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS: SRX1500, SRX4100, SRX4200, SRX4600: When a specific show command is executed chassisd crashes (CVE-2026-33787) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-SRX1500-SRX4100-SRX4200-SRX4600-When-a-specific-show-command-is-executed-chassisd-crashes-CVE-2026-33787"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS: SRX1600, SRX2300, SRX4300: When a specific show command is executed chassisd crashes (CVE-2026-33786) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-SRX1600-SRX2300-SRX4300-When-a-specific-show-command-is-executed-chassisd-crashes-CVE-2026-33786"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos Space: ilpFilter field on nLegacy.jsp is vulnerable to reflected cross-site script injection (CVE-2026-21904) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-Space-ilpFilter-field-on-nLegacy-jsp-is-vulnerable-to-reflected-cross-site-script-injection-CVE-2026-21904"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - vLWC: Default password is not required to be changed which allows unauthorized high-privileged access (CVE-2026-33784) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-vLWC-Default-password-is-not-required-to-be-changed-which-allows-unauthorized-high-privileged-access-CVE-2026-33784"
}
],
"source_lang": "en-US",
"title": "Juniper Patchday April 2026: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-04-09T22:00:00.000+00:00",
"generator": {
"date": "2026-04-10T07:05:13.126+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2026-1022",
"initial_release_date": "2026-04-08T22:00:00.000+00:00",
"revision_history": [
{
"date": "2026-04-08T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-04-09T22:00:00.000+00:00",
"number": "2",
"summary": "Referenz(en) aufgenommen: EUVD-2026-21088, EUVD-2026-21086, EUVD-2026-21091, EUVD-2026-21090, EUVD-2026-21085, EUVD-2026-21092, EUVD-2026-21080, EUVD-2026-21082, EUVD-2026-21078, EUVD-2026-21077, EUVD-2025-209396, EUVD-2026-21095, EUVD-2026-21206, EUVD-2026-21205, EUVD-2026-21204, EUVD-2026-21203, EUVD-2026-21201, EUVD-2026-21199, EUVD-2026-21197, EUVD-2026-21196, EUVD-2026-21195, EUVD-2025-209397, EUVD-2026-21093, EUVD-2026-21207, EUVD-2026-21193, EUVD-2026-21208"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.1.1",
"product": {
"name": "Juniper Apstra \u003c6.1.1",
"product_id": "T052563"
}
},
{
"category": "product_version",
"name": "6.1.1",
"product": {
"name": "Juniper Apstra 6.1.1",
"product_id": "T052563-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:juniper:apstra:6.1.1"
}
}
}
],
"category": "product_name",
"name": "Apstra"
},
{
"branches": [
{
"category": "product_version",
"name": "OS",
"product": {
"name": "Juniper JUNOS OS",
"product_id": "T052565",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:os"
}
}
},
{
"category": "product_version",
"name": "OS Evolved",
"product": {
"name": "Juniper JUNOS OS Evolved",
"product_id": "T052566",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:os_evolved"
}
}
}
],
"category": "product_name",
"name": "JUNOS"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c24.1R5 Patch V3",
"product": {
"name": "Juniper Junos Space \u003c24.1R5 Patch V3",
"product_id": "T052571"
}
},
{
"category": "product_version",
"name": "24.1R5 Patch V3",
"product": {
"name": "Juniper Junos Space 24.1R5 Patch V3",
"product_id": "T052571-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:juniper:junos_space:24.1r5_patch_v3"
}
}
}
],
"category": "product_name",
"name": "Junos Space"
},
{
"category": "product_name",
"name": "Juniper MX Series",
"product": {
"name": "Juniper MX Series",
"product_id": "T052568",
"product_identification_helper": {
"cpe": "cpe:/h:juniper:mx:-"
}
}
},
{
"category": "product_name",
"name": "Juniper QFX Series",
"product": {
"name": "Juniper QFX Series",
"product_id": "T052567",
"product_identification_helper": {
"cpe": "cpe:/h:juniper:qfx:os_evolved"
}
}
},
{
"category": "product_name",
"name": "Juniper SRX Series",
"product": {
"name": "Juniper SRX Series",
"product_id": "T052569",
"product_identification_helper": {
"cpe": "cpe:/h:juniper:srx_service_gateways:-"
}
}
}
],
"category": "vendor",
"name": "Juniper"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-24805",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2022-24805"
},
{
"cve": "CVE-2025-30650",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2025-30650"
},
{
"cve": "CVE-2025-59969",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2025-59969"
},
{
"cve": "CVE-2026-21915",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-21915"
},
{
"cve": "CVE-2026-21916",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-21916"
},
{
"cve": "CVE-2026-21919",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-21919"
},
{
"cve": "CVE-2026-33771",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-33771"
},
{
"cve": "CVE-2026-33773",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-33773"
},
{
"cve": "CVE-2026-33774",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-33774"
},
{
"cve": "CVE-2026-33775",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-33775"
},
{
"cve": "CVE-2026-33776",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-33776"
},
{
"cve": "CVE-2026-33778",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-33778"
},
{
"cve": "CVE-2026-33779",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-33779"
},
{
"cve": "CVE-2026-33780",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-33780"
},
{
"cve": "CVE-2026-33781",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-33781"
},
{
"cve": "CVE-2026-33782",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-33782"
},
{
"cve": "CVE-2026-33783",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-33783"
},
{
"cve": "CVE-2026-33784",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-33784"
},
{
"cve": "CVE-2026-33785",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-33785"
},
{
"cve": "CVE-2026-33786",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-33786"
},
{
"cve": "CVE-2026-33787",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-33787"
},
{
"cve": "CVE-2026-33788",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-33788"
},
{
"cve": "CVE-2026-33790",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-33790"
},
{
"cve": "CVE-2026-33791",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-33791"
},
{
"cve": "CVE-2026-33793",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-33793"
},
{
"cve": "CVE-2026-33797",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-33797"
},
{
"cve": "CVE-2026-21904",
"product_status": {
"known_affected": [
"T052571"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-21904"
},
{
"cve": "CVE-2025-13914",
"product_status": {
"known_affected": [
"T052563"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2025-13914"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…