Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-52987 (GCVE-0-2025-52987)
Vulnerability from cvelistv5 – Published: 2026-01-15 20:10 – Updated: 2026-01-16 17:15
VLAI?
EPSS
Title
Paragon Automation: A clickjacking vulnerability in the web server configuration has been addressed
Summary
A clickjacking vulnerability exists in the web portal of Juniper Networks Paragon Automation (Pathfinder, Planner, Insights) due to the application's failure to set appropriate X-Frame-Options and X-Content-Type HTTP headers. This vulnerability allows an attacker to trick users into interacting with the interface under the attacker's control.
This issue affects all versions of Paragon Automation (Pathfinder, Planner, Insights) before 24.1.1.
Severity ?
CWE
- CWE-1021 - Improper Restriction of Rendered UI Layers or Frames
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://supportportal.juniper.net/ | vendor-advisory |
| https://kb.juniper.net/JSA103145 | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Juniper Networks | Paragon Automation (Pathfinder, Planner, Insights) |
Affected:
0 , < 24.1.1
(semver)
|
Date Public ?
2026-01-14 17:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-52987",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-16T17:15:04.101708Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-16T17:15:12.022Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Paragon Automation (Pathfinder, Planner, Insights)",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "24.1.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2026-01-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA clickjacking vulnerability exists in the web portal of Juniper Networks Paragon Automation (Pathfinder, Planner, Insights) due to the application\u0027s failure to set appropriate X-Frame-Options and X-Content-Type HTTP headers. This vulnerability allows an attacker to trick users into interacting with the interface under the attacker\u0027s control.\u0026nbsp;\u003c/p\u003e\u003cp\u003eThis issue affects all versions of Paragon Automation (Pathfinder, Planner, Insights) before 24.1.1.\u003c/p\u003e"
}
],
"value": "A clickjacking vulnerability exists in the web portal of Juniper Networks Paragon Automation (Pathfinder, Planner, Insights) due to the application\u0027s failure to set appropriate X-Frame-Options and X-Content-Type HTTP headers. This vulnerability allows an attacker to trick users into interacting with the interface under the attacker\u0027s control.\u00a0\n\nThis issue affects all versions of Paragon Automation (Pathfinder, Planner, Insights) before 24.1.1."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/RE:M",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1021",
"description": "CWE-1021 Improper Restriction of Rendered UI Layers or Frames",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-15T20:10:44.846Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://supportportal.juniper.net/"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.juniper.net/JSA103145"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The following software releases have been updated to resolve this specific issue:\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e24.1.1\u003c/span\u003e, and all subsequent releases."
}
],
"value": "The following software releases have been updated to resolve this specific issue:\u00a024.1.1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA103145",
"defect": [
"DV-6555"
],
"discovery": "USER"
},
"title": "Paragon Automation: A clickjacking vulnerability in the web server configuration has been addressed",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "There are no known workarounds for this issue."
}
],
"value": "There are no known workarounds for this issue."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2025-52987",
"datePublished": "2026-01-15T20:10:44.846Z",
"dateReserved": "2025-06-23T18:23:44.546Z",
"dateUpdated": "2026-01-16T17:15:12.022Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-52987",
"date": "2026-05-22",
"epss": "9e-05",
"percentile": "0.00869"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-52987\",\"sourceIdentifier\":\"sirt@juniper.net\",\"published\":\"2026-01-15T21:16:02.653\",\"lastModified\":\"2026-01-26T18:01:01.997\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A clickjacking vulnerability exists in the web portal of Juniper Networks Paragon Automation (Pathfinder, Planner, Insights) due to the application\u0027s failure to set appropriate X-Frame-Options and X-Content-Type HTTP headers. This vulnerability allows an attacker to trick users into interacting with the interface under the attacker\u0027s control.\u00a0\\n\\nThis issue affects all versions of Paragon Automation (Pathfinder, Planner, Insights) before 24.1.1.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:M/U:X\",\"baseScore\":5.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"ACTIVE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"NONE\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"LOW\",\"subIntegrityImpact\":\"LOW\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"MODERATE\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}]},\"weaknesses\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1021\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:juniper:paragon_automation:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"24.1.1\",\"matchCriteriaId\":\"6E0B7E88-1016-4ED6-86C3-B60B6D8CE501\"}]}]}],\"references\":[{\"url\":\"https://kb.juniper.net/JSA103145\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://supportportal.juniper.net/\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Permissions Required\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-52987\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-01-16T17:15:04.101708Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-01-16T17:15:09.231Z\"}}], \"cna\": {\"title\": \"Paragon Automation: A clickjacking vulnerability in the web server configuration has been addressed\", \"source\": {\"defect\": [\"DV-6555\"], \"advisory\": \"JSA103145\", \"discovery\": \"USER\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 6.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}, {\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 5.1, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/RE:M\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"ACTIVE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"LOW\", \"vulnIntegrityImpact\": \"NONE\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"LOW\", \"vulnConfidentialityImpact\": \"NONE\", \"vulnerabilityResponseEffort\": \"MODERATE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Juniper Networks\", \"product\": \"Paragon Automation (Pathfinder, Planner, Insights)\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"24.1.1\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\", \"base64\": false}]}], \"solutions\": [{\"lang\": \"en\", \"value\": \"The following software releases have been updated to resolve this specific issue:\\u00a024.1.1, and all subsequent releases.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"The following software releases have been updated to resolve this specific issue:\u0026nbsp;\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003e24.1.1\u003c/span\u003e, and all subsequent releases.\", \"base64\": false}]}], \"datePublic\": \"2026-01-14T17:00:00.000Z\", \"references\": [{\"url\": \"https://supportportal.juniper.net/\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://kb.juniper.net/JSA103145\", \"tags\": [\"vendor-advisory\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"There are no known workarounds for this issue.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"There are no known workarounds for this issue.\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A clickjacking vulnerability exists in the web portal of Juniper Networks Paragon Automation (Pathfinder, Planner, Insights) due to the application\u0027s failure to set appropriate X-Frame-Options and X-Content-Type HTTP headers. This vulnerability allows an attacker to trick users into interacting with the interface under the attacker\u0027s control.\\u00a0\\n\\nThis issue affects all versions of Paragon Automation (Pathfinder, Planner, Insights) before 24.1.1.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eA clickjacking vulnerability exists in the web portal of Juniper Networks Paragon Automation (Pathfinder, Planner, Insights) due to the application\u0027s failure to set appropriate X-Frame-Options and X-Content-Type HTTP headers. This vulnerability allows an attacker to trick users into interacting with the interface under the attacker\u0027s control.\u0026nbsp;\u003c/p\u003e\u003cp\u003eThis issue affects all versions of Paragon Automation (Pathfinder, Planner, Insights) before 24.1.1.\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-1021\", \"description\": \"CWE-1021 Improper Restriction of Rendered UI Layers or Frames\"}]}], \"providerMetadata\": {\"orgId\": \"8cbe9d5a-a066-4c94-8978-4b15efeae968\", \"shortName\": \"juniper\", \"dateUpdated\": \"2026-01-15T20:10:44.846Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-52987\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-01-16T17:15:12.022Z\", \"dateReserved\": \"2025-06-23T18:23:44.546Z\", \"assignerOrgId\": \"8cbe9d5a-a066-4c94-8978-4b15efeae968\", \"datePublished\": \"2026-01-15T20:10:44.846Z\", \"assignerShortName\": \"juniper\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
FKIE_CVE-2025-52987
Vulnerability from fkie_nvd - Published: 2026-01-15 21:16 - Updated: 2026-01-26 18:01
Severity ?
Summary
A clickjacking vulnerability exists in the web portal of Juniper Networks Paragon Automation (Pathfinder, Planner, Insights) due to the application's failure to set appropriate X-Frame-Options and X-Content-Type HTTP headers. This vulnerability allows an attacker to trick users into interacting with the interface under the attacker's control.
This issue affects all versions of Paragon Automation (Pathfinder, Planner, Insights) before 24.1.1.
References
| URL | Tags | ||
|---|---|---|---|
| sirt@juniper.net | https://kb.juniper.net/JSA103145 | Vendor Advisory | |
| sirt@juniper.net | https://supportportal.juniper.net/ | Permissions Required |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| juniper | paragon_automation | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:juniper:paragon_automation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6E0B7E88-1016-4ED6-86C3-B60B6D8CE501",
"versionEndExcluding": "24.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A clickjacking vulnerability exists in the web portal of Juniper Networks Paragon Automation (Pathfinder, Planner, Insights) due to the application\u0027s failure to set appropriate X-Frame-Options and X-Content-Type HTTP headers. This vulnerability allows an attacker to trick users into interacting with the interface under the attacker\u0027s control.\u00a0\n\nThis issue affects all versions of Paragon Automation (Pathfinder, Planner, Insights) before 24.1.1."
},
{
"lang": "es",
"value": "Una vulnerabilidad de clickjacking existe en el portal web de Juniper Networks Paragon Automation (Pathfinder, Planner, Insights) debido a que la aplicaci\u00f3n no establece los encabezados HTTP X-Frame-Options y X-Content-Type adecuados. Esta vulnerabilidad permite a un atacante enga\u00f1ar a los usuarios para que interact\u00faen con la interfaz bajo el control del atacante.\n\nEste problema afecta a todas las versiones de Paragon Automation (Pathfinder, Planner, Insights) anteriores a la 24.1.1."
}
],
"id": "CVE-2025-52987",
"lastModified": "2026-01-26T18:01:01.997",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "sirt@juniper.net",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:M/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "MODERATE"
},
"source": "sirt@juniper.net",
"type": "Secondary"
}
]
},
"published": "2026-01-15T21:16:02.653",
"references": [
{
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA103145"
},
{
"source": "sirt@juniper.net",
"tags": [
"Permissions Required"
],
"url": "https://supportportal.juniper.net/"
}
],
"sourceIdentifier": "sirt@juniper.net",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-1021"
}
],
"source": "sirt@juniper.net",
"type": "Primary"
}
]
}
GHSA-JWHH-CC56-QR9M
Vulnerability from github – Published: 2026-01-15 21:31 – Updated: 2026-01-15 21:31
VLAI?
Details
A clickjacking vulnerability exists in the web portal of Juniper Networks Paragon Automation (Pathfinder, Planner, Insights) due to the application's failure to set appropriate X-Frame-Options and X-Content-Type HTTP headers. This vulnerability allows an attacker to trick users into interacting with the interface under the attacker's control.
This issue affects all versions of Paragon Automation (Pathfinder, Planner, Insights) before 24.1.1.
Severity ?
{
"affected": [],
"aliases": [
"CVE-2025-52987"
],
"database_specific": {
"cwe_ids": [
"CWE-1021"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-01-15T21:16:02Z",
"severity": "MODERATE"
},
"details": "A clickjacking vulnerability exists in the web portal of Juniper Networks Paragon Automation (Pathfinder, Planner, Insights) due to the application\u0027s failure to set appropriate X-Frame-Options and X-Content-Type HTTP headers. This vulnerability allows an attacker to trick users into interacting with the interface under the attacker\u0027s control.\u00a0\n\nThis issue affects all versions of Paragon Automation (Pathfinder, Planner, Insights) before 24.1.1.",
"id": "GHSA-jwhh-cc56-qr9m",
"modified": "2026-01-15T21:31:47Z",
"published": "2026-01-15T21:31:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52987"
},
{
"type": "WEB",
"url": "https://kb.juniper.net/JSA103145"
},
{
"type": "WEB",
"url": "https://supportportal.juniper.net"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:M/U:X",
"type": "CVSS_V4"
}
]
}
NCSC-2026-0017
Vulnerability from csaf_ncscnl - Published: 2026-01-16 10:07 - Updated: 2026-01-16 10:07Summary
Kwetsbaarheden verholpen in Juniper Networks JunOS
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten: Juniper heeft kwetsbaarheden verholpen in Junos OS (Specifiek voor SRX en MX Series apparaten).
Interpretaties: De kwetsbaarheden in Junos OS omvatten verschillende problemen, waaronder clickjacking, Denial-of-Service (DoS) door malformed packets, en kwetsbaarheden die kunnen worden misbruikt door ongeauthenticeerde aanvallers. Deze kwetsbaarheden kunnen leiden tot serviceonderbrekingen, netwerkinstabiliteit en ongeautoriseerde acties door gebruikers. De technische details van deze kwetsbaarheden vereisen aandacht van beveiligingsbeheerders om de impact op hun netwerkinfrastructuur te beoordelen.
Oplossingen: Juniper heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans: medium
Schade: medium
CWE-121: Stack-based Buffer Overflow
CWE-126: Buffer Over-read
CWE-252: Unchecked Return Value
CWE-327: Use of a Broken or Risky Cryptographic Algorithm
CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition
CWE-401: Missing Release of Memory after Effective Lifetime
CWE-415: Double Free
CWE-416: Use After Free
CWE-476: NULL Pointer Dereference
CWE-665: Improper Initialization
CWE-667: Improper Locking
CWE-682: Incorrect Calculation
CWE-732: Incorrect Permission Assignment for Critical Resource
CWE-754: Improper Check for Unusual or Exceptional Conditions
CWE-755: Improper Handling of Exceptional Conditions
CWE-822: Untrusted Pointer Dereference
CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')
CWE-908: Use of Uninitialized Resource
CWE-1021: Improper Restriction of Rendered UI Layers or Frames
CWE-1286: Improper Validation of Syntactic Correctness of Input
CWE-1419: Incorrect Initialization of Resource
A clickjacking vulnerability in Juniper Networks Paragon Automation web portal, affecting all versions prior to 24.1.1, allows attackers to manipulate user interactions due to improper HTTP header settings.
6.1 (Medium)
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Juniper Networks / Junos OS
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos OS Evolved
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos Space
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Paragon Automation (Pathfinder, Planner, Insights)
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Spac
|
vers:unknown/* |
A vulnerability in Juniper Networks Junos Space's TLS/SSL server allows static key ciphers, compromising confidentiality and lacking Perfect Forward Secrecy in all versions prior to 24.1R5.
5.9 (Medium)
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Juniper Networks / Junos OS
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos OS Evolved
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos Space
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Paragon Automation (Pathfinder, Planner, Insights)
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Spac
|
vers:unknown/* |
A NULL Pointer Dereference vulnerability in Juniper Networks' Junos OS chassis daemon allows low-privileged local attackers to execute a command that causes a Denial-of-Service, resulting in temporary service outages.
5.5 (Medium)
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Juniper Networks / Junos OS
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos OS Evolved
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos Space
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Paragon Automation (Pathfinder, Planner, Insights)
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Spac
|
vers:unknown/* |
A vulnerability in Juniper Networks Junos OS allows unauthenticated attackers to exploit malformed ICMPv4 packets, resulting in a crash and restart of the FPC, leading to a Denial of Service (DoS).
6.5 (Medium)
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Juniper Networks / Junos OS
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos OS Evolved
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos Space
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Paragon Automation (Pathfinder, Planner, Insights)
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Spac
|
vers:unknown/* |
A Stack-based Buffer Overflow vulnerability in Juniper Networks' Junos OS enables low-privileged attackers to trigger Denial-of-Service conditions by subscribing to telemetry sensors, affecting specific OS versions.
6.5 (Medium)
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Juniper Networks / Junos OS
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos OS Evolved
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos Space
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Paragon Automation (Pathfinder, Planner, Insights)
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Spac
|
vers:unknown/* |
A vulnerability in Juniper Networks' Junos OS on SRX Series allows unauthenticated attackers to crash the packet forwarding engine via a specific ICMP packet sent through a GRE tunnel, causing traffic loss.
7.5 (High)
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Juniper Networks / Junos OS
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos OS Evolved
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos Space
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Paragon Automation (Pathfinder, Planner, Insights)
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Spac
|
vers:unknown/* |
An Improper Locking vulnerability in the GTP plugin of Juniper Networks Junos OS on SRX Series can be exploited by unauthenticated attackers, leading to Denial-of-Service due to lock management failures.
7.5 (High)
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Juniper Networks / Junos OS
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos OS Evolved
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos Space
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Paragon Automation (Pathfinder, Planner, Insights)
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Spac
|
vers:unknown/* |
A vulnerability in the Web-Filtering module of Juniper Networks Junos OS on SRX Series allows unauthenticated attackers to cause a Denial-of-Service (DoS) by sending malformed SSL packets, leading to device crashes.
7.5 (High)
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Juniper Networks / Junos OS
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos OS Evolved
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos Space
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Paragon Automation (Pathfinder, Planner, Insights)
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Spac
|
vers:unknown/* |
An Unchecked Return Value vulnerability in the DNS module of Juniper Networks Junos OS on SRX Series can allow unauthenticated attackers to cause Denial-of-Service (DoS) through specially crafted DNS requests.
7.5 (High)
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Juniper Networks / Junos OS
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos OS Evolved
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos Space
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Paragon Automation (Pathfinder, Planner, Insights)
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Spac
|
vers:unknown/* |
A vulnerability in Juniper Networks' Junos OS and Junos OS Evolved allows local, authenticated attackers to execute a command that causes a Denial-of-Service by crashing the routing protocol daemon under specific conditions.
5.5 (Medium)
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Juniper Networks / Junos OS
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos OS Evolved
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos Space
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Paragon Automation (Pathfinder, Planner, Insights)
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Spac
|
vers:unknown/* |
A vulnerability in Juniper's DHCP service allows clients to exhaust address pools across subnets, leading to a Denial of Service on the DHCP server due to improper Option 82 handling in specific configurations.
7.4 (High)
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Juniper Networks / Junos OS
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos OS Evolved
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos Space
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Paragon Automation (Pathfinder, Planner, Insights)
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Spac
|
vers:unknown/* |
A vulnerability in the Juniper DHCP daemon allows low-privileged local users to gain administrative control over the DHCP service, impacting multiple versions of Junos OS and Junos OS Evolved.
5.5 (Medium)
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Juniper Networks / Junos OS
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos OS Evolved
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos Space
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Paragon Automation (Pathfinder, Planner, Insights)
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Spac
|
vers:unknown/* |
A Buffer Over-read vulnerability in Juniper Networks' Junos OS allows unauthenticated attackers to crash the routing protocol daemon (rpd) via specific BGP updates from non-4-byte-AS capable peers, leading to a Denial-of-Service (DoS).
7.5 (High)
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Juniper Networks / Junos OS
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos OS Evolved
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos Space
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Paragon Automation (Pathfinder, Planner, Insights)
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Spac
|
vers:unknown/* |
A vulnerability in Juniper Networks' Junos OS allows unauthenticated attackers to disrupt BGP sessions, affecting the availability of downstream devices through malformed attributes.
5.8 (Medium)
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Juniper Networks / Junos OS
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos OS Evolved
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos Space
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Paragon Automation (Pathfinder, Planner, Insights)
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Spac
|
vers:unknown/* |
A Use After Free vulnerability in Juniper Networks' 802.1X authentication daemon could allow an authenticated attacker to crash the process or execute arbitrary code during port authorization changes.
7.1 (High)
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Juniper Networks / Junos OS
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos OS Evolved
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos Space
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Paragon Automation (Pathfinder, Planner, Insights)
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Spac
|
vers:unknown/* |
A vulnerability in Juniper Networks' Junos OS and Junos OS Evolved allows unauthenticated attackers to exploit a memory leak in the routing protocol daemon, resulting in a Denial of Service condition.
6.5 (Medium)
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Juniper Networks / Junos OS
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos OS Evolved
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos Space
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Paragon Automation (Pathfinder, Planner, Insights)
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Spac
|
vers:unknown/* |
A Use After Free vulnerability in Juniper Networks' Junos OS allows low-privileged attackers to exploit telemetry sensor subscriptions, resulting in Denial-of-Service by crashing critical processes.
6.5 (Medium)
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Juniper Networks / Junos OS
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos OS Evolved
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos Space
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Paragon Automation (Pathfinder, Planner, Insights)
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Spac
|
vers:unknown/* |
Multiple updates across SUSE Linux Enterprise kernels (15 SP2 to SP6) and Linux Kernel versions addressed various security vulnerabilities, including use-after-free issues, memory leaks, and specific bugs in network handling and Bluetooth functionalities.
7.8 (High)
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Juniper Networks / Junos OS
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos OS Evolved
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos Space
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Paragon Automation (Pathfinder, Planner, Insights)
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Spac
|
vers:unknown/* |
A vulnerability in Juniper Networks Junos OS Evolved's Layer 2 Control Protocol Daemon allows unauthenticated attackers to disrupt MAC learning, resulting in high CPU usage and excessive logging.
6.5 (Medium)
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Juniper Networks / Junos OS
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos OS Evolved
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos Space
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Paragon Automation (Pathfinder, Planner, Insights)
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Spac
|
vers:unknown/* |
A vulnerability in Juniper Networks Junos OS on EX4000 models allows unauthenticated attackers to cause Denial-of-Service by overwhelming the device with traffic, resulting in service outages.
7.5 (High)
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Juniper Networks / Junos OS
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos OS Evolved
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos Space
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Paragon Automation (Pathfinder, Planner, Insights)
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Spac
|
vers:unknown/* |
A vulnerability in Juniper Networks Junos OS on EX4k and QFX5k Series platforms allows unauthenticated attackers to cause Denial of Service by flapping an interface, resulting in dropped traffic between specific VXLAN Network Identifiers.
6.5 (Medium)
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Juniper Networks / Junos OS
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos OS Evolved
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos Space
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Paragon Automation (Pathfinder, Planner, Insights)
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Spac
|
vers:unknown/* |
A TOCTOU race condition vulnerability in Juniper Networks Junos OS allows low-privileged attackers to reset specific line cards, potentially causing further system crashes.
5.5 (Medium)
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Juniper Networks / Junos OS
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos OS Evolved
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos Space
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Paragon Automation (Pathfinder, Planner, Insights)
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Spac
|
vers:unknown/* |
A vulnerability in Juniper Networks Junos OS allows unauthenticated attackers to crash the flow management process via specific TCP SIP messages, leading to a Denial of Service on affected SRX and MX Series devices.
7.5 (High)
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Juniper Networks / Junos OS
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos OS Evolved
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos Space
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Paragon Automation (Pathfinder, Planner, Insights)
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Spac
|
vers:unknown/* |
A Double Free vulnerability in Juniper Networks' Junos OS on SRX and MX Series allows unauthenticated attackers to exploit TCP session establishment, leading to Denial-of-Service across multiple software versions.
7.5 (High)
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
Juniper Networks / Junos OS
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos OS Evolved
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Junos Space
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Paragon Automation (Pathfinder, Planner, Insights)
|
vers:unknown/* | ||
|
vers:unknown/*
Juniper Networks / Spac
|
vers:unknown/* |
References
44 references
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Juniper heeft kwetsbaarheden verholpen in Junos OS (Specifiek voor SRX en MX Series apparaten).",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden in Junos OS omvatten verschillende problemen, waaronder clickjacking, Denial-of-Service (DoS) door malformed packets, en kwetsbaarheden die kunnen worden misbruikt door ongeauthenticeerde aanvallers. Deze kwetsbaarheden kunnen leiden tot serviceonderbrekingen, netwerkinstabiliteit en ongeautoriseerde acties door gebruikers. De technische details van deze kwetsbaarheden vereisen aandacht van beveiligingsbeheerders om de impact op hun netwerkinfrastructuur te beoordelen.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Juniper heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "medium",
"title": "Schade"
},
{
"category": "general",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "general",
"text": "Buffer Over-read",
"title": "CWE-126"
},
{
"category": "general",
"text": "Unchecked Return Value",
"title": "CWE-252"
},
{
"category": "general",
"text": "Use of a Broken or Risky Cryptographic Algorithm",
"title": "CWE-327"
},
{
"category": "general",
"text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
"title": "CWE-367"
},
{
"category": "general",
"text": "Missing Release of Memory after Effective Lifetime",
"title": "CWE-401"
},
{
"category": "general",
"text": "Double Free",
"title": "CWE-415"
},
{
"category": "general",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "general",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "general",
"text": "Improper Initialization",
"title": "CWE-665"
},
{
"category": "general",
"text": "Improper Locking",
"title": "CWE-667"
},
{
"category": "general",
"text": "Incorrect Calculation",
"title": "CWE-682"
},
{
"category": "general",
"text": "Incorrect Permission Assignment for Critical Resource",
"title": "CWE-732"
},
{
"category": "general",
"text": "Improper Check for Unusual or Exceptional Conditions",
"title": "CWE-754"
},
{
"category": "general",
"text": "Improper Handling of Exceptional Conditions",
"title": "CWE-755"
},
{
"category": "general",
"text": "Untrusted Pointer Dereference",
"title": "CWE-822"
},
{
"category": "general",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
},
{
"category": "general",
"text": "Use of Uninitialized Resource",
"title": "CWE-908"
},
{
"category": "general",
"text": "Improper Restriction of Rendered UI Layers or Frames",
"title": "CWE-1021"
},
{
"category": "general",
"text": "Improper Validation of Syntactic Correctness of Input",
"title": "CWE-1286"
},
{
"category": "general",
"text": "Incorrect Initialization of Resource",
"title": "CWE-1419"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference",
"url": "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-A-specifically-crafted-show-chassis-command-causes-chassisd-to-crash-CVE-2025-60007"
},
{
"category": "external",
"summary": "Reference",
"url": "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-BGP-update-with-a-set-of-specific-attributes-causes-rpd-crash-CVE-2025-60003"
},
{
"category": "external",
"summary": "Reference",
"url": "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Optional-transitive-BGP-attribute-is-modified-before-propagation-to-peers-causing-sessions-to-flap-CVE-2025-60011"
},
{
"category": "external",
"summary": "Reference",
"url": "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Receipt-of-specific-IS-IS-update-packet-causes-memory-leak-leading-to-RPD-crash-CVE-2026-21909"
},
{
"category": "external",
"summary": "Reference",
"url": "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Unix-socket-used-to-control-the-jdhcpd-process-is-world-writable-CVE-2025-59961"
},
{
"category": "external",
"summary": "Reference",
"url": "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Use-after-free-vulnerability-In-802-1X-authentication-daemon-can-cause-crash-of-the-dot1xd-process-CVE-2026-21908"
},
{
"category": "external",
"summary": "Reference",
"url": "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-When-telemetry-collectors-are-frequently-subscribing-and-unsubscribing-to-sensors-chassisd-or-rpd-will-crash-CVE-2026-21921"
},
{
"category": "external",
"summary": "Reference",
"url": "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-Evolved-A-Linux-kernel-vulnerability-in-the-HID-driver-allows-an-attacker-to-read-information-from-the-HID-Report-buffer-CVE-2024-50302"
},
{
"category": "external",
"summary": "Reference",
"url": "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-Evolved-Flapping-management-interface-causes-MAC-learning-on-label-switched-interfaces-to-stop-CVE-2026-21911"
},
{
"category": "external",
"summary": "Reference",
"url": "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-EX4000-A-high-volume-of-traffic-destinated-to-the-device-leads-to-a-crash-and-restart-CVE-2026-21913"
},
{
"category": "external",
"summary": "Reference",
"url": "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-EX4k-Series-QFX5k-Series-In-an-EVPN-VXLAN-configuration-link-flaps-cause-Inter-VNI-traffic-drop-CVE-2026-21910"
},
{
"category": "external",
"summary": "Reference",
"url": "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-MX10k-Series-show-system-firmware-CLI-command-may-lead-to-LC480-or-LC2101-line-card-reset-CVE-2026-21912"
},
{
"category": "external",
"summary": "Reference",
"url": "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-Receipt-of-a-specifically-malformed-ICMP-packet-causes-an-FPC-restart-CVE-2026-0203"
},
{
"category": "external",
"summary": "Reference",
"url": "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-SRX-and-MX-Series-When-TCP-packets-occur-in-a-specific-sequence-flowd-crashes-CVE-2026-21918"
},
{
"category": "external",
"summary": "Reference",
"url": "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-SRX-Series-A-specifically-malformed-GTP-message-will-cause-an-FPC-crash-CVE-2026-21914"
},
{
"category": "external",
"summary": "Reference",
"url": "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-SRX-Series-If-a-specific-request-is-processed-by-the-DNS-subsystem-flowd-will-crash-CVE-2026-21920"
},
{
"category": "external",
"summary": "Reference",
"url": "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-SRX-Series-MX-Series-with-MX-SPC3-or-MS-MPC-Receipt-of-multiple-specific-SIP-messages-results-in-flow-management-process-crash-CVE-2026-21905"
},
{
"category": "external",
"summary": "Reference",
"url": "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-SRX-Series-Specifically-malformed-SSL-packet-causes-FPC-crash-CVE-2026-21917"
},
{
"category": "external",
"summary": "Reference",
"url": "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-SRX-Series-With-GRE-performance-acceleration-enabled-receipt-of-a-specific-ICMP-packet-causes-the-PFE-to-crash-CVE-2026-21906"
},
{
"category": "external",
"summary": "Reference",
"url": "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-Subscribing-to-telemetry-sensors-at-scale-causes-all-FPCs-to-crash-CVE-2026-21903"
}
],
"title": "Kwetsbaarheden verholpen in Juniper Networks JunOS",
"tracking": {
"current_release_date": "2026-01-16T10:07:39.310560Z",
"generator": {
"date": "2025-08-04T16:30:00Z",
"engine": {
"name": "V.A.",
"version": "1.3"
}
},
"id": "NCSC-2026-0017",
"initial_release_date": "2026-01-16T10:07:39.310560Z",
"revision_history": [
{
"date": "2026-01-16T10:07:39.310560Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-1"
}
}
],
"category": "product_name",
"name": "Junos OS"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-2"
}
}
],
"category": "product_name",
"name": "Junos OS Evolved"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-3"
}
}
],
"category": "product_name",
"name": "Junos Space"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-4"
}
}
],
"category": "product_name",
"name": "Paragon Automation (Pathfinder, Planner, Insights)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-5"
}
}
],
"category": "product_name",
"name": "Spac"
}
],
"category": "vendor",
"name": "Juniper Networks"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-52987",
"cwe": {
"id": "CWE-1021",
"name": "Improper Restriction of Rendered UI Layers or Frames"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of Rendered UI Layers or Frames",
"title": "CWE-1021"
},
{
"category": "description",
"text": "A clickjacking vulnerability in Juniper Networks Paragon Automation web portal, affecting all versions prior to 24.1.1, allows attackers to manipulate user interactions due to improper HTTP header settings.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/RE:M",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-52987 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-52987.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
}
],
"title": "CVE-2025-52987"
},
{
"cve": "CVE-2026-21907",
"cwe": {
"id": "CWE-327",
"name": "Use of a Broken or Risky Cryptographic Algorithm"
},
"notes": [
{
"category": "other",
"text": "Use of a Broken or Risky Cryptographic Algorithm",
"title": "CWE-327"
},
{
"category": "description",
"text": "A vulnerability in Juniper Networks Junos Space\u0027s TLS/SSL server allows static key ciphers, compromising confidentiality and lacking Perfect Forward Secrecy in all versions prior to 24.1R5.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N/AU:Y/RE:M/U:Green",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-21907 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21907.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
}
],
"title": "CVE-2026-21907"
},
{
"cve": "CVE-2025-60007",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "description",
"text": "A NULL Pointer Dereference vulnerability in Juniper Networks\u0027 Junos OS chassis daemon allows low-privileged local attackers to execute a command that causes a Denial-of-Service, resulting in temporary service outages.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:A/RE:M",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-60007 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-60007.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
}
],
"title": "CVE-2025-60007"
},
{
"cve": "CVE-2026-0203",
"cwe": {
"id": "CWE-755",
"name": "Improper Handling of Exceptional Conditions"
},
"notes": [
{
"category": "other",
"text": "Improper Handling of Exceptional Conditions",
"title": "CWE-755"
},
{
"category": "description",
"text": "A vulnerability in Juniper Networks Junos OS allows unauthenticated attackers to exploit malformed ICMPv4 packets, resulting in a crash and restart of the FPC, leading to a Denial of Service (DoS).",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:A/RE:M/U:Amber",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-0203 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-0203.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
}
],
"title": "CVE-2026-0203"
},
{
"cve": "CVE-2026-21903",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "description",
"text": "A Stack-based Buffer Overflow vulnerability in Juniper Networks\u0027 Junos OS enables low-privileged attackers to trigger Denial-of-Service conditions by subscribing to telemetry sensors, affecting specific OS versions.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-21903 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21903.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
}
],
"title": "CVE-2026-21903"
},
{
"cve": "CVE-2026-21906",
"cwe": {
"id": "CWE-755",
"name": "Improper Handling of Exceptional Conditions"
},
"notes": [
{
"category": "other",
"text": "Improper Handling of Exceptional Conditions",
"title": "CWE-755"
},
{
"category": "description",
"text": "A vulnerability in Juniper Networks\u0027 Junos OS on SRX Series allows unauthenticated attackers to crash the packet forwarding engine via a specific ICMP packet sent through a GRE tunnel, causing traffic loss.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:A/V:C/RE:M/U:Red",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-21906 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21906.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
}
],
"title": "CVE-2026-21906"
},
{
"cve": "CVE-2026-21914",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "other",
"text": "Improper Locking",
"title": "CWE-667"
},
{
"category": "description",
"text": "An Improper Locking vulnerability in the GTP plugin of Juniper Networks Junos OS on SRX Series can be exploited by unauthenticated attackers, leading to Denial-of-Service due to lock management failures.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:A/RE:M",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-21914 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21914.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
}
],
"title": "CVE-2026-21914"
},
{
"cve": "CVE-2026-21917",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"notes": [
{
"category": "other",
"text": "Improper Validation of Syntactic Correctness of Input",
"title": "CWE-1286"
},
{
"category": "description",
"text": "A vulnerability in the Web-Filtering module of Juniper Networks Junos OS on SRX Series allows unauthenticated attackers to cause a Denial-of-Service (DoS) by sending malformed SSL packets, leading to device crashes.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:X/RE:M/U:X",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-21917 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21917.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
}
],
"title": "CVE-2026-21917"
},
{
"cve": "CVE-2026-21920",
"cwe": {
"id": "CWE-252",
"name": "Unchecked Return Value"
},
"notes": [
{
"category": "other",
"text": "Unchecked Return Value",
"title": "CWE-252"
},
{
"category": "description",
"text": "An Unchecked Return Value vulnerability in the DNS module of Juniper Networks Junos OS on SRX Series can allow unauthenticated attackers to cause Denial-of-Service (DoS) through specially crafted DNS requests.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:X/RE:M/U:X",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-21920 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21920.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
}
],
"title": "CVE-2026-21920"
},
{
"cve": "CVE-2025-59959",
"cwe": {
"id": "CWE-822",
"name": "Untrusted Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "Untrusted Pointer Dereference",
"title": "CWE-822"
},
{
"category": "description",
"text": "A vulnerability in Juniper Networks\u0027 Junos OS and Junos OS Evolved allows local, authenticated attackers to execute a command that causes a Denial-of-Service by crashing the routing protocol daemon under specific conditions.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:A/RE:M",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59959 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59959.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
}
],
"title": "CVE-2025-59959"
},
{
"cve": "CVE-2025-59960",
"cwe": {
"id": "CWE-754",
"name": "Improper Check for Unusual or Exceptional Conditions"
},
"notes": [
{
"category": "other",
"text": "Improper Check for Unusual or Exceptional Conditions",
"title": "CWE-754"
},
{
"category": "description",
"text": "A vulnerability in Juniper\u0027s DHCP service allows clients to exhaust address pools across subnets, leading to a Denial of Service on the DHCP server due to improper Option 82 handling in specific configurations.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:N/SA:H/AU:Y/R:U/V:C/RE:M/U:Amber",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59960 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59960.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
}
],
"title": "CVE-2025-59960"
},
{
"cve": "CVE-2025-59961",
"cwe": {
"id": "CWE-732",
"name": "Incorrect Permission Assignment for Critical Resource"
},
"notes": [
{
"category": "other",
"text": "Incorrect Permission Assignment for Critical Resource",
"title": "CWE-732"
},
{
"category": "description",
"text": "A vulnerability in the Juniper DHCP daemon allows low-privileged local users to gain administrative control over the DHCP service, impacting multiple versions of Junos OS and Junos OS Evolved.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:L/AU:Y/R:A/V:C/RE:M/U:Green",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59961 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59961.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
}
],
"title": "CVE-2025-59961"
},
{
"cve": "CVE-2025-60003",
"cwe": {
"id": "CWE-126",
"name": "Buffer Over-read"
},
"notes": [
{
"category": "other",
"text": "Buffer Over-read",
"title": "CWE-126"
},
{
"category": "description",
"text": "A Buffer Over-read vulnerability in Juniper Networks\u0027 Junos OS allows unauthenticated attackers to crash the routing protocol daemon (rpd) via specific BGP updates from non-4-byte-AS capable peers, leading to a Denial-of-Service (DoS).",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:A/RE:M",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-60003 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-60003.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
}
],
"title": "CVE-2025-60003"
},
{
"cve": "CVE-2025-60011",
"cwe": {
"id": "CWE-754",
"name": "Improper Check for Unusual or Exceptional Conditions"
},
"notes": [
{
"category": "other",
"text": "Improper Check for Unusual or Exceptional Conditions",
"title": "CWE-754"
},
{
"category": "description",
"text": "A vulnerability in Juniper Networks\u0027 Junos OS allows unauthenticated attackers to disrupt BGP sessions, affecting the availability of downstream devices through malformed attributes.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:L/AU:Y/R:U/RE:M",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-60011 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-60011.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
}
],
"title": "CVE-2025-60011"
},
{
"cve": "CVE-2026-21908",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A Use After Free vulnerability in Juniper Networks\u0027 802.1X authentication daemon could allow an authenticated attacker to crash the process or execute arbitrary code during port authorization changes.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:L/RE:M/U:Green",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-21908 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21908.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
}
],
"title": "CVE-2026-21908"
},
{
"cve": "CVE-2026-21909",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "other",
"text": "Missing Release of Memory after Effective Lifetime",
"title": "CWE-401"
},
{
"category": "description",
"text": "A vulnerability in Juniper Networks\u0027 Junos OS and Junos OS Evolved allows unauthenticated attackers to exploit a memory leak in the routing protocol daemon, resulting in a Denial of Service condition.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:A/V:C/RE:M/U:Green",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-21909 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21909.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
}
],
"title": "CVE-2026-21909"
},
{
"cve": "CVE-2026-21921",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "A Use After Free vulnerability in Juniper Networks\u0027 Junos OS allows low-privileged attackers to exploit telemetry sensor subscriptions, resulting in Denial-of-Service by crashing critical processes.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:X/RE:M/U:X",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-21921 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21921.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
}
],
"title": "CVE-2026-21921"
},
{
"cve": "CVE-2024-50302",
"cwe": {
"id": "CWE-665",
"name": "Improper Initialization"
},
"notes": [
{
"category": "other",
"text": "Improper Initialization",
"title": "CWE-665"
},
{
"category": "other",
"text": "Use of Uninitialized Resource",
"title": "CWE-908"
},
{
"category": "description",
"text": "Multiple updates across SUSE Linux Enterprise kernels (15 SP2 to SP6) and Linux Kernel versions addressed various security vulnerabilities, including use-after-free issues, memory leaks, and specific bugs in network handling and Bluetooth functionalities.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-50302 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-50302.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
}
],
"title": "CVE-2024-50302"
},
{
"cve": "CVE-2026-21911",
"cwe": {
"id": "CWE-682",
"name": "Incorrect Calculation"
},
"notes": [
{
"category": "other",
"text": "Incorrect Calculation",
"title": "CWE-682"
},
{
"category": "description",
"text": "A vulnerability in Juniper Networks Junos OS Evolved\u0027s Layer 2 Control Protocol Daemon allows unauthenticated attackers to disrupt MAC learning, resulting in high CPU usage and excessive logging.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:A/V:C/RE:M/U:Amber",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-21911 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21911.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
}
],
"title": "CVE-2026-21911"
},
{
"cve": "CVE-2026-21913",
"cwe": {
"id": "CWE-1419",
"name": "Incorrect Initialization of Resource"
},
"notes": [
{
"category": "other",
"text": "Incorrect Initialization of Resource",
"title": "CWE-1419"
},
{
"category": "description",
"text": "A vulnerability in Juniper Networks Junos OS on EX4000 models allows unauthenticated attackers to cause Denial-of-Service by overwhelming the device with traffic, resulting in service outages.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:A/RE:M",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-21913 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21913.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
}
],
"title": "CVE-2026-21913"
},
{
"cve": "CVE-2026-21910",
"cwe": {
"id": "CWE-754",
"name": "Improper Check for Unusual or Exceptional Conditions"
},
"notes": [
{
"category": "other",
"text": "Improper Check for Unusual or Exceptional Conditions",
"title": "CWE-754"
},
{
"category": "description",
"text": "A vulnerability in Juniper Networks Junos OS on EX4k and QFX5k Series platforms allows unauthenticated attackers to cause Denial of Service by flapping an interface, resulting in dropped traffic between specific VXLAN Network Identifiers.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:U/RE:M/U:Green",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-21910 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21910.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
}
],
"title": "CVE-2026-21910"
},
{
"cve": "CVE-2026-21912",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"notes": [
{
"category": "other",
"text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
"title": "CWE-367"
},
{
"category": "description",
"text": "A TOCTOU race condition vulnerability in Juniper Networks Junos OS allows low-privileged attackers to reset specific line cards, potentially causing further system crashes.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:A/RE:M/U:Amber",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-21912 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21912.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
}
],
"title": "CVE-2026-21912"
},
{
"cve": "CVE-2026-21905",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "other",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
},
{
"category": "description",
"text": "A vulnerability in Juniper Networks Junos OS allows unauthenticated attackers to crash the flow management process via specific TCP SIP messages, leading to a Denial of Service on affected SRX and MX Series devices.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:A/V:C/RE:M/U:Amber",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-21905 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21905.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
}
],
"title": "CVE-2026-21905"
},
{
"cve": "CVE-2026-21918",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "other",
"text": "Double Free",
"title": "CWE-415"
},
{
"category": "description",
"text": "A Double Free vulnerability in Juniper Networks\u0027 Junos OS on SRX and MX Series allows unauthenticated attackers to exploit TCP session establishment, leading to Denial-of-Service across multiple software versions.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:X/RE:M/U:X",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-21918 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21918.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5"
]
}
],
"title": "CVE-2026-21918"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…