CVE-2026-21908 (GCVE-0-2026-21908)

Vulnerability from cvelistv5 – Published: 2026-01-15 20:21 – Updated: 2026-02-26 15:04
VLAI
Title
Junos OS and Junos OS Evolved: Use after free vulnerability In 802.1X authentication daemon can cause crash of the dot1xd process
Summary
A Use After Free vulnerability was identified in the 802.1X authentication daemon (dot1xd) of Juniper Networks Junos OS and Junos OS Evolved that could allow an authenticated, network-adjacent attacker flapping a port to crash the dot1xd process, leading to a Denial of Service (DoS), or potentially execute arbitrary code within the context of the process running as root. The issue is specific to the processing of a change in authorization (CoA) when a port bounce occurs. A pointer is freed but was then referenced later in the same code path. Successful exploitation is outside the attacker's direct control due to the specific timing of the two events required to execute the vulnerable code path. This issue affects systems with 802.1X authentication port-based network access control (PNAC) enabled. This issue affects: Junos OS:  * from 23.2R2-S1 before 23.2R2-S5,  * from 23.4R2 before 23.4R2-S6,  * from 24.2 before 24.2R2-S3,  * from 24.4 before 24.4R2-S1,  * from 25.2 before 25.2R1-S2, 25.2R2;  Junos OS Evolved:  * from 23.2R2-S1 before 23.2R2-S5-EVO,  * from 23.4R2 before 23.4R2-S6-EVO,  * from 24.2 before 24.2R2-S3-EVO,  * from 24.4 before 24.4R2-S1-EVO,  * from 25.2 before 25.2R1-S2-EVO, 25.2R2-EVO.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
Vendor Product Version
Juniper Networks Junos OS Affected: 23.2R2-S1 , < 23.2R2-S5 (semver)
Affected: 23.4R2 , < 23.4R2-S6 (semver)
Affected: 24.2 , < 24.2R2-S3 (semver)
Affected: 24.4 , < 24.4R2-S1 (semver)
Affected: 25.2 , < 25.2R1-S2, 25.2R2 (semver)
Create a notification for this product.
Juniper Networks Junos OS Evolved Affected: 23.2R2-S1 , < 23.2R2-S5-EVO (semver)
Affected: 23.4R2 , < 23.4R2-S6-EVO (semver)
Affected: 24.2 , < 24.2R2-S3-EVO (semver)
Affected: 24.4 , < 24.4R2-S1-EVO (semver)
Affected: 25.2 , < 25.2R1-S2-EVO, 25.2R2-EVO (semver)
Create a notification for this product.
Date Public
2026-01-14 17:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-21908",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-16T04:55:55.863089Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T15:04:06.477Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "23.2R2-S5",
              "status": "affected",
              "version": "23.2R2-S1",
              "versionType": "semver"
            },
            {
              "lessThan": "23.4R2-S6",
              "status": "affected",
              "version": "23.4R2",
              "versionType": "semver"
            },
            {
              "lessThan": "24.2R2-S3",
              "status": "affected",
              "version": "24.2",
              "versionType": "semver"
            },
            {
              "lessThan": "24.4R2-S1",
              "status": "affected",
              "version": "24.4",
              "versionType": "semver"
            },
            {
              "lessThan": "25.2R1-S2, 25.2R2",
              "status": "affected",
              "version": "25.2",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Junos OS Evolved",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "23.2R2-S5-EVO",
              "status": "affected",
              "version": "23.2R2-S1",
              "versionType": "semver"
            },
            {
              "lessThan": "23.4R2-S6-EVO",
              "status": "affected",
              "version": "23.4R2",
              "versionType": "semver"
            },
            {
              "lessThan": "24.2R2-S3-EVO",
              "status": "affected",
              "version": "24.2",
              "versionType": "semver"
            },
            {
              "lessThan": "24.4R2-S1-EVO",
              "status": "affected",
              "version": "24.4",
              "versionType": "semver"
            },
            {
              "lessThan": "25.2R1-S2-EVO, 25.2R2-EVO",
              "status": "affected",
              "version": "25.2",
              "versionType": "semver"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue requires support for 802.1X be enabled. For example:\u003cbr\u003e\u003cbr\u003e\u003ctt\u003e[protocols dot1x authenticator ...]\u003c/tt\u003e"
            }
          ],
          "value": "This issue requires support for 802.1X be enabled. For example:\n\n[protocols dot1x authenticator ...]"
        }
      ],
      "datePublic": "2026-01-14T17:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A Use After Free vulnerability was identified in the 802.1X authentication daemon (dot1xd) of\u0026nbsp;Juniper Networks Junos OS and Junos OS Evolved that could allow an authenticated, network-adjacent attacker flapping a port to crash the dot1xd process, leading to a Denial of Service (DoS), or potentially execute arbitrary code within the context of the process running as root.\u003cbr\u003e\u003cbr\u003eThe issue is specific to the processing of a change in authorization (CoA) when a port bounce occurs. A pointer is freed but was then referenced later in the same code path. Successful exploitation is outside the attacker\u0027s direct control due to the specific timing of the two events required to execute the vulnerable code path.\u003cbr\u003e\u003cbr\u003eThis issue affects systems with 802.1X authentication port-based network access control (PNAC) enabled.\u003cbr\u003e\u003cp\u003eThis issue affects:\u003c/p\u003e\u003cp\u003eJunos OS:\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003efrom 23.2R2-S1 before 23.2R2-S5,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 23.4R2 before 23.4R2-S6,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 24.2 before 24.2R2-S3,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 24.4 before 24.4R2-S1,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 25.2 before 25.2R1-S2, 25.2R2;\u0026nbsp;\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eJunos OS Evolved:\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003efrom 23.2R2-S1 before 23.2R2-S5-EVO,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 23.4R2 before 23.4R2-S6-EVO,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 24.2 before 24.2R2-S3-EVO,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 24.4 before 24.4R2-S1-EVO,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 25.2 before 25.2R1-S2-EVO, 25.2R2-EVO.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e"
            }
          ],
          "value": "A Use After Free vulnerability was identified in the 802.1X authentication daemon (dot1xd) of\u00a0Juniper Networks Junos OS and Junos OS Evolved that could allow an authenticated, network-adjacent attacker flapping a port to crash the dot1xd process, leading to a Denial of Service (DoS), or potentially execute arbitrary code within the context of the process running as root.\n\nThe issue is specific to the processing of a change in authorization (CoA) when a port bounce occurs. A pointer is freed but was then referenced later in the same code path. Successful exploitation is outside the attacker\u0027s direct control due to the specific timing of the two events required to execute the vulnerable code path.\n\nThis issue affects systems with 802.1X authentication port-based network access control (PNAC) enabled.\nThis issue affects:\n\nJunos OS:\u00a0\n\n\n\n  *  from 23.2R2-S1 before 23.2R2-S5,\u00a0\n  *  from 23.4R2 before 23.4R2-S6,\u00a0\n  *  from 24.2 before 24.2R2-S3,\u00a0\n  *  from 24.4 before 24.4R2-S1,\u00a0\n  *  from 25.2 before 25.2R1-S2, 25.2R2;\u00a0\n\n\n\n\nJunos OS Evolved:\u00a0\n\n\n\n  *  from 23.2R2-S1 before 23.2R2-S5-EVO,\u00a0\n  *  from 23.4R2 before 23.4R2-S6-EVO,\u00a0\n  *  from 24.2 before 24.2R2-S3-EVO,\u00a0\n  *  from 24.4 before 24.4R2-S1-EVO,\u00a0\n  *  from 25.2 before 25.2R1-S2-EVO, 25.2R2-EVO."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
            }
          ],
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "ADJACENT",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "privilegesRequired": "LOW",
            "providerUrgency": "GREEN",
            "subAvailabilityImpact": "LOW",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:L/RE:M/U:Green",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "CWE-416 Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-15T20:21:41.576Z",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://supportportal.juniper.net/JSA106007"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://kb.juniper.net/JSA106007"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The following software releases have been updated to resolve this specific issue:\u003cbr\u003eJunos OS 23.2R2-S5, 23.4R2-S6, 24.2R2-S3, 24.4R2-S1, 25.2R1-S2, 25.2R2, 25.4R1, and all subsequent releases.\u003cbr\u003eJunos OS Evolved:\u0026nbsp;23.2R2-S5-EVO, 23.4R2-S6-EVO, 24.2R2-S3-EVO, 24.4R2-S1-EVO, 25.2R1-S2-EVO, 25.2R2-EVO, 25.4R1-EVO,"
            }
          ],
          "value": "The following software releases have been updated to resolve this specific issue:\nJunos OS 23.2R2-S5, 23.4R2-S6, 24.2R2-S3, 24.4R2-S1, 25.2R1-S2, 25.2R2, 25.4R1, and all subsequent releases.\nJunos OS Evolved:\u00a023.2R2-S5-EVO, 23.4R2-S6-EVO, 24.2R2-S3-EVO, 24.4R2-S1-EVO, 25.2R1-S2-EVO, 25.2R2-EVO, 25.4R1-EVO,"
        }
      ],
      "source": {
        "advisory": "JSA106007",
        "defect": [
          "1896371"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Junos OS and Junos OS Evolved: Use after free vulnerability In 802.1X authentication daemon can cause crash of the dot1xd process",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "There are no known workarounds for this issue."
            }
          ],
          "value": "There are no known workarounds for this issue."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2026-21908",
    "datePublished": "2026-01-15T20:21:41.576Z",
    "dateReserved": "2026-01-05T17:32:48.710Z",
    "dateUpdated": "2026-02-26T15:04:06.477Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2026-21908",
      "date": "2026-07-03",
      "epss": "0.00293",
      "percentile": "0.21058"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-21908\",\"sourceIdentifier\":\"sirt@juniper.net\",\"published\":\"2026-01-15T21:16:06.537\",\"lastModified\":\"2026-06-17T10:19:08.070\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A Use After Free vulnerability was identified in the 802.1X authentication daemon (dot1xd) of\u00a0Juniper Networks Junos OS and Junos OS Evolved that could allow an authenticated, network-adjacent attacker flapping a port to crash the dot1xd process, leading to a Denial of Service (DoS), or potentially execute arbitrary code within the context of the process running as root.\\n\\nThe issue is specific to the processing of a change in authorization (CoA) when a port bounce occurs. A pointer is freed but was then referenced later in the same code path. Successful exploitation is outside the attacker\u0027s direct control due to the specific timing of the two events required to execute the vulnerable code path.\\n\\nThis issue affects systems with 802.1X authentication port-based network access control (PNAC) enabled.\\nThis issue affects:\\n\\nJunos OS:\u00a0\\n\\n\\n\\n  *  from 23.2R2-S1 before 23.2R2-S5,\u00a0\\n  *  from 23.4R2 before 23.4R2-S6,\u00a0\\n  *  from 24.2 before 24.2R2-S3,\u00a0\\n  *  from 24.4 before 24.4R2-S1,\u00a0\\n  *  from 25.2 before 25.2R1-S2, 25.2R2;\u00a0\\n\\n\\n\\n\\nJunos OS Evolved:\u00a0\\n\\n\\n\\n  *  from 23.2R2-S1 before 23.2R2-S5-EVO,\u00a0\\n  *  from 23.4R2 before 23.4R2-S6-EVO,\u00a0\\n  *  from 24.2 before 24.2R2-S3-EVO,\u00a0\\n  *  from 24.4 before 24.4R2-S1-EVO,\u00a0\\n  *  from 25.2 before 25.2R1-S2-EVO, 25.2R2-EVO.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de Use After Free fue identificada en el demonio de autenticaci\u00f3n 802.1X (dot1xd) de Juniper Networks Junos OS y Junos OS Evolved que podr\u00eda permitir a un atacante autenticado y adyacente a la red, alternando un puerto, bloquear el proceso dot1xd, lo que lleva a una denegaci\u00f3n de servicio (DoS), o potencialmente ejecutar c\u00f3digo arbitrario dentro del contexto del proceso que se ejecuta como root.\\n\\nEl problema es espec\u00edfico del procesamiento de un cambio en la autorizaci\u00f3n (CoA) cuando ocurre un rebote de puerto. Un puntero es liberado pero luego fue referenciado m\u00e1s tarde en la misma ruta de c\u00f3digo. La explotaci\u00f3n exitosa est\u00e1 fuera del control directo del atacante debido a la sincronizaci\u00f3n espec\u00edfica de los dos eventos requeridos para ejecutar la ruta de c\u00f3digo vulnerable.\\n\\nEste problema afecta a sistemas con autenticaci\u00f3n 802.1X con control de acceso a la red basado en puerto (PNAC) habilitado.\\nEste problema afecta a:\\n\\nJunos OS:\\n\\n  *  desde 23.2R2-S1 antes de 23.2R2-S5,\\n  *  desde 23.4R2 antes de 23.4R2-S6,\\n  *  desde 24.2 antes de 24.2R2-S3,\\n  *  desde 24.4 antes de 24.4R2-S1,\\n  *  desde 25.2 antes de 25.2R1-S2, 25.2R2;\\n\\nJunos OS Evolved:\\n\\n  *  desde 23.2R2-S1 antes de 23.2R2-S5-EVO,\\n  *  desde 23.4R2 antes de 23.4R2-S6-EVO,\\n  *  desde 24.2 antes de 24.2R2-S3-EVO,\\n  *  desde 24.4 antes de 24.4R2-S1-EVO,\\n  *  desde 25.2 antes de 25.2R1-S2-EVO, 25.2R2-EVO.\"}],\"affected\":[{\"source\":\"sirt@juniper.net\",\"affectedData\":[{\"vendor\":\"Juniper Networks\",\"product\":\"Junos OS\",\"defaultStatus\":\"unaffected\",\"versions\":[{\"version\":\"23.2R2-S1\",\"lessThan\":\"23.2R2-S5\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"23.4R2\",\"lessThan\":\"23.4R2-S6\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"24.2\",\"lessThan\":\"24.2R2-S3\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"24.4\",\"lessThan\":\"24.4R2-S1\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"25.2\",\"lessThan\":\"25.2R1-S2, 25.2R2\",\"versionType\":\"semver\",\"status\":\"affected\"}]},{\"vendor\":\"Juniper Networks\",\"product\":\"Junos OS Evolved\",\"defaultStatus\":\"unaffected\",\"versions\":[{\"version\":\"23.2R2-S1\",\"lessThan\":\"23.2R2-S5-EVO\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"23.4R2\",\"lessThan\":\"23.4R2-S6-EVO\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"24.2\",\"lessThan\":\"24.2R2-S3-EVO\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"24.4\",\"lessThan\":\"24.4R2-S1-EVO\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"25.2\",\"lessThan\":\"25.2R1-S2-EVO, 25.2R2-EVO\",\"versionType\":\"semver\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:M/U:Green\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"PRESENT\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"LOW\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"MODERATE\",\"providerUrgency\":\"GREEN\"}}],\"cvssMetricV31\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.2,\"impactScore\":5.9}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-01-16T04:55:55.863089Z\",\"id\":\"CVE-2026-21908\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"total\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.2:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6FB32DF-D062-4FB9-8777-452978BEC7B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.2:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3B6C811-5C10-4486-849D-5559B592350A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.2:r2-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"078D61B9-A228-453C-9D20-6F9C6B20637F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.2:r2-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1F136A0-021D-43FE-BDD3-AD7201F7FC03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.4:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"175CCB13-76C0-44A4-A71D-41E22B92EB23\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.4:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"166BFDB3-1945-4949-BC2B-E18442FF2E4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.4:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"5923610F-878C-48CA-8B5D-9C609E4DD4DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.4:r2-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7C207E3-0252-4192-8E8C-E2ED2831B4F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.4:r2-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6974492-FE69-4340-8881-61C3329C1545\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.4:r2-s5:*:*:*:*:*:*\",\"matchCriteriaId\":\"279E59FE-96DF-4E1D-A3A2-61D180F04533\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:24.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"89524D6D-0B22-4952-AD8E-8072C5A05D5C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:24.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD69A194-1B03-44EA-8092-79BD10C6F729\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:24.2:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8463ADB4-B8A7-4D63-97A9-232ED713A21C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:24.2:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE68337F-106E-4317-A5B6-292B0159F577\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:24.2:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"266B520A-482A-43F7-90F8-B9D64D30034F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:24.2:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC78BC9E-5DA7-4E42-9923-B49A0B7F3564\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:24.2:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD99F1B0-82B0-4CD3-8C8F-C0FFF44A8B90\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:24.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"C452BDCB-34E3-42D3-8909-2312356EB70A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:24.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B8158F2-2028-40E9-955F-CFD581A32F60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:24.4:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A7233A1-EC7A-4458-9AE1-835480A03A21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:24.4:r1-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"D74087E2-5CAA-4085-8408-EB70EC1D5D91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:24.4:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EEF1798-F3C2-4645-96E7-1E82368B184D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:25.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B7572BB-9C77-4214-9C5F-CC83C7B93E37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:25.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"CAADBF98-38BE-40E2-AF1B-9077DCED0809\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:25.2:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"558F0A4C-0C72-4BF1-B2DE-C0D3BFD54BCD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:25.2:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C7B9DEB-7472-4010-8717-8050555C2FAD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D657944B-2066-4F2C-BC92-EDF4DE1C165C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"75A58924-6348-44CF-AB39-1FCE17FE81AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A903B31-D9E5-43FA-B09F-7E7769803720\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"E23BEA27-77F8-4CDF-A49A-FEF9C33DA513\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.4:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB82B22F-9005-4EF0-A1E3-4261757783D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"0224D3F1-8B86-432C-8F5B-B4B7B69ADF31\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB2FE5FE-0ADE-406E-A23D-FDCC104B2496\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E58987A-D7B7-4FFF-9969-E8FD76AE2BE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"E779C0D4-A8F7-4976-B3C8-B9802B96E715\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s5:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7457415-D893-474B-ABA6-9841BB5CC6DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:24.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DD89AAD-C615-42AF-B8AF-E6067862F0F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:24.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"28AFF11D-E418-4A76-B557-F60622602537\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:24.2:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A86A69D-2B90-4B3B-A6EC-88358284787D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:24.2:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"080BEA58-9667-4C2C-810D-DC1187DB67DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:24.2:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"34072A94-CFEB-4FAA-8E68-E98D4F7602E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:24.2:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"C79FF7EC-AD91-4F9F-B8AC-B1A9C9271816\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:24.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"B32ADA05-5F5D-45B6-BB7B-3FA6A6F229F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:24.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6526E82-A6A6-4A65-9B01-B3FCB947F44E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:24.4:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF3B74FA-DF84-4E3E-BCF9-44EEF9E45910\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:24.4:r1-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC024CDE-DA63-4E87-BA97-5E8C06B0D8B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:24.4:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"25DA0DD2-E974-448C-BD05-ED6FCA4725FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:25.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"DAF96553-DB70-4DFA-8658-306A7477DD06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:25.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"83C415EF-E87B-4259-A836-59B3A9C3914B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:25.2:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"AFD32E67-9D8D-437D-96BC-CA97A1F686BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:25.2:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB843A79-1B1C-4638-96B9-F1F191F1F75F\"}]}]}],\"references\":[{\"url\":\"https://kb.juniper.net/JSA106007\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://supportportal.juniper.net/JSA106007\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"cna\": {\"affected\": [{\"defaultStatus\": \"unaffected\", \"product\": \"Junos OS\", \"vendor\": \"Juniper Networks\", \"versions\": [{\"lessThan\": \"23.2R2-S5\", \"status\": \"affected\", \"version\": \"23.2R2-S1\", \"versionType\": \"semver\"}, {\"lessThan\": \"23.4R2-S6\", \"status\": \"affected\", \"version\": \"23.4R2\", \"versionType\": \"semver\"}, {\"lessThan\": \"24.2R2-S3\", \"status\": \"affected\", \"version\": \"24.2\", \"versionType\": \"semver\"}, {\"lessThan\": \"24.4R2-S1\", \"status\": \"affected\", \"version\": \"24.4\", \"versionType\": \"semver\"}, {\"lessThan\": \"25.2R1-S2, 25.2R2\", \"status\": \"affected\", \"version\": \"25.2\", \"versionType\": \"semver\"}]}, {\"defaultStatus\": \"unaffected\", \"product\": \"Junos OS Evolved\", \"vendor\": \"Juniper Networks\", \"versions\": [{\"lessThan\": \"23.2R2-S5-EVO\", \"status\": \"affected\", \"version\": \"23.2R2-S1\", \"versionType\": \"semver\"}, {\"lessThan\": \"23.4R2-S6-EVO\", \"status\": \"affected\", \"version\": \"23.4R2\", \"versionType\": \"semver\"}, {\"lessThan\": \"24.2R2-S3-EVO\", \"status\": \"affected\", \"version\": \"24.2\", \"versionType\": \"semver\"}, {\"lessThan\": \"24.4R2-S1-EVO\", \"status\": \"affected\", \"version\": \"24.4\", \"versionType\": \"semver\"}, {\"lessThan\": \"25.2R1-S2-EVO, 25.2R2-EVO\", \"status\": \"affected\", \"version\": \"25.2\", \"versionType\": \"semver\"}]}], \"configurations\": [{\"lang\": \"en\", \"supportingMedia\": [{\"base64\": false, \"type\": \"text/html\", \"value\": \"This issue requires support for 802.1X be enabled. For example:\u003cbr\u003e\u003cbr\u003e\u003ctt\u003e[protocols dot1x authenticator ...]\u003c/tt\u003e\"}], \"value\": \"This issue requires support for 802.1X be enabled. For example:\\n\\n[protocols dot1x authenticator ...]\"}], \"datePublic\": \"2026-01-14T17:00:00.000Z\", \"descriptions\": [{\"lang\": \"en\", \"supportingMedia\": [{\"base64\": false, \"type\": \"text/html\", \"value\": \"A Use After Free vulnerability was identified in the 802.1X authentication daemon (dot1xd) of\u0026nbsp;Juniper Networks Junos OS and Junos OS Evolved that could allow an authenticated, network-adjacent attacker flapping a port to crash the dot1xd process, leading to a Denial of Service (DoS), or potentially execute arbitrary code within the context of the process running as root.\u003cbr\u003e\u003cbr\u003eThe issue is specific to the processing of a change in authorization (CoA) when a port bounce occurs. A pointer is freed but was then referenced later in the same code path. Successful exploitation is outside the attacker\u0027s direct control due to the specific timing of the two events required to execute the vulnerable code path.\u003cbr\u003e\u003cbr\u003eThis issue affects systems with 802.1X authentication port-based network access control (PNAC) enabled.\u003cbr\u003e\u003cp\u003eThis issue affects:\u003c/p\u003e\u003cp\u003eJunos OS:\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003efrom 23.2R2-S1 before 23.2R2-S5,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 23.4R2 before 23.4R2-S6,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 24.2 before 24.2R2-S3,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 24.4 before 24.4R2-S1,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 25.2 before 25.2R1-S2, 25.2R2;\u0026nbsp;\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eJunos OS Evolved:\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003efrom 23.2R2-S1 before 23.2R2-S5-EVO,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 23.4R2 before 23.4R2-S6-EVO,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 24.2 before 24.2R2-S3-EVO,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 24.4 before 24.4R2-S1-EVO,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 25.2 before 25.2R1-S2-EVO, 25.2R2-EVO.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\"}], \"value\": \"A Use After Free vulnerability was identified in the 802.1X authentication daemon (dot1xd) of\\u00a0Juniper Networks Junos OS and Junos OS Evolved that could allow an authenticated, network-adjacent attacker flapping a port to crash the dot1xd process, leading to a Denial of Service (DoS), or potentially execute arbitrary code within the context of the process running as root.\\n\\nThe issue is specific to the processing of a change in authorization (CoA) when a port bounce occurs. A pointer is freed but was then referenced later in the same code path. Successful exploitation is outside the attacker\u0027s direct control due to the specific timing of the two events required to execute the vulnerable code path.\\n\\nThis issue affects systems with 802.1X authentication port-based network access control (PNAC) enabled.\\nThis issue affects:\\n\\nJunos OS:\\u00a0\\n\\n\\n\\n  *  from 23.2R2-S1 before 23.2R2-S5,\\u00a0\\n  *  from 23.4R2 before 23.4R2-S6,\\u00a0\\n  *  from 24.2 before 24.2R2-S3,\\u00a0\\n  *  from 24.4 before 24.4R2-S1,\\u00a0\\n  *  from 25.2 before 25.2R1-S2, 25.2R2;\\u00a0\\n\\n\\n\\n\\nJunos OS Evolved:\\u00a0\\n\\n\\n\\n  *  from 23.2R2-S1 before 23.2R2-S5-EVO,\\u00a0\\n  *  from 23.4R2 before 23.4R2-S6-EVO,\\u00a0\\n  *  from 24.2 before 24.2R2-S3-EVO,\\u00a0\\n  *  from 24.4 before 24.4R2-S1-EVO,\\u00a0\\n  *  from 25.2 before 25.2R1-S2-EVO, 25.2R2-EVO.\"}], \"exploits\": [{\"lang\": \"en\", \"supportingMedia\": [{\"base64\": false, \"type\": \"text/html\", \"value\": \"Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\"}], \"value\": \"Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\"}], \"metrics\": [{\"cvssV3_1\": {\"attackComplexity\": \"HIGH\", \"attackVector\": \"ADJACENT_NETWORK\", \"availabilityImpact\": \"HIGH\", \"baseScore\": 7.1, \"baseSeverity\": \"HIGH\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"scope\": \"UNCHANGED\", \"userInteraction\": \"NONE\", \"vectorString\": \"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"version\": \"3.1\"}, \"format\": \"CVSS\", \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}, {\"cvssV4_0\": {\"Automatable\": \"NOT_DEFINED\", \"Recovery\": \"NOT_DEFINED\", \"Safety\": \"NOT_DEFINED\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"PRESENT\", \"attackVector\": \"ADJACENT\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"providerUrgency\": \"GREEN\", \"subAvailabilityImpact\": \"LOW\", \"subConfidentialityImpact\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:L/RE:M/U:Green\", \"version\": \"4.0\", \"vulnAvailabilityImpact\": \"HIGH\", \"vulnConfidentialityImpact\": \"HIGH\", \"vulnIntegrityImpact\": \"HIGH\", \"vulnerabilityResponseEffort\": \"MODERATE\"}, \"format\": \"CVSS\", \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"problemTypes\": [{\"descriptions\": [{\"cweId\": \"CWE-416\", \"description\": \"CWE-416 Use After Free\", \"lang\": \"en\", \"type\": \"CWE\"}]}], \"providerMetadata\": {\"orgId\": \"8cbe9d5a-a066-4c94-8978-4b15efeae968\", \"shortName\": \"juniper\", \"dateUpdated\": \"2026-01-15T20:21:41.576Z\"}, \"references\": [{\"tags\": [\"vendor-advisory\"], \"url\": \"https://supportportal.juniper.net/JSA106007\"}, {\"tags\": [\"vendor-advisory\"], \"url\": \"https://kb.juniper.net/JSA106007\"}], \"solutions\": [{\"lang\": \"en\", \"supportingMedia\": [{\"base64\": false, \"type\": \"text/html\", \"value\": \"The following software releases have been updated to resolve this specific issue:\u003cbr\u003eJunos OS 23.2R2-S5, 23.4R2-S6, 24.2R2-S3, 24.4R2-S1, 25.2R1-S2, 25.2R2, 25.4R1, and all subsequent releases.\u003cbr\u003eJunos OS Evolved:\u0026nbsp;23.2R2-S5-EVO, 23.4R2-S6-EVO, 24.2R2-S3-EVO, 24.4R2-S1-EVO, 25.2R1-S2-EVO, 25.2R2-EVO, 25.4R1-EVO,\"}], \"value\": \"The following software releases have been updated to resolve this specific issue:\\nJunos OS 23.2R2-S5, 23.4R2-S6, 24.2R2-S3, 24.4R2-S1, 25.2R1-S2, 25.2R2, 25.4R1, and all subsequent releases.\\nJunos OS Evolved:\\u00a023.2R2-S5-EVO, 23.4R2-S6-EVO, 24.2R2-S3-EVO, 24.4R2-S1-EVO, 25.2R1-S2-EVO, 25.2R2-EVO, 25.4R1-EVO,\"}], \"source\": {\"advisory\": \"JSA106007\", \"defect\": [\"1896371\"], \"discovery\": \"INTERNAL\"}, \"title\": \"Junos OS and Junos OS Evolved: Use after free vulnerability In 802.1X authentication daemon can cause crash of the dot1xd process\", \"workarounds\": [{\"lang\": \"en\", \"supportingMedia\": [{\"base64\": false, \"type\": \"text/html\", \"value\": \"There are no known workarounds for this issue.\"}], \"value\": \"There are no known workarounds for this issue.\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}}, \"adp\": [{\"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-21908\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-01-16T04:55:55.863089Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-01-15T20:45:01.036Z\"}, \"title\": \"CISA ADP Vulnrichment\"}]}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-21908\", \"assignerOrgId\": \"8cbe9d5a-a066-4c94-8978-4b15efeae968\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"juniper\", \"dateReserved\": \"2026-01-05T17:32:48.710Z\", \"datePublished\": \"2026-01-15T20:21:41.576Z\", \"dateUpdated\": \"2026-01-16T04:55:55.090Z\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…