Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-33780 (GCVE-0-2026-33780)
Vulnerability from cvelistv5 – Published: 2026-04-09 21:29 – Updated: 2026-04-13 18:06
VLAI?
EPSS
Title
Junos OS and Junos OS Evolved: In an EVPN-MPLS scenario churn of ESI routes causes a memory leak in l2ald
Summary
A Missing Release of Memory after Effective Lifetime vulnerability in the Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a memory leak ultimately leading to a Denial of Service (DoS).
In an EVPN-MPLS scenario, routes learned from remote multi-homed Provider Edge (PE) devices are programmed as ESI routes. Due to a logic issue in the l2ald memory management, memory allocated for these routes is not released when there is churn for these routes. As a result, memory leaks in the l2ald process which will ultimately lead to a crash and restart of l2ald.
Use the following command to monitor the memory consumption by l2ald:
user@device> show system process extensive | match "PID|l2ald"
This issue affects:
Junos OS:
* all versions before 22.4R3-S5,
* 23.2 versions before 23.2R2-S3,
* 23.4 versions before 23.4R2-S4,
* 24.2 versions before 24.2R2;
Junos OS Evolved:
* all versions before 22.4R3-S5-EVO,
* 23.2 versions before 23.2R2-S3-EVO,
* 23.4 versions before 23.4R2-S4-EVO,
* 24.2 versions before 24.2R2-EVO.
Severity ?
CWE
- CWE-401 - Missing Release of Memory after Effective Lifetime
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://kb.juniper.net/JSA107819 | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Juniper Networks | Junos OS |
Affected:
0 , < 22.4R3-S5
(semver)
Affected: 23.2 , < 23.2R2-S3 (semver) Affected: 23.4 , < 23.4R2-S4 (semver) Affected: 24.2 , < 24.2R2 (semver) |
|
| Juniper Networks | Junos OS Evolved |
Affected:
all version prior to , < 22.4R3-S5-EVO
(semver)
Affected: 23.2 , < 23.2R2-S3-EVO (semver) Affected: 23.4 , < 23.4R2-S4-EVO (semver) Affected: 24.2 , < 24.2R2-EVO (semver) |
Date Public ?
2026-04-08 16:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-33780",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-13T17:39:43.706961Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-13T18:06:19.950Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "22.4R3-S5",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "23.2R2-S3",
"status": "affected",
"version": "23.2",
"versionType": "semver"
},
{
"lessThan": "23.4R2-S4",
"status": "affected",
"version": "23.4",
"versionType": "semver"
},
{
"lessThan": "24.2R2",
"status": "affected",
"version": "24.2",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Junos OS Evolved",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "22.4R3-S5-EVO",
"status": "affected",
"version": "all version prior to",
"versionType": "semver"
},
{
"lessThan": "23.2R2-S3-EVO",
"status": "affected",
"version": "23.2",
"versionType": "semver"
},
{
"lessThan": "23.4R2-S4-EVO",
"status": "affected",
"version": "23.4",
"versionType": "semver"
},
{
"lessThan": "24.2R2-EVO",
"status": "affected",
"version": "24.2",
"versionType": "semver"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(251, 251, 251);\"\u003eTo be exposed to this issue the device must be configured for EVPN-MPLS. Refer to product documentation for how to configure EVPN-MPLS as there are different configuration options.\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "To be exposed to this issue the device must be configured for EVPN-MPLS. Refer to product documentation for how to configure EVPN-MPLS as there are different configuration options."
}
],
"datePublic": "2026-04-08T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A Missing Release of Memory after Effective Lifetime vulnerability in the\u0026nbsp;Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a memory leak ultimately leading to a Denial of Service (DoS).\u003cbr\u003e\u003cbr\u003e\n\nIn an EVPN-MPLS scenario, routes learned from remote multi-homed Provider Edge (PE) devices are programmed as ESI routes. Due to a logic issue in the l2ald memory management, memory allocated for these routes is not released when there is churn for these routes. As a result, memory leaks in the l2ald process which will ultimately lead to a crash and restart of l2ald.\u003cbr\u003e\u003cbr\u003eUse the following command to monitor the memory consumption by l2ald:\u003cbr\u003e\u003cbr\u003e\u003ctt\u003euser@device\u0026gt; show system process extensive | match \"PID|l2ald\"\u003c/tt\u003e \n\n\u003cbr\u003e\u003cbr\u003e\u003cp\u003eThis issue affects:\u003c/p\u003e\u003cp\u003eJunos OS:\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eall versions before 22.4R3-S5,\u003c/li\u003e\u003cli\u003e23.2 versions before 23.2R2-S3,\u003c/li\u003e\u003cli\u003e23.4 versions before 23.4R2-S4,\u003c/li\u003e\u003cli\u003e24.2 versions before 24.2R2;\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eJunos OS Evolved:\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eall versions before 22.4R3-S5-EVO,\u003c/li\u003e\u003cli\u003e23.2 versions before 23.2R2-S3-EVO,\u003c/li\u003e\u003cli\u003e23.4 versions before 23.4R2-S4-EVO,\u003c/li\u003e\u003cli\u003e24.2 versions before 24.2R2-EVO.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "A Missing Release of Memory after Effective Lifetime vulnerability in the\u00a0Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a memory leak ultimately leading to a Denial of Service (DoS).\n\n\n\nIn an EVPN-MPLS scenario, routes learned from remote multi-homed Provider Edge (PE) devices are programmed as ESI routes. Due to a logic issue in the l2ald memory management, memory allocated for these routes is not released when there is churn for these routes. As a result, memory leaks in the l2ald process which will ultimately lead to a crash and restart of l2ald.\n\nUse the following command to monitor the memory consumption by l2ald:\n\nuser@device\u003e show system process extensive | match \"PID|l2ald\" \n\n\n\nThis issue affects:\n\nJunos OS:\n\n\n\n * all versions before 22.4R3-S5,\n * 23.2 versions before 23.2R2-S3,\n * 23.4 versions before 23.4R2-S4,\n * 24.2 versions before 24.2R2;\n\n\n\n\nJunos OS Evolved:\n\n\n\n * all versions before 22.4R3-S5-EVO,\n * 23.2 versions before 23.2R2-S3-EVO,\n * 23.4 versions before 23.4R2-S4-EVO,\n * 24.2 versions before 24.2R2-EVO."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/RE:M",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-401",
"description": "CWE-401 Missing Release of Memory after Effective Lifetime",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-09T21:29:20.534Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://kb.juniper.net/JSA107819"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The following software releases have been updated to resolve this specific issue: \u003cbr\u003eJunos OS Evolved: 22.4R3-S5-EVO, 23.2R2-S3-EVO, 23.4R2-S4-EVO, 24.2R2-EVO, 24.4R1-EVO,\u0026nbsp;and all subsequent releases;\u003cbr\u003eJunos OS: 22.4R3-S5, 23.2R2-S3, 23.4R2-S4, 24.2R2, 24.4R1, and all subsequent releases."
}
],
"value": "The following software releases have been updated to resolve this specific issue: \nJunos OS Evolved: 22.4R3-S5-EVO, 23.2R2-S3-EVO, 23.4R2-S4-EVO, 24.2R2-EVO, 24.4R1-EVO,\u00a0and all subsequent releases;\nJunos OS: 22.4R3-S5, 23.2R2-S3, 23.4R2-S4, 24.2R2, 24.4R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA107819",
"defect": [
"1824956"
],
"discovery": "USER"
},
"title": "Junos OS and Junos OS Evolved: In an EVPN-MPLS scenario churn of ESI routes causes a memory leak in l2ald",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "There are no known workarounds for this issue."
}
],
"value": "There are no known workarounds for this issue."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2026-33780",
"datePublished": "2026-04-09T21:29:20.534Z",
"dateReserved": "2026-03-23T19:46:13.669Z",
"dateUpdated": "2026-04-13T18:06:19.950Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-33780",
"date": "2026-05-18",
"epss": "0.00021",
"percentile": "0.06136"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-33780\",\"sourceIdentifier\":\"sirt@juniper.net\",\"published\":\"2026-04-09T22:16:26.960\",\"lastModified\":\"2026-04-17T17:59:50.417\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A Missing Release of Memory after Effective Lifetime vulnerability in the\u00a0Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a memory leak ultimately leading to a Denial of Service (DoS).\\n\\n\\n\\nIn an EVPN-MPLS scenario, routes learned from remote multi-homed Provider Edge (PE) devices are programmed as ESI routes. Due to a logic issue in the l2ald memory management, memory allocated for these routes is not released when there is churn for these routes. As a result, memory leaks in the l2ald process which will ultimately lead to a crash and restart of l2ald.\\n\\nUse the following command to monitor the memory consumption by l2ald:\\n\\nuser@device\u003e show system process extensive | match \\\"PID|l2ald\\\" \\n\\n\\n\\nThis issue affects:\\n\\nJunos OS:\\n\\n\\n\\n * all versions before 22.4R3-S5,\\n * 23.2 versions before 23.2R2-S3,\\n * 23.4 versions before 23.4R2-S4,\\n * 24.2 versions before 24.2R2;\\n\\n\\n\\n\\nJunos OS Evolved:\\n\\n\\n\\n * all versions before 22.4R3-S5-EVO,\\n * 23.2 versions before 23.2R2-S3-EVO,\\n * 23.4 versions before 23.4R2-S4-EVO,\\n * 24.2 versions before 24.2R2-EVO.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:X/RE:M/U:X\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"NONE\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"LOW\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"YES\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"MODERATE\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-401\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"22.4\",\"matchCriteriaId\":\"57F66641-003B-49D6-A9B9-AB300CFE3C93\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"1379EF30-AF04-4F98-8328-52A631F24737\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"28E42A41-7965-456B-B0AF-9D3229CE4D4C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB1A77D6-D3AD-481B-979C-8F778530B175\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A064B6B-A99B-4D8D-A62D-B00C7870BC30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"40813417-A938-4F74-A419-8C5188A35486\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FC1BA1A-DF0E-4B15-86BA-24C60E546732\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"EBB967BF-3495-476D-839A-9DBFCBE69F91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E5688D6-DCA4-4550-9CD1-A3D792252129\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:r3-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8494546C-00EA-49B6-B6FA-FDE42CA5B1FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:r3-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"8BB98579-FA33-4E41-A162-A46E9709FBD3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:r3-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"08E2562F-FB18-4347-8497-7D61B8157EBB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:r3-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"494D1D96-1DA2-4B0A-9536-1B5A4FDFCA09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A78CC80-E8B1-4CDA-BB35-A61833657FA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B3B2FE1-C228-46BE-AC76-70C2687050AE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.2:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1B16FF0-900F-4AEE-B670-A537139F6909\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.2:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"B227E831-30FF-4BE1-B8B2-31829A5610A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.2:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"1ADA814B-EF98-45B1-AF7A-0C89688F7CA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.2:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6FB32DF-D062-4FB9-8777-452978BEC7B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.2:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3B6C811-5C10-4486-849D-5559B592350A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"78481ABC-3620-410D-BC78-334657E0BB75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE8A5BA3-87BD-473A-B229-2AAB2C797005\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.4:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B74AC3E-8FC9-400A-A176-4F7F21F10756\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.4:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB2D1FCE-8019-4CE1-BA45-D62F91AF7B51\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.4:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"175CCB13-76C0-44A4-A71D-41E22B92EB23\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.4:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"166BFDB3-1945-4949-BC2B-E18442FF2E4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.4:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"5923610F-878C-48CA-8B5D-9C609E4DD4DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.4:r2-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7C207E3-0252-4192-8E8C-E2ED2831B4F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:24.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"89524D6D-0B22-4952-AD8E-8072C5A05D5C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:24.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD69A194-1B03-44EA-8092-79BD10C6F729\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:24.2:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8463ADB4-B8A7-4D63-97A9-232ED713A21C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:24.2:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE68337F-106E-4317-A5B6-292B0159F577\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"22.4\",\"matchCriteriaId\":\"A9925263-E7B7-49AA-8271-AF320F355B80\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A33C425-921F-4795-B834-608C8F1597E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"93887799-F62C-4A4A-BCF5-004D0B4D4154\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"62C473D2-2612-4480-82D8-8A24D0687BBD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FB4C5CA-A709-4B13-A9E0-372098A72AD3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.4:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"04CE952D-E3C1-4B34-9E65-EC52BFE887AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AE9D1A7-4721-4E1D-B965-FDC38126B1DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8643AA3-29EF-48A7-B033-CB60988E214B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.4:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"9800BA03-E6BF-4212-B2E7-69C0FD27D294\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"ACCA655D-C542-44F1-B183-4C864CFF2D4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D499B19-A91A-4B76-B1CB-6A07A4CB212B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6B2830C-26EE-446E-B0C3-B5E43AD897B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C7367E6-B491-4A1F-B9D7-BC86A15A0773\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DEAA7FD-385F-4221-907E-65ABC16BE4BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDEC008A-3137-48D1-8ABC-6DB0EFC40E50\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"558D234D-BC50-415F-86D6-8E19D6C3ACE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"33F4EEEE-77E9-4973-A770-99E7BA2F05F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.2:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4BB6910-B994-45FD-8153-5EC00EE842E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D657944B-2066-4F2C-BC92-EDF4DE1C165C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"75A58924-6348-44CF-AB39-1FCE17FE81AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D7F0D73-85EE-4A07-B51B-6BF52ECBA75E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE777A1F-9CD9-426E-AF1C-FBE01EB9A4A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.4:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7147BA60-30A5-4CED-9AAF-F6BEA0528B89\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.4:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E5CE59B-14B2-4F4C-81B5-0430EC954956\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.4:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB82B22F-9005-4EF0-A1E3-4261757783D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"0224D3F1-8B86-432C-8F5B-B4B7B69ADF31\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB2FE5FE-0ADE-406E-A23D-FDCC104B2496\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E58987A-D7B7-4FFF-9969-E8FD76AE2BE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:24.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DD89AAD-C615-42AF-B8AF-E6067862F0F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:24.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"28AFF11D-E418-4A76-B557-F60622602537\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:24.2:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A86A69D-2B90-4B3B-A6EC-88358284787D\"}]}]}],\"references\":[{\"url\":\"https://kb.juniper.net/JSA107819\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-33780\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-04-13T17:39:43.706961Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-04-13T17:58:41.554Z\"}}], \"cna\": {\"title\": \"Junos OS and Junos OS Evolved: In an EVPN-MPLS scenario churn of ESI routes causes a memory leak in l2ald\", \"source\": {\"defect\": [\"1824956\"], \"advisory\": \"JSA107819\", \"discovery\": \"USER\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.5, \"attackVector\": \"ADJACENT_NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}, {\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 7.1, \"Automatable\": \"YES\", \"attackVector\": \"ADJACENT\", \"baseSeverity\": \"HIGH\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/RE:M\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"NONE\", \"subAvailabilityImpact\": \"LOW\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"NONE\", \"vulnerabilityResponseEffort\": \"MODERATE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Juniper Networks\", \"product\": \"Junos OS\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"22.4R3-S5\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"23.2\", \"lessThan\": \"23.2R2-S3\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"23.4\", \"lessThan\": \"23.4R2-S4\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"24.2\", \"lessThan\": \"24.2R2\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Juniper Networks\", \"product\": \"Junos OS Evolved\", \"versions\": [{\"status\": \"affected\", \"version\": \"all version prior to\", \"lessThan\": \"22.4R3-S5-EVO\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"23.2\", \"lessThan\": \"23.2R2-S3-EVO\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"23.4\", \"lessThan\": \"23.4R2-S4-EVO\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"24.2\", \"lessThan\": \"24.2R2-EVO\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\", \"base64\": false}]}], \"solutions\": [{\"lang\": \"en\", \"value\": \"The following software releases have been updated to resolve this specific issue: \\nJunos OS Evolved: 22.4R3-S5-EVO, 23.2R2-S3-EVO, 23.4R2-S4-EVO, 24.2R2-EVO, 24.4R1-EVO,\\u00a0and all subsequent releases;\\nJunos OS: 22.4R3-S5, 23.2R2-S3, 23.4R2-S4, 24.2R2, 24.4R1, and all subsequent releases.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"The following software releases have been updated to resolve this specific issue: \u003cbr\u003eJunos OS Evolved: 22.4R3-S5-EVO, 23.2R2-S3-EVO, 23.4R2-S4-EVO, 24.2R2-EVO, 24.4R1-EVO,\u0026nbsp;and all subsequent releases;\u003cbr\u003eJunos OS: 22.4R3-S5, 23.2R2-S3, 23.4R2-S4, 24.2R2, 24.4R1, and all subsequent releases.\", \"base64\": false}]}], \"datePublic\": \"2026-04-08T16:00:00.000Z\", \"references\": [{\"url\": \"https://kb.juniper.net/JSA107819\", \"tags\": [\"vendor-advisory\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"There are no known workarounds for this issue.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"There are no known workarounds for this issue.\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A Missing Release of Memory after Effective Lifetime vulnerability in the\\u00a0Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a memory leak ultimately leading to a Denial of Service (DoS).\\n\\n\\n\\nIn an EVPN-MPLS scenario, routes learned from remote multi-homed Provider Edge (PE) devices are programmed as ESI routes. Due to a logic issue in the l2ald memory management, memory allocated for these routes is not released when there is churn for these routes. As a result, memory leaks in the l2ald process which will ultimately lead to a crash and restart of l2ald.\\n\\nUse the following command to monitor the memory consumption by l2ald:\\n\\nuser@device\u003e show system process extensive | match \\\"PID|l2ald\\\" \\n\\n\\n\\nThis issue affects:\\n\\nJunos OS:\\n\\n\\n\\n * all versions before 22.4R3-S5,\\n * 23.2 versions before 23.2R2-S3,\\n * 23.4 versions before 23.4R2-S4,\\n * 24.2 versions before 24.2R2;\\n\\n\\n\\n\\nJunos OS Evolved:\\n\\n\\n\\n * all versions before 22.4R3-S5-EVO,\\n * 23.2 versions before 23.2R2-S3-EVO,\\n * 23.4 versions before 23.4R2-S4-EVO,\\n * 24.2 versions before 24.2R2-EVO.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"A Missing Release of Memory after Effective Lifetime vulnerability in the\u0026nbsp;Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a memory leak ultimately leading to a Denial of Service (DoS).\u003cbr\u003e\u003cbr\u003e\\n\\nIn an EVPN-MPLS scenario, routes learned from remote multi-homed Provider Edge (PE) devices are programmed as ESI routes. Due to a logic issue in the l2ald memory management, memory allocated for these routes is not released when there is churn for these routes. As a result, memory leaks in the l2ald process which will ultimately lead to a crash and restart of l2ald.\u003cbr\u003e\u003cbr\u003eUse the following command to monitor the memory consumption by l2ald:\u003cbr\u003e\u003cbr\u003e\u003ctt\u003euser@device\u0026gt; show system process extensive | match \\\"PID|l2ald\\\"\u003c/tt\u003e \\n\\n\u003cbr\u003e\u003cbr\u003e\u003cp\u003eThis issue affects:\u003c/p\u003e\u003cp\u003eJunos OS:\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eall versions before 22.4R3-S5,\u003c/li\u003e\u003cli\u003e23.2 versions before 23.2R2-S3,\u003c/li\u003e\u003cli\u003e23.4 versions before 23.4R2-S4,\u003c/li\u003e\u003cli\u003e24.2 versions before 24.2R2;\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eJunos OS Evolved:\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eall versions before 22.4R3-S5-EVO,\u003c/li\u003e\u003cli\u003e23.2 versions before 23.2R2-S3-EVO,\u003c/li\u003e\u003cli\u003e23.4 versions before 23.4R2-S4-EVO,\u003c/li\u003e\u003cli\u003e24.2 versions before 24.2R2-EVO.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-401\", \"description\": \"CWE-401 Missing Release of Memory after Effective Lifetime\"}]}], \"configurations\": [{\"lang\": \"en\", \"value\": \"To be exposed to this issue the device must be configured for EVPN-MPLS. Refer to product documentation for how to configure EVPN-MPLS as there are different configuration options.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cspan style=\\\"background-color: rgb(251, 251, 251);\\\"\u003eTo be exposed to this issue the device must be configured for EVPN-MPLS. Refer to product documentation for how to configure EVPN-MPLS as there are different configuration options.\u003c/span\u003e\\n\\n\u003cbr\u003e\", \"base64\": false}]}], \"providerMetadata\": {\"orgId\": \"8cbe9d5a-a066-4c94-8978-4b15efeae968\", \"shortName\": \"juniper\", \"dateUpdated\": \"2026-04-09T21:29:20.534Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-33780\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-04-13T18:06:19.950Z\", \"dateReserved\": \"2026-03-23T19:46:13.669Z\", \"assignerOrgId\": \"8cbe9d5a-a066-4c94-8978-4b15efeae968\", \"datePublished\": \"2026-04-09T21:29:20.534Z\", \"assignerShortName\": \"juniper\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
GHSA-WCMX-9W9J-Q7PH
Vulnerability from github – Published: 2026-04-10 00:30 – Updated: 2026-04-10 00:30
VLAI?
Details
A Missing Release of Memory after Effective Lifetime vulnerability in the Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a memory leak ultimately leading to a Denial of Service (DoS).
In an EVPN-MPLS scenario, routes learned from remote multi-homed Provider Edge (PE) devices are programmed as ESI routes. Due to a logic issue in the l2ald memory management, memory allocated for these routes is not released when there is churn for these routes. As a result, memory leaks in the l2ald process which will ultimately lead to a crash and restart of l2ald.
Use the following command to monitor the memory consumption by l2ald:
user@device> show system process extensive | match "PID|l2ald"
This issue affects:
Junos OS:
- all versions before 22.4R3-S5,
- 23.2 versions before 23.2R2-S3,
- 23.4 versions before 23.4R2-S4,
- 24.2 versions before 24.2R2;
Junos OS Evolved:
- all versions before 22.4R3-S5-EVO,
- 23.2 versions before 23.2R2-S3-EVO,
- 23.4 versions before 23.4R2-S4-EVO,
- 24.2 versions before 24.2R2-EVO.
Severity ?
{
"affected": [],
"aliases": [
"CVE-2026-33780"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-09T22:16:26Z",
"severity": "HIGH"
},
"details": "A Missing Release of Memory after Effective Lifetime vulnerability in the\u00a0Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a memory leak ultimately leading to a Denial of Service (DoS).\n\n\n\nIn an EVPN-MPLS scenario, routes learned from remote multi-homed Provider Edge (PE) devices are programmed as ESI routes. Due to a logic issue in the l2ald memory management, memory allocated for these routes is not released when there is churn for these routes. As a result, memory leaks in the l2ald process which will ultimately lead to a crash and restart of l2ald.\n\nUse the following command to monitor the memory consumption by l2ald:\n\nuser@device\u003e show system process extensive | match \"PID|l2ald\" \n\n\n\nThis issue affects:\n\nJunos OS:\n\n\n\n * all versions before 22.4R3-S5,\n * 23.2 versions before 23.2R2-S3,\n * 23.4 versions before 23.4R2-S4,\n * 24.2 versions before 24.2R2;\n\n\n\n\nJunos OS Evolved:\n\n\n\n * all versions before 22.4R3-S5-EVO,\n * 23.2 versions before 23.2R2-S3-EVO,\n * 23.4 versions before 23.4R2-S4-EVO,\n * 24.2 versions before 24.2R2-EVO.",
"id": "GHSA-wcmx-9w9j-q7ph",
"modified": "2026-04-10T00:30:29Z",
"published": "2026-04-10T00:30:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33780"
},
{
"type": "WEB",
"url": "https://kb.juniper.net/JSA107819"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:X/RE:M/U:X",
"type": "CVSS_V4"
}
]
}
FKIE_CVE-2026-33780
Vulnerability from fkie_nvd - Published: 2026-04-09 22:16 - Updated: 2026-04-17 17:59
Severity ?
Summary
A Missing Release of Memory after Effective Lifetime vulnerability in the Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a memory leak ultimately leading to a Denial of Service (DoS).
In an EVPN-MPLS scenario, routes learned from remote multi-homed Provider Edge (PE) devices are programmed as ESI routes. Due to a logic issue in the l2ald memory management, memory allocated for these routes is not released when there is churn for these routes. As a result, memory leaks in the l2ald process which will ultimately lead to a crash and restart of l2ald.
Use the following command to monitor the memory consumption by l2ald:
user@device> show system process extensive | match "PID|l2ald"
This issue affects:
Junos OS:
* all versions before 22.4R3-S5,
* 23.2 versions before 23.2R2-S3,
* 23.4 versions before 23.4R2-S4,
* 24.2 versions before 24.2R2;
Junos OS Evolved:
* all versions before 22.4R3-S5-EVO,
* 23.2 versions before 23.2R2-S3-EVO,
* 23.4 versions before 23.4R2-S4-EVO,
* 24.2 versions before 24.2R2-EVO.
References
| URL | Tags | ||
|---|---|---|---|
| sirt@juniper.net | https://kb.juniper.net/JSA107819 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57F66641-003B-49D6-A9B9-AB300CFE3C93",
"versionEndExcluding": "22.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:-:*:*:*:*:*:*",
"matchCriteriaId": "1379EF30-AF04-4F98-8328-52A631F24737",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "28E42A41-7965-456B-B0AF-9D3229CE4D4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "CB1A77D6-D3AD-481B-979C-8F778530B175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "3A064B6B-A99B-4D8D-A62D-B00C7870BC30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "40813417-A938-4F74-A419-8C5188A35486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "7FC1BA1A-DF0E-4B15-86BA-24C60E546732",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "EBB967BF-3495-476D-839A-9DBFCBE69F91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "7E5688D6-DCA4-4550-9CD1-A3D792252129",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "8494546C-00EA-49B6-B6FA-FDE42CA5B1FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "8BB98579-FA33-4E41-A162-A46E9709FBD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "08E2562F-FB18-4347-8497-7D61B8157EBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "494D1D96-1DA2-4B0A-9536-1B5A4FDFCA09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.2:-:*:*:*:*:*:*",
"matchCriteriaId": "1A78CC80-E8B1-4CDA-BB35-A61833657FA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "4B3B2FE1-C228-46BE-AC76-70C2687050AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "F1B16FF0-900F-4AEE-B670-A537139F6909",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "B227E831-30FF-4BE1-B8B2-31829A5610A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "1ADA814B-EF98-45B1-AF7A-0C89688F7CA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "A6FB32DF-D062-4FB9-8777-452978BEC7B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "B3B6C811-5C10-4486-849D-5559B592350A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.4:-:*:*:*:*:*:*",
"matchCriteriaId": "78481ABC-3620-410D-BC78-334657E0BB75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "BE8A5BA3-87BD-473A-B229-2AAB2C797005",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "8B74AC3E-8FC9-400A-A176-4F7F21F10756",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "CB2D1FCE-8019-4CE1-BA45-D62F91AF7B51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "175CCB13-76C0-44A4-A71D-41E22B92EB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "166BFDB3-1945-4949-BC2B-E18442FF2E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "5923610F-878C-48CA-8B5D-9C609E4DD4DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.4:r2-s3:*:*:*:*:*:*",
"matchCriteriaId": "A7C207E3-0252-4192-8E8C-E2ED2831B4F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:24.2:-:*:*:*:*:*:*",
"matchCriteriaId": "89524D6D-0B22-4952-AD8E-8072C5A05D5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:24.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "AD69A194-1B03-44EA-8092-79BD10C6F729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:24.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "8463ADB4-B8A7-4D63-97A9-232ED713A21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:24.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "FE68337F-106E-4317-A5B6-292B0159F577",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A9925263-E7B7-49AA-8271-AF320F355B80",
"versionEndExcluding": "22.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:-:*:*:*:*:*:*",
"matchCriteriaId": "0A33C425-921F-4795-B834-608C8F1597E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "93887799-F62C-4A4A-BCF5-004D0B4D4154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "62C473D2-2612-4480-82D8-8A24D0687BBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "7FB4C5CA-A709-4B13-A9E0-372098A72AD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "04CE952D-E3C1-4B34-9E65-EC52BFE887AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "8AE9D1A7-4721-4E1D-B965-FDC38126B1DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "A8643AA3-29EF-48A7-B033-CB60988E214B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "9800BA03-E6BF-4212-B2E7-69C0FD27D294",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "ACCA655D-C542-44F1-B183-4C864CFF2D4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "6D499B19-A91A-4B76-B1CB-6A07A4CB212B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "B6B2830C-26EE-446E-B0C3-B5E43AD897B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "1C7367E6-B491-4A1F-B9D7-BC86A15A0773",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:-:*:*:*:*:*:*",
"matchCriteriaId": "6DEAA7FD-385F-4221-907E-65ABC16BE4BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "DDEC008A-3137-48D1-8ABC-6DB0EFC40E50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "558D234D-BC50-415F-86D6-8E19D6C3ACE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "33F4EEEE-77E9-4973-A770-99E7BA2F05F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "A4BB6910-B994-45FD-8153-5EC00EE842E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "D657944B-2066-4F2C-BC92-EDF4DE1C165C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "75A58924-6348-44CF-AB39-1FCE17FE81AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:-:*:*:*:*:*:*",
"matchCriteriaId": "9D7F0D73-85EE-4A07-B51B-6BF52ECBA75E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "FE777A1F-9CD9-426E-AF1C-FBE01EB9A4A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "7147BA60-30A5-4CED-9AAF-F6BEA0528B89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "6E5CE59B-14B2-4F4C-81B5-0430EC954956",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "FB82B22F-9005-4EF0-A1E3-4261757783D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "0224D3F1-8B86-432C-8F5B-B4B7B69ADF31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "EB2FE5FE-0ADE-406E-A23D-FDCC104B2496",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s3:*:*:*:*:*:*",
"matchCriteriaId": "2E58987A-D7B7-4FFF-9969-E8FD76AE2BE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:24.2:-:*:*:*:*:*:*",
"matchCriteriaId": "0DD89AAD-C615-42AF-B8AF-E6067862F0F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:24.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "28AFF11D-E418-4A76-B557-F60622602537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:24.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "0A86A69D-2B90-4B3B-A6EC-88358284787D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Missing Release of Memory after Effective Lifetime vulnerability in the\u00a0Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a memory leak ultimately leading to a Denial of Service (DoS).\n\n\n\nIn an EVPN-MPLS scenario, routes learned from remote multi-homed Provider Edge (PE) devices are programmed as ESI routes. Due to a logic issue in the l2ald memory management, memory allocated for these routes is not released when there is churn for these routes. As a result, memory leaks in the l2ald process which will ultimately lead to a crash and restart of l2ald.\n\nUse the following command to monitor the memory consumption by l2ald:\n\nuser@device\u003e show system process extensive | match \"PID|l2ald\" \n\n\n\nThis issue affects:\n\nJunos OS:\n\n\n\n * all versions before 22.4R3-S5,\n * 23.2 versions before 23.2R2-S3,\n * 23.4 versions before 23.4R2-S4,\n * 24.2 versions before 24.2R2;\n\n\n\n\nJunos OS Evolved:\n\n\n\n * all versions before 22.4R3-S5-EVO,\n * 23.2 versions before 23.2R2-S3-EVO,\n * 23.4 versions before 23.4R2-S4-EVO,\n * 24.2 versions before 24.2R2-EVO."
}
],
"id": "CVE-2026-33780",
"lastModified": "2026-04-17T17:59:50.417",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "sirt@juniper.net",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "YES",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:X/RE:M/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "MODERATE"
},
"source": "sirt@juniper.net",
"type": "Secondary"
}
]
},
"published": "2026-04-09T22:16:26.960",
"references": [
{
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA107819"
}
],
"sourceIdentifier": "sirt@juniper.net",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "sirt@juniper.net",
"type": "Primary"
}
]
}
WID-SEC-W-2026-1022
Vulnerability from csaf_certbund - Published: 2026-04-08 22:00 - Updated: 2026-04-09 22:00Summary
Juniper Patchday April 2026: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Juniper Apstra (ehemals bekannt als AOS) automatisiert alle Aspekte der Rechnzentrums-Netzwerkplanung, des Aufbaus, der Bereitstellung und des Betriebs.
JUNOS ist das "Juniper Network Operating System", das in Juniper Appliances verwendet wird.
Die Switches der QFX-Serie von Juniper sichern und automatisieren Netzwerke in Rechenzentren.
Die Juniper MX-Serie ist eine Produktfamilie von Routern.
SRX Series Services Gateways ist ein Next-Generation Anti-Threat Firewall von Juniper.
Junos Space ist eine Software-Plattform, die eine Reihe von Applikationen für das Netzwerkmanagement beinhaltet.
Angriff: Ein Angreifer kann mehrere Schwachstellen in Juniper Apstra, Junos OS, Junos OS Evolved und Junos Space ausnutzen, um erweiterte Berechtigungen – sogar Root-Rechte – zu erlangen, beliebigen Code auszuführen – auch mit erweiterten Berechtigungen –, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, Cross-Site-Scripting-Angriffe durchzuführen oder Daten zu manipulieren.
Betroffene Betriebssysteme: - Sonstiges
- UNIX
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper JUNOS OS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:os_evolved
|
OS Evolved | |
|
Juniper QFX Series
Juniper
|
cpe:/h:juniper:qfx:os_evolved
|
— | |
|
Juniper JUNOS OS
Juniper / JUNOS
|
cpe:/o:juniper:junos:os
|
OS |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Junos Space <24.1R5 Patch V3
Juniper / Junos Space
|
<24.1R5 Patch V3 |
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper Apstra <6.1.1
Juniper / Apstra
|
<6.1.1 |
References
31 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Juniper Apstra (ehemals bekannt als AOS) automatisiert alle Aspekte der Rechnzentrums-Netzwerkplanung, des Aufbaus, der Bereitstellung und des Betriebs.\r\nJUNOS ist das \"Juniper Network Operating System\", das in Juniper Appliances verwendet wird.\r\nDie Switches der QFX-Serie von Juniper sichern und automatisieren Netzwerke in Rechenzentren. \r\nDie Juniper MX-Serie ist eine Produktfamilie von Routern.\r\nSRX Series Services Gateways ist ein Next-Generation Anti-Threat Firewall von Juniper.\r\nJunos Space ist eine Software-Plattform, die eine Reihe von Applikationen f\u00fcr das Netzwerkmanagement beinhaltet.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Juniper Apstra, Junos OS, Junos OS Evolved und Junos Space ausnutzen, um erweiterte Berechtigungen \u2013 sogar Root-Rechte \u2013 zu erlangen, beliebigen Code auszuf\u00fchren \u2013 auch mit erweiterten Berechtigungen \u2013, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, Cross-Site-Scripting-Angriffe durchzuf\u00fchren oder Daten zu manipulieren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-1022 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1022.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-1022 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1022"
},
{
"category": "external",
"summary": "Juniper Patchday April 2026 vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/global-search/%40uri#sortCriteria=date%20descending\u0026f-sf_primarysourcename=Knowledge\u0026f-sf_articletype=Security%20Advisories\u0026numberOfResults=100"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Apstra: SSH host key validation vulnerability for managed devices (CVE-2025-13914) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Apstra-SSH-host-key-validation-vulnerability-for-managed-devices-CVE-2025-13914"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - CTP OS: Configuring password requirements does not work which permits the use of weak passwords (CVE-2026-33771) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-CTP-OS-Configuring-password-requirements-does-not-work-which-permits-the-use-of-weak-passwords-CVE-2026-33771"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - JSI Virtual Lightweight Collector: Shell escape allows privilege escalation to root (CVE-2026-21915) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-JSI-Virtual-Lightweight-Collector-Shell-escape-allows-privilege-escalation-to-root-CVE-2026-21915"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS and Junos OS Evolved: A high frequency of connecting and disconnecting netconf sessions causes management unavailability (CVE-2026-21919) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-A-high-frequency-of-connecting-and-disconnecting-netconf-sessions-causes-management-unavailability-CVE-2026-21919"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS and Junos OS Evolved: An attacker sending a specific genuine BGP packet causes a BGP reset (CVE-2026-33797) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-An-attacker-sending-a-specific-genuine-BGP-packet-causes-a-BGP-reset-CVE-2026-33797"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS and Junos OS Evolved: CVE-2022-24805 resolved in net-SNMP vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-CVE-2022-24805-resolved-in-net-SNMP"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS and Junos OS Evolved: Execution of crafted CLI commands allows for arbitrary shell injection as root (CVE-2026-33791) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Execution-of-crafted-CLI-commands-allows-for-arbitrary-shell-injection-as-root-CVE-2026-33791"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS and Junos OS Evolved: In an EVPN-MPLS scenario churn of ESI routes causes a memory leak in l2ald (CVE-2026-33780) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-an-EVPN-MPLS-scenario-churn-of-ESI-routes-causes-a-memory-leak-in-l2ald-CVE-2026-33780"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS and Junos OS Evolved: Specific low privileged CLI command exposes sensitive information (CVE-2026-33776) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Specific-low-privileged-CLI-command-exposes-sensitive-information-CVE-2026-33776"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS and Junos OS Evolved: When an unsigned Python op script configuration is present, a local low privileged user can compromise the system (CVE-2026-33793) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-When-an-unsigned-Python-op-script-configuration-is-present-a-local-low-privileged-user-can-compromise-the-system-CVE-2026-33793"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS Evolved: Local, authenticated attackers can gain access to FPCs (CVE-2026-33788) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-Evolved-Local-authenticated-attackers-can-gain-access-to-FPCs-CVE-2026-33788"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS Evolved: PTX Series: If SRTE tunnels provisioned via PCEP are present and specific gRPC queries are received evo-aftman crashes (CVE-2026-33783) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-Evolved-PTX-Series-If-SRTE-tunnels-provisioned-via-PCEP-are-present-and-specific-gRPC-queries-are-received-evo-aftman-crashes-CVE-2026-33783"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS Evolved: QFX5000 Series and PTX Series: An attacker sending crafted multicast packets will cause evo-aftmand / evo-pfemand to crash and restart (CVE-2025-59969) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-Evolved-QFX5000-Series-and-PTX-Series-An-attacker-sending-crafted-multicast-packets-will-cause-evo-aftmand-evo-pfemand-to-crash-and-restart-CVE-2025-59969"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS: A low privileged user can escalate their privileges so that they can login as root (CVE-2026-21916) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-A-low-privileged-user-can-escalate-their-privileges-so-that-they-can-login-as-root-CVE-2026-21916"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS: EX Series, QFX Series: If the same egress filter is configured on both an IRB and a physical interface one of those is not applied (CVE-2026-33773) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-EX-Series-QFX-Series-If-the-same-egress-filter-is-configured-on-both-an-IRB-and-a-physical-interface-one-of-those-is-not-applied-CVE-2026-33773"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS: EX Series, QFX Series: In a VXLAN scenario when specific control protocol packets are received, memory leaks and eventually no traffic is passed (CVE-2026-33781) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-EX-Series-QFX-Series-In-a-VXLAN-scenario-when-specific-control-protocol-packets-are-received-memory-leaks-and-eventually-no-traffic-is-passed-CVE-2026-33781"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS: MX Series: Firewall filters on lo0. in the default routing instance are not in effect (CVE-2026-33774) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-MX-Series-Firewall-filters-on-lo0-non-0-in-the-default-routing-instance-are-not-in-effect-CVE-2026-33774"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS: MX Series: In specific DHCPv6 scenarios jdhcpd memory increases continuously with subscriber logouts (CVE-2026-33782) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-MX-Series-In-specific-DHCPv6-scenarios-jdhcpd-memory-increases-continuously-with-subscriber-logouts-CVE-2026-33782"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS: MX Series: Mismatch between configured and received packet types causes memory leak in bbe-smgd (CVE-2026-33775) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-MX-Series-Mismatch-between-configured-and-received-packet-types-causes-memory-leak-in-bbe-smgd-CVE-2026-33775"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS: MX Series: Missing Authorization for specific \u0027request\u0027 CLI commands in a JDM/CSDS scenario (CVE-2026-33785) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-MX-Series-Missing-Authorization-for-specific-request-CLI-commands-in-a-JDM-CSDS-scenario-CVE-2026-33785"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS: Privileged local user can gain access to a Linux-based FPC as root (CVE-2025-30650) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-Privileged-local-user-can-gain-access-to-a-Linux-based-FPC-as-root-CVE-2025-30650"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS: SRX Series, MX Series: When a specifically malformed first ISAKMP packet is received kmd/iked crashes (CVE-2026-33778) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-SRX-Series-MX-Series-When-a-specifically-malformed-first-ISAKMP-packet-is-received-kmd-iked-crashes-CVE-2026-33778"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS: SRX Series: In a NAT64 configuration, receipt of a specific, malformed ICMPv6 packet will cause the srxpfe process to crash and restart. (CVE-2026-33790) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-SRX-Series-In-a-NAT64-configuration-receipt-of-a-specific-malformed-ICMPv6-packet-will-cause-the-srxpfe-process-to-crash-and-restart-CVE-2026-33790"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS: SRX Series: Insufficient certificate verification for device to SD cloud communication (CVE-2026-33779) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-SRX-Series-Insufficient-certificate-verification-for-device-to-SD-cloud-communication-CVE-2026-33779"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS: SRX1500, SRX4100, SRX4200, SRX4600: When a specific show command is executed chassisd crashes (CVE-2026-33787) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-SRX1500-SRX4100-SRX4200-SRX4600-When-a-specific-show-command-is-executed-chassisd-crashes-CVE-2026-33787"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos OS: SRX1600, SRX2300, SRX4300: When a specific show command is executed chassisd crashes (CVE-2026-33786) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-SRX1600-SRX2300-SRX4300-When-a-specific-show-command-is-executed-chassisd-crashes-CVE-2026-33786"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - Junos Space: ilpFilter field on nLegacy.jsp is vulnerable to reflected cross-site script injection (CVE-2026-21904) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-Space-ilpFilter-field-on-nLegacy-jsp-is-vulnerable-to-reflected-cross-site-script-injection-CVE-2026-21904"
},
{
"category": "external",
"summary": "Juniper Security Bulletin - vLWC: Default password is not required to be changed which allows unauthorized high-privileged access (CVE-2026-33784) vom 2026-04-08",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-vLWC-Default-password-is-not-required-to-be-changed-which-allows-unauthorized-high-privileged-access-CVE-2026-33784"
}
],
"source_lang": "en-US",
"title": "Juniper Patchday April 2026: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-04-09T22:00:00.000+00:00",
"generator": {
"date": "2026-04-10T07:05:13.126+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2026-1022",
"initial_release_date": "2026-04-08T22:00:00.000+00:00",
"revision_history": [
{
"date": "2026-04-08T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-04-09T22:00:00.000+00:00",
"number": "2",
"summary": "Referenz(en) aufgenommen: EUVD-2026-21088, EUVD-2026-21086, EUVD-2026-21091, EUVD-2026-21090, EUVD-2026-21085, EUVD-2026-21092, EUVD-2026-21080, EUVD-2026-21082, EUVD-2026-21078, EUVD-2026-21077, EUVD-2025-209396, EUVD-2026-21095, EUVD-2026-21206, EUVD-2026-21205, EUVD-2026-21204, EUVD-2026-21203, EUVD-2026-21201, EUVD-2026-21199, EUVD-2026-21197, EUVD-2026-21196, EUVD-2026-21195, EUVD-2025-209397, EUVD-2026-21093, EUVD-2026-21207, EUVD-2026-21193, EUVD-2026-21208"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.1.1",
"product": {
"name": "Juniper Apstra \u003c6.1.1",
"product_id": "T052563"
}
},
{
"category": "product_version",
"name": "6.1.1",
"product": {
"name": "Juniper Apstra 6.1.1",
"product_id": "T052563-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:juniper:apstra:6.1.1"
}
}
}
],
"category": "product_name",
"name": "Apstra"
},
{
"branches": [
{
"category": "product_version",
"name": "OS",
"product": {
"name": "Juniper JUNOS OS",
"product_id": "T052565",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:os"
}
}
},
{
"category": "product_version",
"name": "OS Evolved",
"product": {
"name": "Juniper JUNOS OS Evolved",
"product_id": "T052566",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:os_evolved"
}
}
}
],
"category": "product_name",
"name": "JUNOS"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c24.1R5 Patch V3",
"product": {
"name": "Juniper Junos Space \u003c24.1R5 Patch V3",
"product_id": "T052571"
}
},
{
"category": "product_version",
"name": "24.1R5 Patch V3",
"product": {
"name": "Juniper Junos Space 24.1R5 Patch V3",
"product_id": "T052571-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:juniper:junos_space:24.1r5_patch_v3"
}
}
}
],
"category": "product_name",
"name": "Junos Space"
},
{
"category": "product_name",
"name": "Juniper MX Series",
"product": {
"name": "Juniper MX Series",
"product_id": "T052568",
"product_identification_helper": {
"cpe": "cpe:/h:juniper:mx:-"
}
}
},
{
"category": "product_name",
"name": "Juniper QFX Series",
"product": {
"name": "Juniper QFX Series",
"product_id": "T052567",
"product_identification_helper": {
"cpe": "cpe:/h:juniper:qfx:os_evolved"
}
}
},
{
"category": "product_name",
"name": "Juniper SRX Series",
"product": {
"name": "Juniper SRX Series",
"product_id": "T052569",
"product_identification_helper": {
"cpe": "cpe:/h:juniper:srx_service_gateways:-"
}
}
}
],
"category": "vendor",
"name": "Juniper"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-24805",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2022-24805"
},
{
"cve": "CVE-2025-30650",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2025-30650"
},
{
"cve": "CVE-2025-59969",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2025-59969"
},
{
"cve": "CVE-2026-21915",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-21915"
},
{
"cve": "CVE-2026-21916",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-21916"
},
{
"cve": "CVE-2026-21919",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-21919"
},
{
"cve": "CVE-2026-33771",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-33771"
},
{
"cve": "CVE-2026-33773",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-33773"
},
{
"cve": "CVE-2026-33774",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-33774"
},
{
"cve": "CVE-2026-33775",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-33775"
},
{
"cve": "CVE-2026-33776",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-33776"
},
{
"cve": "CVE-2026-33778",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-33778"
},
{
"cve": "CVE-2026-33779",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-33779"
},
{
"cve": "CVE-2026-33780",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-33780"
},
{
"cve": "CVE-2026-33781",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-33781"
},
{
"cve": "CVE-2026-33782",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-33782"
},
{
"cve": "CVE-2026-33783",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-33783"
},
{
"cve": "CVE-2026-33784",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-33784"
},
{
"cve": "CVE-2026-33785",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-33785"
},
{
"cve": "CVE-2026-33786",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-33786"
},
{
"cve": "CVE-2026-33787",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-33787"
},
{
"cve": "CVE-2026-33788",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-33788"
},
{
"cve": "CVE-2026-33790",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-33790"
},
{
"cve": "CVE-2026-33791",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-33791"
},
{
"cve": "CVE-2026-33793",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-33793"
},
{
"cve": "CVE-2026-33797",
"product_status": {
"known_affected": [
"T052568",
"T052569",
"T052566",
"T052567",
"T052565"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-33797"
},
{
"cve": "CVE-2026-21904",
"product_status": {
"known_affected": [
"T052571"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2026-21904"
},
{
"cve": "CVE-2025-13914",
"product_status": {
"known_affected": [
"T052563"
]
},
"release_date": "2026-04-08T22:00:00.000+00:00",
"title": "CVE-2025-13914"
}
]
}
CERTFR-2026-AVI-0408
Vulnerability from certfr_avis - Published: 2026-04-09 - Updated: 2026-04-09
De multiples vulnérabilités ont été découvertes dans les produits Juniper Networks. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | N/A | Junos OS versions 24.2 antérieures à 24.2R2-S4 sur SRX Series et MX Series | ||
| Juniper Networks | N/A | Junos OS versions 24.4R2 antérieures à 24.4R2-S3 | ||
| Juniper Networks | N/A | Junos OS Evolved versions 23.4-EVO antérieures à 23.4R2-S8-EVO | ||
| Juniper Networks | N/A | Junos OS versions 22.4 antérieures à 22.4R3-S9 sur SRX Series | ||
| Juniper Networks | N/A | Junos OS Evolved versions 22.4R3 antérieures à 22.4R3-S8-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions antérieures à 21.2R3-S8-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202 | ||
| Juniper Networks | N/A | Junos OS versions 24.4R1 antérieures à 24.4R1-S3 | ||
| Juniper Networks | N/A | Junos OS Evolved versions 24.4R1-EVO antérieures à 24.4R1-S3-EVO | ||
| Juniper Networks | N/A | Junos OS versions 21.4 antérieures à 21.4R3-S12 sur SRX Series | ||
| Juniper Networks | N/A | Junos OS Evolved versions 21.4-EVO antérieures à 21.4R3-S7-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202 | ||
| Juniper Networks | N/A | Junos OS versions 23.4 antérieures à 23.4R2-S7 | ||
| Juniper Networks | N/A | Junos OS versions 24.2 antérieures à 24.2R2-S3 sur SRX Series | ||
| Juniper Networks | N/A | Junos OS versions antérieures à 23.2R2-S6 sur SRX Series et MX Series | ||
| Juniper Networks | N/A | Junos OS Evolved versions 22.3-EVO antérieures à 22.3R3-S3-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202 | ||
| Juniper Networks | N/A | Junos OS Evolved versions 22.4R3 antérieures à 22.4R3-S9-EVO sur PTX Series | ||
| Juniper Networks | N/A | Junos OS versions 23.4 antérieures à 23.4R2-S7 sur SRX Series | ||
| Juniper Networks | N/A | Junos OS versions 25.2R2 antérieures à 25.2R2 | ||
| Juniper Networks | N/A | Junos OS versions 25.2R1 antérieures à 25.2R1-S2 | ||
| Juniper Networks | N/A | Junos OS versions antérieures à 23.4R2-S7 sur SRX Series et MX Series | ||
| Juniper Networks | N/A | Junos OS versions 24.2R2 antérieures à 24.2R2-S4 | ||
| Juniper Networks | N/A | Junos OS versions 23.2 antérieures à 23.2R2-S6 sur SRX Series | ||
| Juniper Networks | N/A | Junos OS Evolved versions 25.2R2-EVO antérieures à 25.2R2-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions 24.2-EVO antérieures à 24.2R2-S4-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions 22.4-EVO antérieures à 22.4R3-S2-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202 | ||
| Juniper Networks | N/A | Junos OS versions 21.2R3 antérieures à 21.2R3-S10 sur SRX Series | ||
| Juniper Networks | N/A | Junos OS versions 22.4 antérieures à 22.4R3-S9 sur SRX Series et MX Series | ||
| Juniper Networks | N/A | Junos OS versions 25.2 antérieures à 25.2R2 sur SRX Series et MX Series | ||
| Juniper Networks | N/A | Junos OS Evolved versions 23.2-EVO antérieures à 23.2R2-S5-EVO | ||
| Juniper Networks | N/A | Junos OS versions 23.2R2 antérieures à 23.2R2-S7 | ||
| Juniper Networks | N/A | JSI vLWC versions antérieures à 3.0.94 | ||
| Juniper Networks | N/A | Junos OS Evolved versions 23.2-EVO antérieures à 23.2R2-S6-EVO sur PTX Series | ||
| Juniper Networks | N/A | Junos OS Evolved versions 23.2-EVO antérieures à 23.2R2-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202 | ||
| Juniper Networks | N/A | Junos OS versions 22.2 antérieures à 22.2R3-S8 sur SRX Series | ||
| Juniper Networks | N/A | Junos OS versions 22.4R3 antérieures à 22.4R3-S9 | ||
| Juniper Networks | N/A | Junos OS Evolved versions 25.2R1-EVO antérieures à 25.2R1-S2-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions 24.4R2-EVO antérieures à 24.4R2-S3-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions 22.2-EVO antérieures à 22.2R3-S4-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Junos OS versions 24.2 ant\u00e9rieures \u00e0 24.2R2-S4 sur SRX Series et MX Series",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 24.4R2 ant\u00e9rieures \u00e0 24.4R2-S3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 23.4-EVO ant\u00e9rieures \u00e0 23.4R2-S8-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 22.4 ant\u00e9rieures \u00e0 22.4R3-S9 sur SRX Series ",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 22.4R3 ant\u00e9rieures \u00e0 22.4R3-S8-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 21.2R3-S8-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 24.4R1 ant\u00e9rieures \u00e0 24.4R1-S3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 24.4R1-EVO ant\u00e9rieures \u00e0 24.4R1-S3-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 21.4 ant\u00e9rieures \u00e0 21.4R3-S12 sur SRX Series ",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 21.4-EVO ant\u00e9rieures \u00e0 21.4R3-S7-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 23.4 ant\u00e9rieures \u00e0 23.4R2-S7",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 24.2 ant\u00e9rieures \u00e0 24.2R2-S3 sur SRX Series ",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 23.2R2-S6 sur SRX Series et MX Series",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 22.3-EVO ant\u00e9rieures \u00e0 22.3R3-S3-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 22.4R3 ant\u00e9rieures \u00e0 22.4R3-S9-EVO sur PTX Series ",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 23.4 ant\u00e9rieures \u00e0 23.4R2-S7 sur SRX Series ",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 25.2R2 ant\u00e9rieures \u00e0 25.2R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 25.2R1 ant\u00e9rieures \u00e0 25.2R1-S2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 23.4R2-S7 sur SRX Series et MX Series",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 24.2R2 ant\u00e9rieures \u00e0 24.2R2-S4",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 23.2 ant\u00e9rieures \u00e0 23.2R2-S6 sur SRX Series ",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 25.2R2-EVO ant\u00e9rieures \u00e0 25.2R2-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 24.2-EVO ant\u00e9rieures \u00e0 24.2R2-S4-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 22.4-EVO ant\u00e9rieures \u00e0 22.4R3-S2-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 21.2R3 ant\u00e9rieures \u00e0 21.2R3-S10 sur SRX Series ",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 22.4 ant\u00e9rieures \u00e0 22.4R3-S9 sur SRX Series et MX Series",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 25.2 ant\u00e9rieures \u00e0 25.2R2 sur SRX Series et MX Series",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 23.2-EVO ant\u00e9rieures \u00e0 23.2R2-S5-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 23.2R2 ant\u00e9rieures \u00e0 23.2R2-S7",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": " JSI vLWC versions ant\u00e9rieures \u00e0 3.0.94",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 23.2-EVO ant\u00e9rieures \u00e0 23.2R2-S6-EVO sur PTX Series",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 23.2-EVO ant\u00e9rieures \u00e0 23.2R2-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 22.2 ant\u00e9rieures \u00e0 22.2R3-S8 sur SRX Series ",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 22.4R3 ant\u00e9rieures \u00e0 22.4R3-S9",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 25.2R1-EVO ant\u00e9rieures \u00e0 25.2R1-S2-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 24.4R2-EVO ant\u00e9rieures \u00e0 24.4R2-S3-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 22.2-EVO ant\u00e9rieures \u00e0 22.2R3-S4-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-33773",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33773"
},
{
"name": "CVE-2026-33785",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33785"
},
{
"name": "CVE-2026-33780",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33780"
},
{
"name": "CVE-2022-24805",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24805"
},
{
"name": "CVE-2026-21919",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21919"
},
{
"name": "CVE-2026-33771",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33771"
},
{
"name": "CVE-2025-30650",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30650"
},
{
"name": "CVE-2026-33797",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33797"
},
{
"name": "CVE-2026-33779",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33779"
},
{
"name": "CVE-2025-13914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13914"
},
{
"name": "CVE-2026-33784",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33784"
},
{
"name": "CVE-2026-33786",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33786"
},
{
"name": "CVE-2026-33776",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33776"
},
{
"name": "CVE-2026-21916",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21916"
},
{
"name": "CVE-2026-33781",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33781"
},
{
"name": "CVE-2026-33787",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33787"
},
{
"name": "CVE-2026-33778",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33778"
},
{
"name": "CVE-2026-33791",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33791"
},
{
"name": "CVE-2026-33790",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33790"
},
{
"name": "CVE-2026-33783",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33783"
},
{
"name": "CVE-2026-33774",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33774"
},
{
"name": "CVE-2026-33775",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33775"
},
{
"name": "CVE-2026-33788",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33788"
},
{
"name": "CVE-2026-33782",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33782"
},
{
"name": "CVE-2026-21915",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21915"
}
],
"initial_release_date": "2026-04-09T00:00:00",
"last_revision_date": "2026-04-09T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0408",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-04-09T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Juniper Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper Networks",
"vendor_advisories": [
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107868",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-SRX-Series-MX-Series-When-a-specifically-malformed-first-ISAKMP-packet-is-received-kmd-iked-crashes-CVE-2026-33778"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107864",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-CTP-OS-Configuring-password-requirements-does-not-work-which-permits-the-use-of-weak-passwords-CVE-2026-33771"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107863",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-Privileged-local-user-can-gain-access-to-a-Linux-based-FPC-as-root-CVE-2025-30650"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107823",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-SRX-Series-Insufficient-certificate-verification-for-device-to-SD-cloud-communication-CVE-2026-33779"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107822",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-CVE-2022-24805-resolved-in-net-SNMP"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107872",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-MX-Series-Missing-Authorization-for-specific-request-CLI-commands-in-a-JDM-CSDS-scenario-CVE-2026-33785"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107869",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-EX-Series-QFX-Series-In-a-VXLAN-scenario-when-specific-control-protocol-packets-are-received-memory-leaks-and-eventually-no-traffic-is-passed-CVE-2026-33781"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107821",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-MX-Series-Mismatch-between-configured-and-received-packet-types-causes-memory-leak-in-bbe-smgd-CVE-2026-33775"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107865",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-MX-Series-Firewall-filters-on-lo0-non-0-in-the-default-routing-instance-are-not-in-effect-CVE-2026-33774"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107810",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-SRX1600-SRX2300-SRX4300-When-a-specific-show-command-is-executed-chassisd-crashes-CVE-2026-33786"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107871",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-vLWC-Default-password-is-not-required-to-be-changed-which-allows-unauthorized-high-privileged-access-CVE-2026-33784"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107820",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-MX-Series-In-specific-DHCPv6-scenarios-jdhcpd-memory-increases-continuously-with-subscriber-logouts-CVE-2026-33782"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107815",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-EX-Series-QFX-Series-If-the-same-egress-filter-is-configured-on-both-an-IRB-and-a-physical-interface-one-of-those-is-not-applied-CVE-2026-33773"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA106019",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-A-high-frequency-of-connecting-and-disconnecting-netconf-sessions-causes-management-unavailability-CVE-2026-21919"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107850",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-An-attacker-sending-a-specific-genuine-BGP-packet-causes-a-BGP-reset-CVE-2026-33797"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107866",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Specific-low-privileged-CLI-command-exposes-sensitive-information-CVE-2026-33776"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107873",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-SRX1500-SRX4100-SRX4200-SRX4600-When-a-specific-show-command-is-executed-chassisd-crashes-CVE-2026-33787"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107874",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-SRX-Series-In-a-NAT64-configuration-receipt-of-a-specific-malformed-ICMPv6-packet-will-cause-the-srxpfe-process-to-crash-and-restart-CVE-2026-33790"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107875",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Execution-of-crafted-CLI-commands-allows-for-arbitrary-shell-injection-as-root-CVE-2026-33791"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107807",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-A-low-privileged-user-can-escalate-their-privileges-so-that-they-can-login-as-root-CVE-2026-21916"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107806",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-Evolved-Local-authenticated-attackers-can-gain-access-to-FPCs-CVE-2026-33788"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA106016",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-JSI-Virtual-Lightweight-Collector-Shell-escape-allows-privilege-escalation-to-root-CVE-2026-21915"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107819",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-an-EVPN-MPLS-scenario-churn-of-ESI-routes-causes-a-memory-leak-in-l2ald-CVE-2026-33780"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107862",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Apstra-SSH-host-key-validation-vulnerability-for-managed-devices-CVE-2025-13914"
},
{
"published_at": "2026-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107870",
"url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-Evolved-PTX-Series-If-SRTE-tunnels-provisioned-via-PCEP-are-present-and-specific-gRPC-queries-are-received-evo-aftman-crashes-CVE-2026-33783"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…