Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Juniper Networks — Vulnerabilities & Security Advisories 893

Browse all 893 CVE security advisories affecting Juniper Networks. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Juniper Networks operates as a global provider of networking hardware, software, and services, primarily focusing on enterprise and service provider infrastructure. With 893 recorded Common Vulnerabilities and Exposures, the company’s attack surface reflects the complexity of its extensive product portfolio. Historically, vulnerabilities in its systems have frequently involved remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from input validation errors or improper access controls in management interfaces. Notable incidents include critical flaws in ScreenOS and Junos OS that allowed attackers to bypass authentication or execute arbitrary commands, highlighting risks in legacy and core routing platforms. These issues underscore the necessity for rigorous patch management and secure configuration practices. As a foundational element of global internet infrastructure, the security posture of Juniper Networks directly impacts the stability and integrity of connected networks worldwide, necessitating continuous monitoring and proactive defense strategies.

Top products by Juniper Networks: Junos OS Junos OS Evolved Junos Space NorthStar Controller Application Juniper ATP ScreenOS Paragon Active Assurance Contrail Service Orchestration SRC Series MIST Cloud UI Junos Space Security Director Contrail JSI LWC Session Smart Router SBR Carrier Contrail Insights Apstra CTP OS JunosE Paragon Automation (Pathfinder, Planner, Insights) Security Director Policy Enforcer Juniper Security Director Junos OS on SRX Series Services Gateways chassis cluster Junos Paragon Active Assurance (Formerly Netrounds) Juniper Identity Management Service (JIMS) Junos OS with DHCPv6 enabled 128 Technology Session Smart Router CTPView Contrail Cloud
CVE IDTitleCVSSSeverityPublished
CVE-2023-22392 Junos OS: PTX Series and QFX10000 Series: Received flow-routes which aren't installed as the hardware doesn't support them, lead to an FPC heap memory leak — Junos OSCWE-401 6.5 Medium2023-10-12
CVE-2023-44190 Junos OS Evolved: PTX10001, PTX10004, PTX10008, PTX10016: MAC address validation bypass vulnerability — Junos OS EvolvedCWE-346 6.1 Medium2023-10-11
CVE-2023-44189 Junos OS Evolved: PTX10003 Series: MAC address validation bypass vulnerability — Junos OS EvolvedCWE-346 6.1 Medium2023-10-11
CVE-2023-44188 Junos OS: jkdsd crash due to multiple telemetry requests — Junos OSCWE-367 5.3 Medium2023-10-11
CVE-2023-44187 Junos OS Evolved: 'file copy' CLI command can disclose password to shell users — Junos OS EvolvedCWE-200 5.9 Medium2023-10-11
CVE-2023-44186 Junos OS and Junos OS Evolved: RPD crash when attempting to send a very long AS PATH to a non-4-byte-AS capable BGP neighbor — Junos OSCWE-755 7.5 High2023-10-11
CVE-2023-36851 Junos OS: SRX Series: A vulnerability in J-Web allows an unauthenticated attacker to upload and download arbitrary files — Junos OSCWE-306 5.3 Medium2023-09-26
CVE-2023-36846 Junos OS: SRX Series: A vulnerability in J-Web allows an unauthenticated attacker to upload arbitrary files — Junos OSCWE-306 5.3 Medium2023-08-17
CVE-2023-36845 Junos OS: EX and SRX Series: A PHP vulnerability in J-Web allows an unauthenticated to control an important environment variable — Junos OSCWE-473 9.8 Critical2023-08-17
CVE-2023-36844 Junos OS: EX Series: A PHP vulnerability in J-Web allows an unauthenticated attacker to control important environment variables — Junos OSCWE-473 5.3 Medium2023-08-17
CVE-2023-36847 Junos OS: EX Series: A vulnerability in J-Web allows an unauthenticated attacker to upload arbitrary files — Junos OSCWE-306 5.3 Medium2023-08-17
CVE-2023-36850 Junos OS: MX Series: An MPC will crash upon receipt of a malformed CFM packet. — Junos OSCWE-1285 6.5 Medium2023-07-14
CVE-2023-36849 Junos OS and Junos OS Evolved: The l2cpd will crash when a malformed LLDP packet is received — Junos OSCWE-703 6.5 Medium2023-07-14
CVE-2023-36848 Junos OS: MX Series: The FPC will crash on receiving a malformed CFM packet — Junos OSCWE-232 6.5 Medium2023-07-14
CVE-2023-36840 Junos OS and Junos OS Evolved: An rpd crash occurs when a specific L2VPN command is run — Junos OSCWE-617 5.5 Medium2023-07-14
CVE-2023-36836 Junos OS and Junos OS Evolved: In a MoFRR scenario an rpd core may be observed when a low privileged CLI command is executed — Junos OSCWE-908 4.7 Medium2023-07-14
CVE-2023-36835 Junos OS: QFX10000 Series: All traffic will be dropped after a specific valid IP packet has been received which needs to be routed over a VXLAN tunnel — Junos OSCWE-754 7.5 High2023-07-14
CVE-2023-36834 Junos OS: SRX 4600 and SRX 5000 Series: The receipt of specific genuine packets by SRXes configured for L2 transparency will cause a DoS — Junos OSCWE-372 6.5 Medium2023-07-14
CVE-2023-36833 Junos OS Evolved: PTX10001-36MR, and PTX10004, PTX10008, PTX10016 with LC1201/1202: The aftman-bt process will crash in a MoFRR scenario after multiple link flaps — Junos OS EvolvedCWE-416 6.5 Medium2023-07-14
CVE-2023-28985 SRX Series and MX Series: An FPC core is observed when IDP is enabled on the device and a specific malformed SSL packet is received — Junos OSCWE-1286 7.5 High2023-07-14
CVE-2023-36838 Junos OS: SRX Series: A flowd core occurs when running a low privileged CLI command — Junos OSCWE-125 5.5 Medium2023-07-14
CVE-2023-36832 Junos OS: MX Series: PFE crash upon receipt of specific packet destined to an AMS interface — Junos OSCWE-755 7.5 High2023-07-14
CVE-2023-36831 Junos OS: SRX Series: jbuf memory leak when SSL Proxy and UTM Web-Filtering is applied — Junos OSCWE-703 7.5 High2023-07-14
CVE-2023-0026 2023-06: Out-of-Cycle Security Bulletin: Junos OS and Junos OS Evolved: A BGP session will flap upon receipt of a specific, optional transitive attribute — Junos OSCWE-20 7.5 High2023-06-21
CVE-2023-28976 Junos OS: MX Series: If a specific traffic rate goes above the DDoS threshold it will lead to an FPC crash — Junos OSCWE-754 7.5 High2023-04-17
CVE-2023-28974 Junos OS: MX Series: In a BBE scenario upon receipt of specific malformed packets from subscribers the process bbe-smgd will crash — Junos OSCWE-754 7.4 High2023-04-17
CVE-2023-28978 Junos OS Evolved: Read access to some confidential user information is possible — Junos OS EvolvedCWE-1188 5.3 Medium2023-04-17
CVE-2023-28979 Junos OS: In a 6PE scenario upon receipt of a specific IPv6 packet an integrity check fails — Junos OSCWE-754 4.7 Medium2023-04-17
CVE-2023-28980 Junos OS and Junos OS Evolved: In a BGP rib sharding scenario an rpd crash will happen shortly after a specific CLI command is issued — Junos OSCWE-416 5.5 Medium2023-04-17
CVE-2023-28983 Junos OS Evolved: Shell Injection vulnerability in the gNOI server — Junos OS EvolvedCWE-78 8.8 High2023-04-17

This page lists every published CVE security advisory associated with Juniper Networks. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.