Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Juniper Networks — Vulnerabilities & Security Advisories 893

Browse all 893 CVE security advisories affecting Juniper Networks. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Juniper Networks operates as a global provider of networking hardware, software, and services, primarily focusing on enterprise and service provider infrastructure. With 893 recorded Common Vulnerabilities and Exposures, the company’s attack surface reflects the complexity of its extensive product portfolio. Historically, vulnerabilities in its systems have frequently involved remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from input validation errors or improper access controls in management interfaces. Notable incidents include critical flaws in ScreenOS and Junos OS that allowed attackers to bypass authentication or execute arbitrary commands, highlighting risks in legacy and core routing platforms. These issues underscore the necessity for rigorous patch management and secure configuration practices. As a foundational element of global internet infrastructure, the security posture of Juniper Networks directly impacts the stability and integrity of connected networks worldwide, necessitating continuous monitoring and proactive defense strategies.

Top products by Juniper Networks: Junos OS Junos OS Evolved Junos Space NorthStar Controller Application Juniper ATP ScreenOS Paragon Active Assurance Contrail Service Orchestration SRC Series MIST Cloud UI Junos Space Security Director Contrail JSI LWC Session Smart Router SBR Carrier Contrail Insights Apstra CTP OS JunosE Paragon Automation (Pathfinder, Planner, Insights) Security Director Policy Enforcer Juniper Security Director Junos OS on SRX Series Services Gateways chassis cluster Junos Paragon Active Assurance (Formerly Netrounds) Juniper Identity Management Service (JIMS) Junos OS with DHCPv6 enabled 128 Technology Session Smart Router CTPView Contrail Cloud
CVE IDTitleCVSSSeverityPublished
CVE-2022-22173 Junos OS: CRL failing to download causes a memory leak and ultimately a DoS — Junos OSCWE-401 7.5 High2022-01-19
CVE-2022-22172 Junos OS and Junos OS Evolved: An l2cpd memory leak can occur when specific LLDP packets are received leading to a DoS — Junos OSCWE-401 6.5 Medium2022-01-19
CVE-2022-22171 Junos OS: Specific packets over VXLAN cause FPC reset — Junos OS 7.5 High2022-01-19
CVE-2022-22170 Junos OS: Specific packets over VXLAN cause FPC memory leak and ultimately reset — Junos OS 7.5 High2022-01-19
CVE-2022-22169 Junos OS and Junos OS Evolved: OSPFv3 session might go into INIT state upon receipt of multiple crafted packets from a trusted neighbor device. — Junos OS 5.9 Medium2022-01-19
CVE-2022-22168 Junos OS: vMX and MX150: Specific packets might cause a memory leak and eventually an FPC reboot — Junos OSCWE-1287 6.5 Medium2022-01-19
CVE-2022-22167 Junos OS: SRX Series: If no-syn-check is enabled, traffic classified as UNKNOWN gets permitted by pre-id-default-policy — Junos OSCWE-863 7.2 High2022-01-19
CVE-2022-22166 Junos OS: An rpd core will occur if BGP update tracing is configured and an update containing a malformed BGP SR-TE policy tunnel attribute is received — Junos OSCWE-1284 6.5 Medium2022-01-19
CVE-2022-22164 Junos OS Evolved: Telnet service may be enabled when it is expected to be disabled. — Junos OS EvolvedCWE-665 6.5 Medium2022-01-19
CVE-2022-22163 Junos OS: jdhcpd crashes upon receipt of a specific DHCPv6 packet — Junos OSCWE-20 7.4 High2022-01-19
CVE-2022-22162 Junos OS: A low privileged user can elevate their privileges to the ones of the highest privileged j-web user logged in — Junos OSCWE-209 7.3 High2022-01-19
CVE-2022-22161 Junos OS: MX104 might become unresponsive if the out-of-band management port receives a flood of traffic — Junos OSCWE-400 7.5 High2022-01-19
CVE-2022-22160 Junos OS: MX Series: The bbe-smgd process crashes if an unsupported configuration exists and a PPPoE client sends a specific message — Junos OSCWE-391 6.5 Medium2022-01-19
CVE-2022-22159 Junos OS: An attacker sending crafted packets can cause a traffic and CPU Denial of Service (DoS). — Junos OS 7.5 High2022-01-19
CVE-2022-22157 Junos OS: SRX Series: Traffic classification vulnerability when 'no-syn-check' is enabled — Junos OSCWE-863 7.2 High2022-01-19
CVE-2022-22156 Junos OS: Certificate validation is skipped when fetching system scripts from a HTTPS URL — Junos OSCWE-358 6.5 Medium2022-01-19
CVE-2022-22155 Junos OS: ACX5448: FPC memory leak due to IPv6 neighbor flaps — Junos OSCWE-400 6.5 Medium2022-01-19
CVE-2022-22154 Junos Fusion: A Satellite Device can be controlled by rewiring it to a foreign AD causing a DoS — Junos OSCWE-642 6.8 Medium2022-01-19
CVE-2022-22153 SRX Series and MX Series with SPC3: A high percentage of fragments might lead to high latency or packet drops — Junos OSCWE-407 7.5 High2022-01-19
CVE-2022-22152 Contrail Service Orchestration: Tenants able to see other tenants policies via REST API interface — Contrail Service OrchestrationCWE-693 7.7 High2022-01-19
CVE-2021-31386 Junos OS: When using J-Web with HTTP an attacker may retrieve encryption keys via Person-in-the-Middle attacks. — Junos OSCWE-311 5.3 Medium2021-10-19
CVE-2021-31385 Junos OS: J-Web: A path traversal vulnerability allows an authenticated attacker to elevate their privileges to root — Junos OSCWE-22 8.8 High2021-10-19
CVE-2021-31384 Junos OS: SRX Series: Under a specific device configuration an attacker can access the devices J-Web management services from any interface, regardless of security settings protecting the service — Junos OSCWE-285 7.2 High2021-10-19
CVE-2021-31383 Junos OS and Junos OS Evolved: In Point to MultiPoint (P2MP) scenarios receipt of various crafted packets causes RPD to core. — Junos OS 7.5 High2021-10-19
CVE-2021-31382 Junos OS: PTX1000 System, PTX10002-60C System: After upgrading, configured firewall filters may be applied on incorrect interfaces — Junos OSCWE-362 6.5 Medium2021-10-19
CVE-2021-31381 SRC Series: A remote attacker sending a specially crafted query may cause the web server to delete files — SRC SeriesCWE-16 6.5 Medium2021-10-19
CVE-2021-31380 SRC Series: A remote attacker sending a specially crafted query may cause the web server to disclose sensitive information — SRC SeriesCWE-16 5.3 Medium2021-10-19
CVE-2021-31379 Junos OS: MX Series: MPC 7/8/9/10/11 cards with MAP-E: PFE halts when an attacker sends malformed IPv4 or IPv6 traffic inside the MAP-E tunnel. — Junos OSCWE-696 7.5 High2021-10-19
CVE-2021-31378 Junos OS: An attacker sending spoofed RADIUS messages to a Junos OS device configured for broadband services may cause broadband subscribers to remain stuck in a "Terminating" state. — Junos OSCWE-772 6.8 Medium2021-10-19
CVE-2021-31377 Junos OS: A local authenticated attacker can cause RPD to core — Junos OSCWE-732 5.5 Medium2021-10-19

This page lists every published CVE security advisory associated with Juniper Networks. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.