Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Juniper Networks — Vulnerabilities & Security Advisories 893

Browse all 893 CVE security advisories affecting Juniper Networks. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Juniper Networks operates as a global provider of networking hardware, software, and services, primarily focusing on enterprise and service provider infrastructure. With 893 recorded Common Vulnerabilities and Exposures, the company’s attack surface reflects the complexity of its extensive product portfolio. Historically, vulnerabilities in its systems have frequently involved remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from input validation errors or improper access controls in management interfaces. Notable incidents include critical flaws in ScreenOS and Junos OS that allowed attackers to bypass authentication or execute arbitrary commands, highlighting risks in legacy and core routing platforms. These issues underscore the necessity for rigorous patch management and secure configuration practices. As a foundational element of global internet infrastructure, the security posture of Juniper Networks directly impacts the stability and integrity of connected networks worldwide, necessitating continuous monitoring and proactive defense strategies.

Top products by Juniper Networks: Junos OS Junos OS Evolved Junos Space NorthStar Controller Application Juniper ATP ScreenOS Paragon Active Assurance Contrail Service Orchestration SRC Series MIST Cloud UI Junos Space Security Director Contrail JSI LWC Session Smart Router SBR Carrier Contrail Insights Apstra CTP OS JunosE Paragon Automation (Pathfinder, Planner, Insights) Security Director Policy Enforcer Juniper Security Director Junos OS on SRX Series Services Gateways chassis cluster Junos Paragon Active Assurance (Formerly Netrounds) Juniper Identity Management Service (JIMS) Junos OS with DHCPv6 enabled 128 Technology Session Smart Router CTPView Contrail Cloud
CVE IDTitleCVSSSeverityPublished
CVE-2021-0297 Junos OS Evolved: BGP and LDP sessions with TCP MD5 authentication established with peers not configured for authentication — Junos OS EvolvedCWE-755 6.5 Medium2021-10-19
CVE-2021-0296 CTPView: HSTS not being enforced on CTPView server. — CTPViewCWE-319 7.4 High2021-10-19
CVE-2021-0284 Junos OS: Upon receipt of specific sequences of genuine packets destined to the device the kernel will crash and restart (vmcore) — Junos OSCWE-120 7.5 High2021-08-17
CVE-2021-0295 Junos OS: QFX10K Series: Denial of Service (DoS) upon receipt of DVMRP packets received on multi-homing ESI in VXLAN. — Junos OSCWE-697 6.1 Medium2021-07-15
CVE-2021-0294 Junos OS: QFX5000 Series and EX4600 Series: Enhanced storm control might not work leading to partial Denial of Service — Junos OSCWE-474 5.3 Medium2021-07-15
CVE-2021-0293 Junos OS: Out-of-memory condition and crashes can occur after executing a certain CLI command repeatedly — Junos OSCWE-401 5.5 Medium2021-07-15
CVE-2021-0292 Junos OS Evolved: Memory leak in arpd or ndp processes can lead to Denial of Service (DoS) — Junos OS EvolvedCWE-400 6.5 Medium2021-07-15
CVE-2021-0291 Junos OS and Junos OS Evolved: A vulnerability allows a network based unauthenticated attacker which sends a high rate of specific traffic to cause a partial Denial of Service — Junos OSCWE-497 6.5 Medium2021-07-15
CVE-2021-0290 Junos OS: MX Series, EX9200 Series, SRX4600: Ethernet interface vulnerable to specially crafted frames — Junos OSCWE-755 6.5 Medium2021-07-15
CVE-2021-0289 Junos OS: User-defined ARP Policer isn't applied on Aggregated Ethernet (AE) interface until firewall process is restarted — Junos OSCWE-367 6.5 Medium2021-07-15
CVE-2021-0288 Junos OS: MX Series, EX9200 Series: FPC may crash upon receipt of specific MPLS packet affecting Trio-based MPCs — Junos OSCWE-754 6.5 Medium2021-07-15
CVE-2021-0287 Junos OS and Junos OS Evolved: RPD could crash in SR-ISIS/MPLS environment due to a flap of an ISIS link in the network — Junos OSCWE-754 6.5 Medium2021-07-15
CVE-2021-0286 Junos OS Evolved: Specially crafted packets may cause the AFT manager process to crash and restart — Junos OS EvolvedCWE-703 7.5 High2021-07-15
CVE-2021-0285 Junos OS: QFX5000 Series and EX4600 Series: Continuous traffic destined to a device configured with MC-LAG leading to nodes losing their control connection which can impact traffic — Junos OSCWE-770 7.5 High2021-07-15
CVE-2021-0283 Junos OS: Upon receipt of specific sequences of genuine packets destined to the device the kernel will crash and restart (vmcore) — Junos OSCWE-120 7.5 High2021-07-15
CVE-2021-0282 Junos OS: RPD crash while processing a specific BGP UPDATE when Multipath or add-path features are enabled — Junos OSCWE-754 7.5 High2021-07-15
CVE-2021-0281 Junos OS and Junos OS Evolved: Specific packets can trigger rpd crash when BGP Origin Validation is configured with RPKI — Junos OSCWE-754 5.9 Medium2021-07-15
CVE-2021-0280 Junos OS: PTX Series, QFX10K Series: Upon receipt of specific packets BFD sessions might flap due to DDoS policer implementation in Packet Forwarding Engine — Junos OSCWE-665 7.5 High2021-07-15
CVE-2021-0279 Contrail Cloud: Hardcoded credentials for RabbitMQ service — Contrail CloudCWE-798 8.6 High2021-07-15
CVE-2021-0278 Junos OS: J-Web allows a locally authenticated attacker to escalate their privileges to root. — Junos OSCWE-20 8.8 High2021-07-15
CVE-2021-0277 Junos OS and Junos OS Evolved: LLDP Out-of-Bounds Read vulnerability in l2cpd — Junos OSCWE-125 8.8 High2021-07-15
CVE-2021-0276 Steel-Belted Radius Carrier Edition: Remote code execution vulnerability when EAP Authentication is configured. — SBR CarrierCWE-121 9.8 Critical2021-07-15
CVE-2021-0275 Junos OS: J-Web: Cross-site scripting attack allows an attacker to gain control of another users session. — Junos OSCWE-79 8.8 High2021-04-22
CVE-2021-0272 Junos OS: QFX10002-32Q, QFX10002-60C, QFX10002-72Q, QFX10008, QFX10016: In EVPN-VXLAN scenarios receipt of specific genuine packets by an adjacent attacker will cause a kernel memory leak in FPC. — Junos OSCWE-401 6.5 Medium2021-04-22
CVE-2021-0273 Junos OS and Junos OS Evolved: Trio Chipset: Denial of Service due to packet destined to device's interfaces. — Junos OSCWE-835 5.3 Medium2021-04-22
CVE-2021-0271 Junos OS: EX2200-C Series, EX3200 Series, EX3300 Series, EX4200 Series, EX4500 Series, EX4550 Series, EX6210 Series, EX8208 Series, EX8216 Series: Receipt of a crafted ARP packet by an adjacent attacker will cause the sfid process to core. — Junos OS 6.5 Medium2021-04-22
CVE-2021-0269 Junos OS: J-Web can be compromised through reflected client-side HTTP parameter pollution attacks. — Junos OSCWE-233 8.8 High2021-04-22
CVE-2021-0270 Junos OS: PTX Series, QFX10K Series: A PTX/QFX FPC may restart unexpectedly with the "inline-Jflow" feature enabled on a large-scale deployment — Junos OSCWE-362 7.5 High2021-04-22
CVE-2021-0268 Junos OS: J-Web has an Improper Neutralization of CRLF Sequences in its HTTP Headers which allows an attacker to carry out multiple types of attacks. — Junos OSCWE-113 8.8 High2021-04-22
CVE-2021-0266 cSRX: Use of Hard-coded Cryptographic Keys allows an attacker to take control of the device through device management services. — Junos OSCWE-321 8.1 High2021-04-22

This page lists every published CVE security advisory associated with Juniper Networks. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.