cvelistv5 - cve-2026-33775

CVE-2026-33775 (GCVE-0-2026-33775)

Vulnerability from cvelistv5

Published

2026-04-09 21:30

Modified

2026-04-13 18:06

Severity ?

6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.1 (High) - CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/RE:M

CWE

CWE-401 - Missing Release of Memory after Effective Lifetime

Summary

A Missing Release of Memory after Effective Lifetime vulnerability in the BroadBand Edge subscriber management daemon (bbe-smgd) of Juniper Networks Junos OS on MX Series allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS). If the authentication packet-type option is configured and a received packet does not match that packet type, the memory leak occurs. When all memory available to bbe-smgd has been consumed, no new subscribers will be able to login. The memory utilization of bbe-smgd can be monitored with the following show command: user@host> show system processes extensive | match bbe-smgd The below log message can be observed when this limit has been reached: bbesmgd[<PID>]: %DAEMON-3-SMD_DPROF_RSMON_ERROR: Resource unavailability, Reason: Daemon Heap Memory exhaustion This issue affects Junos OS on MX Series: * all versions before 22.4R3-S8, * 23.2 versions before 23.2R2-S5, * 23.4 versions before 23.4R2-S6, * 24.2 versions before 24.2R2-S2, * 24.4 versions before 24.4R2, * 25.2 versions before 25.2R2.

References

URL

Tags

https://kb.juniper.net/JSA107821

vendor-advisory

Impacted products

	Vendor	Product	Version
	Juniper Networks	Junos OS	Version: 0 ≤ Version: 23.2 ≤ Version: 23.4 ≤ Version: 24.2 ≤ Version: 24.4 ≤ Version: 25.2 ≤

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-33775",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-13T17:40:06.427057Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-13T18:06:19.695Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "MX Series"
          ],
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "22.4R3-S8",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "23.2R2-S5",
              "status": "affected",
              "version": "23.2",
              "versionType": "semver"
            },
            {
              "lessThan": "23.4R2-S6",
              "status": "affected",
              "version": "23.4",
              "versionType": "semver"
            },
            {
              "lessThan": "24.2R2-S2",
              "status": "affected",
              "version": "24.2",
              "versionType": "semver"
            },
            {
              "lessThan": "24.4R2",
              "status": "affected",
              "version": "24.4",
              "versionType": "semver"
            },
            {
              "lessThan": "25.2R2",
              "status": "affected",
              "version": "25.2",
              "versionType": "semver"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A system is only affected, when packet-types is configured as follows:\u003cbr\u003e\u003cbr\u003e\u003ctt\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e[ interface \u0026lt;interface\u0026gt; \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eauto-configure (\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003estacked-)vlan-ranges \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003edynamic-profile \u0026lt;profile-name\u0026gt; \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eaccept \u0026lt;packet-type1\u0026gt; ]\u003cbr\u003e\u003c/span\u003e\u003c/tt\u003e\n\n\u003ctt\u003e\u003cbr\u003e\u003c/tt\u003ewhich allows packets of type 1 to be processed on receipt, but\u003cbr\u003e\u003cbr\u003e\u003ctt\u003e[ interfaces \u0026lt;interface\u0026gt;auto-configure (stacked-)vlan-ranges\u0026nbsp;authentication packet-types \u0026lt;packet-type2\u0026gt; ]\u003cbr\u003e\u003cbr\u003e\u003c/tt\u003eis a mismatch and doesn\u0027t require authentication for these packets.\u003cbr\u003e\u003cbr\u003e"
            }
          ],
          "value": "A system is only affected, when packet-types is configured as follows:\n\n\n\n[ interface \u003cinterface\u003e auto-configure (stacked-)vlan-ranges dynamic-profile \u003cprofile-name\u003e accept \u003cpacket-type1\u003e ]\n\n\n\nwhich allows packets of type 1 to be processed on receipt, but\n\n[ interfaces \u003cinterface\u003eauto-configure (stacked-)vlan-ranges\u00a0authentication packet-types \u003cpacket-type2\u003e ]\n\nis a mismatch and doesn\u0027t require authentication for these packets."
        }
      ],
      "datePublic": "2026-04-08T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A Missing Release of Memory after Effective Lifetime vulnerability in the BroadBand Edge subscriber management daemon (bbe-smgd) of Juniper Networks Junos OS on MX Series allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS).\u003cbr\u003e\u003cbr\u003eIf the authentication packet-type option is configured and a received packet does not match that packet type, the memory leak occurs. When all memory \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eavailable to bbe-smgd\u0026nbsp;\u003c/span\u003ehas been consumed, no new subscribers will be able to login.\u003cbr\u003e\u003cbr\u003eThe memory utilization of bbe-smgd can be monitored with the following show command:\u003cbr\u003e\u003cbr\u003e\u003ctt\u003euser@host\u0026gt; show system processes extensive | match bbe-smgd\u003c/tt\u003e\u003cbr\u003e\u003cbr\u003eThe below log message can be observed when this limit has been reached:\u003cbr\u003e\u003cbr\u003e\u003ctt\u003ebbesmgd[\u0026lt;PID\u0026gt;]: %DAEMON-3-SMD_DPROF_RSMON_ERROR: Resource unavailability, Reason: Daemon Heap Memory exhaustion\u003c/tt\u003e\u003cbr\u003e\u003cbr\u003e\u003cbr\u003eThis issue affects Junos OS on MX Series:\u003cbr\u003e\u003cul\u003e\u003cli\u003eall versions before 22.4R3-S8,\u003c/li\u003e\u003cli\u003e23.2 versions before 23.2R2-S5,\u003c/li\u003e\u003cli\u003e23.4 versions before 23.4R2-S6,\u003c/li\u003e\u003cli\u003e24.2 versions before 24.2R2-S2,\u003c/li\u003e\u003cli\u003e24.4 versions before 24.4R2,\u003c/li\u003e\u003cli\u003e25.2 versions before 25.2R2.\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003e"
            }
          ],
          "value": "A Missing Release of Memory after Effective Lifetime vulnerability in the BroadBand Edge subscriber management daemon (bbe-smgd) of Juniper Networks Junos OS on MX Series allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS).\n\nIf the authentication packet-type option is configured and a received packet does not match that packet type, the memory leak occurs. When all memory \n\navailable to bbe-smgd\u00a0has been consumed, no new subscribers will be able to login.\n\nThe memory utilization of bbe-smgd can be monitored with the following show command:\n\nuser@host\u003e show system processes extensive | match bbe-smgd\n\nThe below log message can be observed when this limit has been reached:\n\nbbesmgd[\u003cPID\u003e]: %DAEMON-3-SMD_DPROF_RSMON_ERROR: Resource unavailability, Reason: Daemon Heap Memory exhaustion\n\n\nThis issue affects Junos OS on MX Series:\n  *  all versions before 22.4R3-S8,\n  *  23.2 versions before 23.2R2-S5,\n  *  23.4 versions before 23.4R2-S6,\n  *  24.2 versions before 24.2R2-S2,\n  *  24.4 versions before 24.4R2,\n  *  25.2 versions before 25.2R2."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
            }
          ],
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "Automatable": "YES",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "ADJACENT",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "LOW",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/RE:M",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-401",
              "description": "CWE-401 Missing Release of Memory after Effective Lifetime",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-09T21:30:08.528Z",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://kb.juniper.net/JSA107821"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The following software releases have been updated to resolve this specific issue: 22.4R3-S8, 23.2R2-S5, 23.4R2-S6, 24.2R2-S2, 24.4R2, 25.2R2, 25.4R1, and all subsequent releases."
            }
          ],
          "value": "The following software releases have been updated to resolve this specific issue: 22.4R3-S8, 23.2R2-S5, 23.4R2-S6, 24.2R2-S2, 24.4R2, 25.2R2, 25.4R1, and all subsequent releases."
        }
      ],
      "source": {
        "advisory": "JSA107821",
        "defect": [
          "1853434"
        ],
        "discovery": "USER"
      },
      "title": "Junos OS: MX Series: Mismatch between configured and received packet types causes memory leak in bbe-smgd",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "There are no known workarounds for this issue."
            }
          ],
          "value": "There are no known workarounds for this issue."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2026-33775",
    "datePublished": "2026-04-09T21:30:08.528Z",
    "dateReserved": "2026-03-23T19:46:13.668Z",
    "dateUpdated": "2026-04-13T18:06:19.695Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CERTFR-2026-AVI-0408

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits Juniper Networks. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Juniper Networks	N/A	Junos OS versions 24.2 antérieures à 24.2R2-S4 sur SRX Series et MX Series
Juniper Networks	N/A	Junos OS versions 24.4R2 antérieures à 24.4R2-S3
Juniper Networks	N/A	Junos OS Evolved versions 23.4-EVO antérieures à 23.4R2-S8-EVO
Juniper Networks	N/A	Junos OS versions 22.4 antérieures à 22.4R3-S9 sur SRX Series
Juniper Networks	N/A	Junos OS Evolved versions 22.4R3 antérieures à 22.4R3-S8-EVO
Juniper Networks	N/A	Junos OS Evolved versions antérieures à 21.2R3-S8-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202
Juniper Networks	N/A	Junos OS versions 24.4R1 antérieures à 24.4R1-S3
Juniper Networks	N/A	Junos OS Evolved versions 24.4R1-EVO antérieures à 24.4R1-S3-EVO
Juniper Networks	N/A	Junos OS versions 21.4 antérieures à 21.4R3-S12 sur SRX Series
Juniper Networks	N/A	Junos OS Evolved versions 21.4-EVO antérieures à 21.4R3-S7-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202
Juniper Networks	N/A	Junos OS versions 23.4 antérieures à 23.4R2-S7
Juniper Networks	N/A	Junos OS versions 24.2 antérieures à 24.2R2-S3 sur SRX Series
Juniper Networks	N/A	Junos OS versions antérieures à 23.2R2-S6 sur SRX Series et MX Series
Juniper Networks	N/A	Junos OS Evolved versions 22.3-EVO antérieures à 22.3R3-S3-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202
Juniper Networks	N/A	Junos OS Evolved versions 22.4R3 antérieures à 22.4R3-S9-EVO sur PTX Series
Juniper Networks	N/A	Junos OS versions 23.4 antérieures à 23.4R2-S7 sur SRX Series
Juniper Networks	N/A	Junos OS versions 25.2R2 antérieures à 25.2R2
Juniper Networks	N/A	Junos OS versions 25.2R1 antérieures à 25.2R1-S2
Juniper Networks	N/A	Junos OS versions antérieures à 23.4R2-S7 sur SRX Series et MX Series
Juniper Networks	N/A	Junos OS versions 24.2R2 antérieures à 24.2R2-S4
Juniper Networks	N/A	Junos OS versions 23.2 antérieures à 23.2R2-S6 sur SRX Series
Juniper Networks	N/A	Junos OS Evolved versions 25.2R2-EVO antérieures à 25.2R2-EVO
Juniper Networks	N/A	Junos OS Evolved versions 24.2-EVO antérieures à 24.2R2-S4-EVO
Juniper Networks	N/A	Junos OS Evolved versions 22.4-EVO antérieures à 22.4R3-S2-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202
Juniper Networks	N/A	Junos OS versions 21.2R3 antérieures à 21.2R3-S10 sur SRX Series
Juniper Networks	N/A	Junos OS versions 22.4 antérieures à 22.4R3-S9 sur SRX Series et MX Series
Juniper Networks	N/A	Junos OS versions 25.2 antérieures à 25.2R2 sur SRX Series et MX Series
Juniper Networks	N/A	Junos OS Evolved versions 23.2-EVO antérieures à 23.2R2-S5-EVO
Juniper Networks	N/A	Junos OS versions 23.2R2 antérieures à 23.2R2-S7
Juniper Networks	N/A	JSI vLWC versions antérieures à 3.0.94
Juniper Networks	N/A	Junos OS Evolved versions 23.2-EVO antérieures à 23.2R2-S6-EVO sur PTX Series
Juniper Networks	N/A	Junos OS Evolved versions 23.2-EVO antérieures à 23.2R2-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202
Juniper Networks	N/A	Junos OS versions 22.2 antérieures à 22.2R3-S8 sur SRX Series
Juniper Networks	N/A	Junos OS versions 22.4R3 antérieures à 22.4R3-S9
Juniper Networks	N/A	Junos OS Evolved versions 25.2R1-EVO antérieures à 25.2R1-S2-EVO
Juniper Networks	N/A	Junos OS Evolved versions 24.4R2-EVO antérieures à 24.4R2-S3-EVO
Juniper Networks	N/A	Junos OS Evolved versions 22.2-EVO antérieures à 22.2R3-S4-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper Networks JSA107868	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107864	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107863	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107823	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107822	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107872	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107869	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107821	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107865	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107810	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107871	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107820	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107815	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA106019	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107850	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107866	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107873	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107874	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107875	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107807	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107806	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA106016	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107819	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107862	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107870	2026-04-08	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Junos OS versions 24.2 ant\u00e9rieures \u00e0 24.2R2-S4 sur SRX Series et MX Series",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 24.4R2 ant\u00e9rieures \u00e0 24.4R2-S3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 23.4-EVO ant\u00e9rieures \u00e0 23.4R2-S8-EVO",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 22.4 ant\u00e9rieures \u00e0 22.4R3-S9 sur SRX Series ",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 22.4R3 ant\u00e9rieures \u00e0 22.4R3-S8-EVO",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 21.2R3-S8-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 24.4R1 ant\u00e9rieures \u00e0 24.4R1-S3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 24.4R1-EVO ant\u00e9rieures \u00e0 24.4R1-S3-EVO",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 21.4 ant\u00e9rieures \u00e0 21.4R3-S12 sur SRX Series ",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 21.4-EVO ant\u00e9rieures \u00e0 21.4R3-S7-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 23.4 ant\u00e9rieures \u00e0 23.4R2-S7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 24.2 ant\u00e9rieures \u00e0 24.2R2-S3 sur SRX Series ",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions ant\u00e9rieures \u00e0 23.2R2-S6 sur SRX Series et MX Series",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 22.3-EVO ant\u00e9rieures \u00e0 22.3R3-S3-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 22.4R3 ant\u00e9rieures \u00e0 22.4R3-S9-EVO sur PTX Series ",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 23.4 ant\u00e9rieures \u00e0 23.4R2-S7 sur SRX Series ",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 25.2R2 ant\u00e9rieures \u00e0 25.2R2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 25.2R1 ant\u00e9rieures \u00e0 25.2R1-S2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions ant\u00e9rieures \u00e0 23.4R2-S7 sur SRX Series et MX Series",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 24.2R2 ant\u00e9rieures \u00e0 24.2R2-S4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 23.2 ant\u00e9rieures \u00e0 23.2R2-S6 sur SRX Series ",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 25.2R2-EVO ant\u00e9rieures \u00e0 25.2R2-EVO",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 24.2-EVO ant\u00e9rieures \u00e0 24.2R2-S4-EVO",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 22.4-EVO ant\u00e9rieures \u00e0 22.4R3-S2-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 21.2R3 ant\u00e9rieures \u00e0 21.2R3-S10 sur SRX Series ",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS  versions 22.4 ant\u00e9rieures \u00e0 22.4R3-S9 sur SRX Series et MX Series",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 25.2 ant\u00e9rieures \u00e0 25.2R2 sur SRX Series et MX Series",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 23.2-EVO ant\u00e9rieures \u00e0 23.2R2-S5-EVO",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 23.2R2 ant\u00e9rieures \u00e0 23.2R2-S7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": " JSI vLWC versions ant\u00e9rieures \u00e0 3.0.94",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 23.2-EVO ant\u00e9rieures \u00e0 23.2R2-S6-EVO sur PTX Series",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 23.2-EVO ant\u00e9rieures \u00e0 23.2R2-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 22.2 ant\u00e9rieures \u00e0 22.2R3-S8 sur SRX Series ",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 22.4R3 ant\u00e9rieures \u00e0 22.4R3-S9",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 25.2R1-EVO ant\u00e9rieures \u00e0 25.2R1-S2-EVO",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 24.4R2-EVO ant\u00e9rieures \u00e0 24.4R2-S3-EVO",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 22.2-EVO ant\u00e9rieures \u00e0 22.2R3-S4-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2026-33773",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33773"
    },
    {
      "name": "CVE-2026-33785",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33785"
    },
    {
      "name": "CVE-2026-33780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33780"
    },
    {
      "name": "CVE-2022-24805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24805"
    },
    {
      "name": "CVE-2026-21919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21919"
    },
    {
      "name": "CVE-2026-33771",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33771"
    },
    {
      "name": "CVE-2025-30650",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30650"
    },
    {
      "name": "CVE-2026-33797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33797"
    },
    {
      "name": "CVE-2026-33779",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33779"
    },
    {
      "name": "CVE-2025-13914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13914"
    },
    {
      "name": "CVE-2026-33784",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33784"
    },
    {
      "name": "CVE-2026-33786",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33786"
    },
    {
      "name": "CVE-2026-33776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33776"
    },
    {
      "name": "CVE-2026-21916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21916"
    },
    {
      "name": "CVE-2026-33781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33781"
    },
    {
      "name": "CVE-2026-33787",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33787"
    },
    {
      "name": "CVE-2026-33778",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33778"
    },
    {
      "name": "CVE-2026-33791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33791"
    },
    {
      "name": "CVE-2026-33790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33790"
    },
    {
      "name": "CVE-2026-33783",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33783"
    },
    {
      "name": "CVE-2026-33774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33774"
    },
    {
      "name": "CVE-2026-33775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33775"
    },
    {
      "name": "CVE-2026-33788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33788"
    },
    {
      "name": "CVE-2026-33782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33782"
    },
    {
      "name": "CVE-2026-21915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21915"
    }
  ],
  "initial_release_date": "2026-04-09T00:00:00",
  "last_revision_date": "2026-04-09T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0408",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-04-09T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Juniper Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper Networks",
  "vendor_advisories": [
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107868",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-SRX-Series-MX-Series-When-a-specifically-malformed-first-ISAKMP-packet-is-received-kmd-iked-crashes-CVE-2026-33778"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107864",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-CTP-OS-Configuring-password-requirements-does-not-work-which-permits-the-use-of-weak-passwords-CVE-2026-33771"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107863",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-Privileged-local-user-can-gain-access-to-a-Linux-based-FPC-as-root-CVE-2025-30650"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107823",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-SRX-Series-Insufficient-certificate-verification-for-device-to-SD-cloud-communication-CVE-2026-33779"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107822",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-CVE-2022-24805-resolved-in-net-SNMP"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107872",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-MX-Series-Missing-Authorization-for-specific-request-CLI-commands-in-a-JDM-CSDS-scenario-CVE-2026-33785"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107869",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-EX-Series-QFX-Series-In-a-VXLAN-scenario-when-specific-control-protocol-packets-are-received-memory-leaks-and-eventually-no-traffic-is-passed-CVE-2026-33781"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107821",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-MX-Series-Mismatch-between-configured-and-received-packet-types-causes-memory-leak-in-bbe-smgd-CVE-2026-33775"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107865",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-MX-Series-Firewall-filters-on-lo0-non-0-in-the-default-routing-instance-are-not-in-effect-CVE-2026-33774"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107810",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-SRX1600-SRX2300-SRX4300-When-a-specific-show-command-is-executed-chassisd-crashes-CVE-2026-33786"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107871",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-vLWC-Default-password-is-not-required-to-be-changed-which-allows-unauthorized-high-privileged-access-CVE-2026-33784"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107820",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-MX-Series-In-specific-DHCPv6-scenarios-jdhcpd-memory-increases-continuously-with-subscriber-logouts-CVE-2026-33782"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107815",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-EX-Series-QFX-Series-If-the-same-egress-filter-is-configured-on-both-an-IRB-and-a-physical-interface-one-of-those-is-not-applied-CVE-2026-33773"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA106019",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-A-high-frequency-of-connecting-and-disconnecting-netconf-sessions-causes-management-unavailability-CVE-2026-21919"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107850",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-An-attacker-sending-a-specific-genuine-BGP-packet-causes-a-BGP-reset-CVE-2026-33797"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107866",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Specific-low-privileged-CLI-command-exposes-sensitive-information-CVE-2026-33776"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107873",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-SRX1500-SRX4100-SRX4200-SRX4600-When-a-specific-show-command-is-executed-chassisd-crashes-CVE-2026-33787"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107874",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-SRX-Series-In-a-NAT64-configuration-receipt-of-a-specific-malformed-ICMPv6-packet-will-cause-the-srxpfe-process-to-crash-and-restart-CVE-2026-33790"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107875",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Execution-of-crafted-CLI-commands-allows-for-arbitrary-shell-injection-as-root-CVE-2026-33791"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107807",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-A-low-privileged-user-can-escalate-their-privileges-so-that-they-can-login-as-root-CVE-2026-21916"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107806",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-Evolved-Local-authenticated-attackers-can-gain-access-to-FPCs-CVE-2026-33788"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA106016",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-JSI-Virtual-Lightweight-Collector-Shell-escape-allows-privilege-escalation-to-root-CVE-2026-21915"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107819",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-an-EVPN-MPLS-scenario-churn-of-ESI-routes-causes-a-memory-leak-in-l2ald-CVE-2026-33780"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107862",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Apstra-SSH-host-key-validation-vulnerability-for-managed-devices-CVE-2025-13914"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107870",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-Evolved-PTX-Series-If-SRTE-tunnels-provisioned-via-PCEP-are-present-and-specific-gRPC-queries-are-received-evo-aftman-crashes-CVE-2026-33783"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2026-33775 (GCVE-0-2026-33775)

Vulnerability from cvelistv5

CERTFR-2026-AVI-0408

Vulnerability from certfr_avis

Solutions

Tags

Sightings

Nomenclature