cvelistv5 - cve-2026-33787

CVE-2026-33787 (GCVE-0-2026-33787)

Vulnerability from cvelistv5

Published

2026-04-09 21:37

Modified

2026-04-13 18:06

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.8 (Medium) - CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/RE:M

CWE

CWE-754 - Improper Check for Unusual or Exceptional Conditions

Summary

An Improper Check for Unusual or Exceptional Conditions vulnerability in the chassis control daemon (chassisd) of Juniper Networks Junos OS on SRX1500, SRX4100, SRX4200 and SRX4600 allows a local attacker with low privileges to cause a complete Denial of Service (DoS). When a specific 'show chassis' CLI command is executed, chassisd crashes and restarts which causes a momentary impact to all traffic until all modules are online again. This issue affects Junos OS on SRX1500, SRX4100, SRX4200 and SRX4600: * 23.2 versions before 23.2R2-S6, * 23.4 versions before 23.4R2-S7 * 24.2 versions before 24.2R2-S2, * 24.4 versions before 24.4R2, * 25.2 versions before 25.2R1-S1, 25.2R2.

References

URL

Tags

https://kb.juniper.net/JSA107873

vendor-advisory

Impacted products

	Vendor	Product	Version
	Juniper Networks	Junos OS	Version: 0 ≤ Version: 23.4 ≤ Version: 24.2 ≤ Version: 24.4 ≤ Version: 25.2 ≤

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-33787",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-13T17:50:04.608156Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-13T18:06:18.752Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "SRX1500",
            "SRX4100",
            "SRX4200",
            "SRX4600"
          ],
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "23.2R2-S6",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "23.4R2-S7",
              "status": "affected",
              "version": "23.4",
              "versionType": "semver"
            },
            {
              "lessThan": "24.2R2-S2",
              "status": "affected",
              "version": "24.2",
              "versionType": "semver"
            },
            {
              "lessThan": "24.4R2",
              "status": "affected",
              "version": "24.4",
              "versionType": "semver"
            },
            {
              "lessThan": "25.2R1-S1, 25.2R2",
              "status": "affected",
              "version": "25.2",
              "versionType": "semver"
            }
          ]
        }
      ],
      "datePublic": "2026-04-08T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An Improper Check for Unusual or Exceptional Conditions vulnerability in the chassis control daemon (chassisd) of Juniper Networks Junos OS on SRX1500, SRX4100, SRX4200 and SRX4600 allows a local attacker with low privileges to cause a complete Denial of Service (DoS).\u003cbr\u003e\u003cbr\u003eWhen a specific \u0027show chassis\u0027 CLI command is executed, chassisd crashes and restarts which causes a momentary impact to all traffic until all modules are online again.\u003cbr\u003e\u003cbr\u003e\n\n\u003cp\u003eThis issue affects Junos OS on SRX1500, SRX4100, SRX4200 and SRX4600:\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003e23.2 versions before\u0026nbsp;23.2R2-S6,\u003c/li\u003e\u003cli\u003e23.4 versions before\u0026nbsp;23.4R2-S7\u003c/li\u003e\u003cli\u003e24.2 versions before 24.2R2-S2,\u003c/li\u003e\u003cli\u003e24.4 versions before 24.4R2,\u003c/li\u003e\u003cli\u003e25.2 versions before 25.2R1-S1, 25.2R2.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e"
            }
          ],
          "value": "An Improper Check for Unusual or Exceptional Conditions vulnerability in the chassis control daemon (chassisd) of Juniper Networks Junos OS on SRX1500, SRX4100, SRX4200 and SRX4600 allows a local attacker with low privileges to cause a complete Denial of Service (DoS).\n\nWhen a specific \u0027show chassis\u0027 CLI command is executed, chassisd crashes and restarts which causes a momentary impact to all traffic until all modules are online again.\n\n\n\nThis issue affects Junos OS on SRX1500, SRX4100, SRX4200 and SRX4600:\u00a0\n\n\n\n  *  23.2 versions before\u00a023.2R2-S6,\n  *  23.4 versions before\u00a023.4R2-S7\n  *  24.2 versions before 24.2R2-S2,\n  *  24.4 versions before 24.4R2,\n  *  25.2 versions before 25.2R1-S1, 25.2R2."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
            }
          ],
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "Automatable": "YES",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "LOW",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/RE:M",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-754",
              "description": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-09T21:37:31.411Z",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://kb.juniper.net/JSA107873"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The following software releases have been updated to resolve this specific issue:\u0026nbsp;23.2R2-S6, 23.4R2-S7, 24.2R2-S2, 24.4R2, 25.2R1-S1, 25.2R2, 25.4R1, and all subsequent releases."
            }
          ],
          "value": "The following software releases have been updated to resolve this specific issue:\u00a023.2R2-S6, 23.4R2-S7, 24.2R2-S2, 24.4R2, 25.2R1-S1, 25.2R2, 25.4R1, and all subsequent releases."
        }
      ],
      "source": {
        "advisory": "JSA107873",
        "defect": [
          "1890087"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Junos OS: SRX1500, SRX4100, SRX4200, SRX4600: When a specific show command is executed chassisd crashes",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Use access lists or firewall filters to limit access to the CLI only from trusted hosts and administrators.\u003cbr\u003e\u003cbr\u003eUtilize CLI authorization to disallow execution of the \u0027show chassis\u0027 command.\u003cbr\u003e"
            }
          ],
          "value": "Use access lists or firewall filters to limit access to the CLI only from trusted hosts and administrators.\n\nUtilize CLI authorization to disallow execution of the \u0027show chassis\u0027 command."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2026-33787",
    "datePublished": "2026-04-09T21:37:31.411Z",
    "dateReserved": "2026-03-23T19:46:13.671Z",
    "dateUpdated": "2026-04-13T18:06:18.752Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-33787\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-04-13T17:50:04.608156Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-04-13T17:58:18.320Z\"}}], \"cna\": {\"title\": \"Junos OS: SRX1500, SRX4100, SRX4200, SRX4600: When a specific show command is executed chassisd crashes\", \"source\": {\"defect\": [\"1890087\"], \"advisory\": \"JSA107873\", \"discovery\": \"INTERNAL\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.5, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}, {\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 6.8, \"Automatable\": \"YES\", \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/RE:M\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"LOW\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"NONE\", \"subAvailabilityImpact\": \"LOW\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"NONE\", \"vulnerabilityResponseEffort\": \"MODERATE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Juniper Networks\", \"product\": \"Junos OS\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"23.2R2-S6\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"23.4\", \"lessThan\": \"23.4R2-S7\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"24.2\", \"lessThan\": \"24.2R2-S2\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"24.4\", \"lessThan\": \"24.4R2\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"25.2\", \"lessThan\": \"25.2R1-S1, 25.2R2\", \"versionType\": \"semver\"}], \"platforms\": [\"SRX1500\", \"SRX4100\", \"SRX4200\", \"SRX4600\"], \"defaultStatus\": \"unaffected\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\", \"base64\": false}]}], \"solutions\": [{\"lang\": \"en\", \"value\": \"The following software releases have been updated to resolve this specific issue:\\u00a023.2R2-S6, 23.4R2-S7, 24.2R2-S2, 24.4R2, 25.2R1-S1, 25.2R2, 25.4R1, and all subsequent releases.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"The following software releases have been updated to resolve this specific issue:\u0026nbsp;23.2R2-S6, 23.4R2-S7, 24.2R2-S2, 24.4R2, 25.2R1-S1, 25.2R2, 25.4R1, and all subsequent releases.\", \"base64\": false}]}], \"datePublic\": \"2026-04-08T16:00:00.000Z\", \"references\": [{\"url\": \"https://kb.juniper.net/JSA107873\", \"tags\": [\"vendor-advisory\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Use access lists or firewall filters to limit access to the CLI only from trusted hosts and administrators.\\n\\nUtilize CLI authorization to disallow execution of the \u0027show chassis\u0027 command.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Use access lists or firewall filters to limit access to the CLI only from trusted hosts and administrators.\u003cbr\u003e\u003cbr\u003eUtilize CLI authorization to disallow execution of the \u0027show chassis\u0027 command.\u003cbr\u003e\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"An Improper Check for Unusual or Exceptional Conditions vulnerability in the chassis control daemon (chassisd) of Juniper Networks Junos OS on SRX1500, SRX4100, SRX4200 and SRX4600 allows a local attacker with low privileges to cause a complete Denial of Service (DoS).\\n\\nWhen a specific \u0027show chassis\u0027 CLI command is executed, chassisd crashes and restarts which causes a momentary impact to all traffic until all modules are online again.\\n\\n\\n\\nThis issue affects Junos OS on SRX1500, SRX4100, SRX4200 and SRX4600:\\u00a0\\n\\n\\n\\n  *  23.2 versions before\\u00a023.2R2-S6,\\n  *  23.4 versions before\\u00a023.4R2-S7\\n  *  24.2 versions before 24.2R2-S2,\\n  *  24.4 versions before 24.4R2,\\n  *  25.2 versions before 25.2R1-S1, 25.2R2.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"An Improper Check for Unusual or Exceptional Conditions vulnerability in the chassis control daemon (chassisd) of Juniper Networks Junos OS on SRX1500, SRX4100, SRX4200 and SRX4600 allows a local attacker with low privileges to cause a complete Denial of Service (DoS).\u003cbr\u003e\u003cbr\u003eWhen a specific \u0027show chassis\u0027 CLI command is executed, chassisd crashes and restarts which causes a momentary impact to all traffic until all modules are online again.\u003cbr\u003e\u003cbr\u003e\\n\\n\u003cp\u003eThis issue affects Junos OS on SRX1500, SRX4100, SRX4200 and SRX4600:\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003e23.2 versions before\u0026nbsp;23.2R2-S6,\u003c/li\u003e\u003cli\u003e23.4 versions before\u0026nbsp;23.4R2-S7\u003c/li\u003e\u003cli\u003e24.2 versions before 24.2R2-S2,\u003c/li\u003e\u003cli\u003e24.4 versions before 24.4R2,\u003c/li\u003e\u003cli\u003e25.2 versions before 25.2R1-S1, 25.2R2.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-754\", \"description\": \"CWE-754 Improper Check for Unusual or Exceptional Conditions\"}]}], \"providerMetadata\": {\"orgId\": \"8cbe9d5a-a066-4c94-8978-4b15efeae968\", \"shortName\": \"juniper\", \"dateUpdated\": \"2026-04-09T21:37:31.411Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-33787\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-04-13T18:06:18.752Z\", \"dateReserved\": \"2026-03-23T19:46:13.671Z\", \"assignerOrgId\": \"8cbe9d5a-a066-4c94-8978-4b15efeae968\", \"datePublished\": \"2026-04-09T21:37:31.411Z\", \"assignerShortName\": \"juniper\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

CERTFR-2026-AVI-0408

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits Juniper Networks. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Juniper Networks	N/A	Junos OS versions 24.2 antérieures à 24.2R2-S4 sur SRX Series et MX Series
Juniper Networks	N/A	Junos OS versions 24.4R2 antérieures à 24.4R2-S3
Juniper Networks	N/A	Junos OS Evolved versions 23.4-EVO antérieures à 23.4R2-S8-EVO
Juniper Networks	N/A	Junos OS versions 22.4 antérieures à 22.4R3-S9 sur SRX Series
Juniper Networks	N/A	Junos OS Evolved versions 22.4R3 antérieures à 22.4R3-S8-EVO
Juniper Networks	N/A	Junos OS Evolved versions antérieures à 21.2R3-S8-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202
Juniper Networks	N/A	Junos OS versions 24.4R1 antérieures à 24.4R1-S3
Juniper Networks	N/A	Junos OS Evolved versions 24.4R1-EVO antérieures à 24.4R1-S3-EVO
Juniper Networks	N/A	Junos OS versions 21.4 antérieures à 21.4R3-S12 sur SRX Series
Juniper Networks	N/A	Junos OS Evolved versions 21.4-EVO antérieures à 21.4R3-S7-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202
Juniper Networks	N/A	Junos OS versions 23.4 antérieures à 23.4R2-S7
Juniper Networks	N/A	Junos OS versions 24.2 antérieures à 24.2R2-S3 sur SRX Series
Juniper Networks	N/A	Junos OS versions antérieures à 23.2R2-S6 sur SRX Series et MX Series
Juniper Networks	N/A	Junos OS Evolved versions 22.3-EVO antérieures à 22.3R3-S3-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202
Juniper Networks	N/A	Junos OS Evolved versions 22.4R3 antérieures à 22.4R3-S9-EVO sur PTX Series
Juniper Networks	N/A	Junos OS versions 23.4 antérieures à 23.4R2-S7 sur SRX Series
Juniper Networks	N/A	Junos OS versions 25.2R2 antérieures à 25.2R2
Juniper Networks	N/A	Junos OS versions 25.2R1 antérieures à 25.2R1-S2
Juniper Networks	N/A	Junos OS versions antérieures à 23.4R2-S7 sur SRX Series et MX Series
Juniper Networks	N/A	Junos OS versions 24.2R2 antérieures à 24.2R2-S4
Juniper Networks	N/A	Junos OS versions 23.2 antérieures à 23.2R2-S6 sur SRX Series
Juniper Networks	N/A	Junos OS Evolved versions 25.2R2-EVO antérieures à 25.2R2-EVO
Juniper Networks	N/A	Junos OS Evolved versions 24.2-EVO antérieures à 24.2R2-S4-EVO
Juniper Networks	N/A	Junos OS Evolved versions 22.4-EVO antérieures à 22.4R3-S2-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202
Juniper Networks	N/A	Junos OS versions 21.2R3 antérieures à 21.2R3-S10 sur SRX Series
Juniper Networks	N/A	Junos OS versions 22.4 antérieures à 22.4R3-S9 sur SRX Series et MX Series
Juniper Networks	N/A	Junos OS versions 25.2 antérieures à 25.2R2 sur SRX Series et MX Series
Juniper Networks	N/A	Junos OS Evolved versions 23.2-EVO antérieures à 23.2R2-S5-EVO
Juniper Networks	N/A	Junos OS versions 23.2R2 antérieures à 23.2R2-S7
Juniper Networks	N/A	JSI vLWC versions antérieures à 3.0.94
Juniper Networks	N/A	Junos OS Evolved versions 23.2-EVO antérieures à 23.2R2-S6-EVO sur PTX Series
Juniper Networks	N/A	Junos OS Evolved versions 23.2-EVO antérieures à 23.2R2-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202
Juniper Networks	N/A	Junos OS versions 22.2 antérieures à 22.2R3-S8 sur SRX Series
Juniper Networks	N/A	Junos OS versions 22.4R3 antérieures à 22.4R3-S9
Juniper Networks	N/A	Junos OS Evolved versions 25.2R1-EVO antérieures à 25.2R1-S2-EVO
Juniper Networks	N/A	Junos OS Evolved versions 24.4R2-EVO antérieures à 24.4R2-S3-EVO
Juniper Networks	N/A	Junos OS Evolved versions 22.2-EVO antérieures à 22.2R3-S4-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper Networks JSA107868	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107864	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107863	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107823	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107822	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107872	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107869	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107821	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107865	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107810	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107871	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107820	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107815	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA106019	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107850	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107866	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107873	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107874	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107875	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107807	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107806	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA106016	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107819	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107862	2026-04-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA107870	2026-04-08	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Junos OS versions 24.2 ant\u00e9rieures \u00e0 24.2R2-S4 sur SRX Series et MX Series",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 24.4R2 ant\u00e9rieures \u00e0 24.4R2-S3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 23.4-EVO ant\u00e9rieures \u00e0 23.4R2-S8-EVO",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 22.4 ant\u00e9rieures \u00e0 22.4R3-S9 sur SRX Series ",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 22.4R3 ant\u00e9rieures \u00e0 22.4R3-S8-EVO",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 21.2R3-S8-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 24.4R1 ant\u00e9rieures \u00e0 24.4R1-S3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 24.4R1-EVO ant\u00e9rieures \u00e0 24.4R1-S3-EVO",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 21.4 ant\u00e9rieures \u00e0 21.4R3-S12 sur SRX Series ",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 21.4-EVO ant\u00e9rieures \u00e0 21.4R3-S7-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 23.4 ant\u00e9rieures \u00e0 23.4R2-S7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 24.2 ant\u00e9rieures \u00e0 24.2R2-S3 sur SRX Series ",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions ant\u00e9rieures \u00e0 23.2R2-S6 sur SRX Series et MX Series",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 22.3-EVO ant\u00e9rieures \u00e0 22.3R3-S3-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 22.4R3 ant\u00e9rieures \u00e0 22.4R3-S9-EVO sur PTX Series ",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 23.4 ant\u00e9rieures \u00e0 23.4R2-S7 sur SRX Series ",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 25.2R2 ant\u00e9rieures \u00e0 25.2R2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 25.2R1 ant\u00e9rieures \u00e0 25.2R1-S2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions ant\u00e9rieures \u00e0 23.4R2-S7 sur SRX Series et MX Series",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 24.2R2 ant\u00e9rieures \u00e0 24.2R2-S4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 23.2 ant\u00e9rieures \u00e0 23.2R2-S6 sur SRX Series ",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 25.2R2-EVO ant\u00e9rieures \u00e0 25.2R2-EVO",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 24.2-EVO ant\u00e9rieures \u00e0 24.2R2-S4-EVO",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 22.4-EVO ant\u00e9rieures \u00e0 22.4R3-S2-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 21.2R3 ant\u00e9rieures \u00e0 21.2R3-S10 sur SRX Series ",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS  versions 22.4 ant\u00e9rieures \u00e0 22.4R3-S9 sur SRX Series et MX Series",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 25.2 ant\u00e9rieures \u00e0 25.2R2 sur SRX Series et MX Series",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 23.2-EVO ant\u00e9rieures \u00e0 23.2R2-S5-EVO",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 23.2R2 ant\u00e9rieures \u00e0 23.2R2-S7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": " JSI vLWC versions ant\u00e9rieures \u00e0 3.0.94",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 23.2-EVO ant\u00e9rieures \u00e0 23.2R2-S6-EVO sur PTX Series",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 23.2-EVO ant\u00e9rieures \u00e0 23.2R2-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 22.2 ant\u00e9rieures \u00e0 22.2R3-S8 sur SRX Series ",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 22.4R3 ant\u00e9rieures \u00e0 22.4R3-S9",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 25.2R1-EVO ant\u00e9rieures \u00e0 25.2R1-S2-EVO",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 24.4R2-EVO ant\u00e9rieures \u00e0 24.4R2-S3-EVO",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 22.2-EVO ant\u00e9rieures \u00e0 22.2R3-S4-EVO sur PTX10004, PTX10008, PTX100016 avec JNP10K-LC1201 ou JNP10K-LC1202",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2026-33773",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33773"
    },
    {
      "name": "CVE-2026-33785",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33785"
    },
    {
      "name": "CVE-2026-33780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33780"
    },
    {
      "name": "CVE-2022-24805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24805"
    },
    {
      "name": "CVE-2026-21919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21919"
    },
    {
      "name": "CVE-2026-33771",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33771"
    },
    {
      "name": "CVE-2025-30650",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30650"
    },
    {
      "name": "CVE-2026-33797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33797"
    },
    {
      "name": "CVE-2026-33779",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33779"
    },
    {
      "name": "CVE-2025-13914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13914"
    },
    {
      "name": "CVE-2026-33784",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33784"
    },
    {
      "name": "CVE-2026-33786",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33786"
    },
    {
      "name": "CVE-2026-33776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33776"
    },
    {
      "name": "CVE-2026-21916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21916"
    },
    {
      "name": "CVE-2026-33781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33781"
    },
    {
      "name": "CVE-2026-33787",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33787"
    },
    {
      "name": "CVE-2026-33778",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33778"
    },
    {
      "name": "CVE-2026-33791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33791"
    },
    {
      "name": "CVE-2026-33790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33790"
    },
    {
      "name": "CVE-2026-33783",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33783"
    },
    {
      "name": "CVE-2026-33774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33774"
    },
    {
      "name": "CVE-2026-33775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33775"
    },
    {
      "name": "CVE-2026-33788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33788"
    },
    {
      "name": "CVE-2026-33782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33782"
    },
    {
      "name": "CVE-2026-21915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21915"
    }
  ],
  "initial_release_date": "2026-04-09T00:00:00",
  "last_revision_date": "2026-04-09T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0408",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-04-09T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Juniper Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper Networks",
  "vendor_advisories": [
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107868",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-SRX-Series-MX-Series-When-a-specifically-malformed-first-ISAKMP-packet-is-received-kmd-iked-crashes-CVE-2026-33778"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107864",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-CTP-OS-Configuring-password-requirements-does-not-work-which-permits-the-use-of-weak-passwords-CVE-2026-33771"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107863",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-Privileged-local-user-can-gain-access-to-a-Linux-based-FPC-as-root-CVE-2025-30650"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107823",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-SRX-Series-Insufficient-certificate-verification-for-device-to-SD-cloud-communication-CVE-2026-33779"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107822",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-CVE-2022-24805-resolved-in-net-SNMP"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107872",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-MX-Series-Missing-Authorization-for-specific-request-CLI-commands-in-a-JDM-CSDS-scenario-CVE-2026-33785"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107869",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-EX-Series-QFX-Series-In-a-VXLAN-scenario-when-specific-control-protocol-packets-are-received-memory-leaks-and-eventually-no-traffic-is-passed-CVE-2026-33781"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107821",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-MX-Series-Mismatch-between-configured-and-received-packet-types-causes-memory-leak-in-bbe-smgd-CVE-2026-33775"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107865",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-MX-Series-Firewall-filters-on-lo0-non-0-in-the-default-routing-instance-are-not-in-effect-CVE-2026-33774"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107810",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-SRX1600-SRX2300-SRX4300-When-a-specific-show-command-is-executed-chassisd-crashes-CVE-2026-33786"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107871",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-vLWC-Default-password-is-not-required-to-be-changed-which-allows-unauthorized-high-privileged-access-CVE-2026-33784"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107820",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-MX-Series-In-specific-DHCPv6-scenarios-jdhcpd-memory-increases-continuously-with-subscriber-logouts-CVE-2026-33782"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107815",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-EX-Series-QFX-Series-If-the-same-egress-filter-is-configured-on-both-an-IRB-and-a-physical-interface-one-of-those-is-not-applied-CVE-2026-33773"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA106019",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-A-high-frequency-of-connecting-and-disconnecting-netconf-sessions-causes-management-unavailability-CVE-2026-21919"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107850",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-An-attacker-sending-a-specific-genuine-BGP-packet-causes-a-BGP-reset-CVE-2026-33797"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107866",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Specific-low-privileged-CLI-command-exposes-sensitive-information-CVE-2026-33776"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107873",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-SRX1500-SRX4100-SRX4200-SRX4600-When-a-specific-show-command-is-executed-chassisd-crashes-CVE-2026-33787"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107874",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-SRX-Series-In-a-NAT64-configuration-receipt-of-a-specific-malformed-ICMPv6-packet-will-cause-the-srxpfe-process-to-crash-and-restart-CVE-2026-33790"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107875",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Execution-of-crafted-CLI-commands-allows-for-arbitrary-shell-injection-as-root-CVE-2026-33791"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107807",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-A-low-privileged-user-can-escalate-their-privileges-so-that-they-can-login-as-root-CVE-2026-21916"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107806",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-Evolved-Local-authenticated-attackers-can-gain-access-to-FPCs-CVE-2026-33788"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA106016",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-JSI-Virtual-Lightweight-Collector-Shell-escape-allows-privilege-escalation-to-root-CVE-2026-21915"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107819",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-an-EVPN-MPLS-scenario-churn-of-ESI-routes-causes-a-memory-leak-in-l2ald-CVE-2026-33780"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107862",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Apstra-SSH-host-key-validation-vulnerability-for-managed-devices-CVE-2025-13914"
    },
    {
      "published_at": "2026-04-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA107870",
      "url": "https://supportportal.juniper.net/s/article/2026-04-Security-Bulletin-Junos-OS-Evolved-PTX-Series-If-SRTE-tunnels-provisioned-via-PCEP-are-present-and-specific-gRPC-queries-are-received-evo-aftman-crashes-CVE-2026-33783"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2026-33787 (GCVE-0-2026-33787)

Vulnerability from cvelistv5

CERTFR-2026-AVI-0408

Vulnerability from certfr_avis

Solutions

Tags

Sightings

Nomenclature