← Back

CVE-2026-33803

nvd nist
Published: Jul 9, 2026Modified: Jul 13, 2026

JSON object

Loading...
6.9
Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:X/RE:M/U:X
Show more
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:X/RE:M/U:XShow less
Source: sirt@juniper.net (Secondary)

Description

An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a limited information disclosure and availability impact to the device. Due to a wrong initialization, a process which should only be able to communicate internally within the device can be reached over the network via an open port. This leads to a device being inadvertently exposed and increased CPU cycles spent processing ingress packets. This issue affects Junos OS Evolved: * all versions before 23.2R2-S7-EVO, * 23.4 versions before 23.4R2-S8-EVO, * 24.2 versions before 24.2R2-S5-EVO, * 24.4 versions before 24.4R2-S4-EVO, * 25.2 versions before 25.2R2-S1-EVO, * 25.4 versions before 25.4R1-S2-EVO.

Affected (48)

1 product
Junos Os Evolved
Configuration A
48 vulnerable
Vulnerable SoftwareAffected Versions
Juniper
Before 23.2
Version 23.2
Version 23.2 r1-s1
Version 23.2 r1-s2
Version 23.2 r1
Version 23.2 r2-s1
Version 23.2 r2-s2
Version 23.2 r2-s3
Version 23.2 r2-s4
Version 23.2 r2-s5
Version 23.2 r2-s6
Version 23.2 r2
Version 23.4
Version 23.4 r1-s1
Version 23.4 r1-s2
Version 23.4 r1
Version 23.4 r2-s1
Version 23.4 r2-s2
Version 23.4 r2-s3
Version 23.4 r2-s4
Version 23.4 r2-s5
Version 23.4 r2-s6
Version 23.4 r2-s7
Version 23.4 r2
Version 24.2
Version 24.2 r1-s2
Version 24.2 r1
Version 24.2 r2-s1
Version 24.2 r2-s2
Version 24.2 r2-s3
Version 24.2 r2-s4
Version 24.2 r2
Version 24.4
Version 24.4 r1-s2
Version 24.4 r1-s3
Version 24.4 r1
Version 24.4 r2-s1
Version 24.4 r2-s2
Version 24.4 r2-s3
Version 24.4 r2
Version 25.2
Version 25.2 r1-s1
Version 25.2 r1-s2
Version 25.2 r1
Version 25.2 r2
Version 25.4
Version 25.4 r1-s1
Version 25.4 r1

References (1)

Source: sirt@juniper.net
Vendor Advisory

Timeline

No history available yet.