{ "document" : { "aggregate_severity" : { "text" : "hoch" }, "category" : "csaf_base", "csaf_version" : "2.0", "distribution" : { "tlp" : { "label" : "WHITE", "url" : "https://www.first.org/tlp/" } }, "lang" : "de-DE", "notes" : [ { "category" : "legal_disclaimer", "text" : "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen." }, { "category" : "description", "text" : "JUNOS ist das \"Juniper Network Operating System\", das in Juniper Appliances verwendet wird.\r\nJunos Space ist eine Software-Plattform, die eine Reihe von Applikationen für das Netzwerkmanagement beinhaltet.", "title" : "Produktbeschreibung" }, { "category" : "summary", "text" : "Ein Angreifer kann mehrere Schwachstellen in Juniper JUNOS und Juniper Junos Space ausnutzen, um falsche Informationen darzustellen, beliebigen Code mit Root-Rechten auszuführen, Daten zu manipulieren, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand zu verursachen.", "title" : "Angriff" }, { "category" : "general", "text" : "- Sonstiges\n- UNIX", "title" : "Betroffene Betriebssysteme" } ], "publisher" : { "category" : "other", "contact_details" : "csaf-provider@cert-bund.de", "name" : "Bundesamt für Sicherheit in der Informationstechnik", "namespace" : "https://www.bsi.bund.de" }, "references" : [ { "category" : "self", "summary" : "WID-SEC-W-2026-0117 - CSAF Version", "url" : "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0117.json" }, { "category" : "self", "summary" : "WID-SEC-2026-0117 - Portal Version", "url" : "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0117" }, { "category" : "external", "summary" : "Juniper Patchday vom 2026-01-14", "url" : "https://supportportal.juniper.net/s/global-search/%40uri#sortCriteria=date%20descending&f-sf_primarysourcename=Knowledge&f-sf_articletype=Security%20Advisories&numberOfResults=100" }, { "category" : "external", "summary" : "Juniper Security Advisories vom 2026-01-14", "url" : "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-BGP-update-with-a-set-of-specific-attributes-causes-rpd-crash-CVE-2025-60003" }, { "category" : "external", "summary" : "Juniper Security Advisories vom 2026-01-14", "url" : "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-DHCP-Option-82-messages-from-clients-being-passed-unmodified-to-the-DHCP-server-CVE-2025-59960" }, { "category" : "external", "summary" : "Juniper Security Advisories vom 2026-01-14", "url" : "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Executing-a-specific-show-command-leads-to-an-rpd-crash-CVE-2025-59959" }, { "category" : "external", "summary" : "Juniper Security Advisories vom 2026-01-14", "url" : "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Optional-transitive-BGP-attribute-is-modified-before-propagation-to-peers-causing-sessions-to-flap-CVE-2025-60011" }, { "category" : "external", "summary" : "Juniper Security Advisories vom 2026-01-14", "url" : "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Receipt-of-specific-IS-IS-update-packet-causes-memory-leak-leading-to-RPD-crash-CVE-2026-21909" }, { "category" : "external", "summary" : "Juniper Security Advisories vom 2026-01-14", "url" : "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Unix-socket-used-to-control-the-jdhcpd-process-is-world-writable-CVE-2025-59961" }, { "category" : "external", "summary" : "Juniper Security Advisories vom 2026-01-14", "url" : "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Use-after-free-vulnerability-In-802-1X-authentication-daemon-can-cause-crash-of-the-dot1xd-process-CVE-2026-21908" }, { "category" : "external", "summary" : "Juniper Security Advisories vom 2026-01-14", "url" : "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-When-telemetry-collectors-are-frequently-subscribing-and-unsubscribing-to-sensors-chassisd-or-rpd-will-crash-CVE-2026-21921" }, { "category" : "external", "summary" : "Juniper Security Advisories vom 2026-01-14", "url" : "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-A-specifically-crafted-show-chassis-command-causes-chassisd-to-crash-CVE-2025-60007" }, { "category" : "external", "summary" : "Juniper Security Advisories vom 2026-01-14", "url" : "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-Evolved-A-Linux-kernel-vulnerability-in-the-HID-driver-allows-an-attacker-to-read-information-from-the-HID-Report-buffer-CVE-2024-50302" }, { "category" : "external", "summary" : "Juniper Security Advisories vom 2026-01-14", "url" : "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-Evolved-Flapping-management-interface-causes-MAC-learning-on-label-switched-interfaces-to-stop-CVE-2026-21911" }, { "category" : "external", "summary" : "Juniper Security Advisories vom 2026-01-14", "url" : "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-EX4000-A-high-volume-of-traffic-destinated-to-the-device-leads-to-a-crash-and-restart-CVE-2026-21913" }, { "category" : "external", "summary" : "Juniper Security Advisories vom 2026-01-14", "url" : "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-EX4k-Series-QFX5k-Series-In-an-EVPN-VXLAN-configuration-link-flaps-cause-Inter-VNI-traffic-drop-CVE-2026-21910" }, { "category" : "external", "summary" : "Juniper Security Advisories vom 2026-01-14", "url" : "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-MX10k-Series-show-system-firmware-CLI-command-may-lead-to-LC480-or-LC2101-line-card-reset-CVE-2026-21912" }, { "category" : "external", "summary" : "Juniper Security Advisories vom 2026-01-14", "url" : "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-Receipt-of-a-specifically-malformed-ICMP-packet-causes-an-FPC-restart-CVE-2026-0203" }, { "category" : "external", "summary" : "Juniper Security Advisories vom 2026-01-14", "url" : "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-SRX-and-MX-Series-When-TCP-packets-occur-in-a-specific-sequence-flowd-crashes-CVE-2026-21918" }, { "category" : "external", "summary" : "Juniper Security Advisories vom 2026-01-14", "url" : "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-SRX-Series-A-specifically-malformed-GTP-message-will-cause-an-FPC-crash-CVE-2026-21914" }, { "category" : "external", "summary" : "Juniper Security Advisories vom 2026-01-14", "url" : "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-SRX-Series-If-a-specific-request-is-processed-by-the-DNS-subsystem-flowd-will-crash-CVE-2026-21920" }, { "category" : "external", "summary" : "Juniper Security Advisories vom 2026-01-14", "url" : "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-SRX-Series-MX-Series-with-MX-SPC3-or-MS-MPC-Receipt-of-multiple-specific-SIP-messages-results-in-flow-management-process-crash-CVE-2026-21905" }, { "category" : "external", "summary" : "Juniper Security Advisories vom 2026-01-14", "url" : "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-SRX-Series-Specifically-malformed-SSL-packet-causes-FPC-crash-CVE-2026-21917" }, { "category" : "external", "summary" : "Juniper Security Advisories vom 2026-01-14", "url" : "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-SRX-Series-With-GRE-performance-acceleration-enabled-receipt-of-a-specific-ICMP-packet-causes-the-PFE-to-crash-CVE-2026-21906" }, { "category" : "external", "summary" : "Juniper Security Advisories vom 2026-01-14", "url" : "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-Subscribing-to-telemetry-sensors-at-scale-causes-all-FPCs-to-crash-CVE-2026-21903" }, { "category" : "external", "summary" : "Juniper Security Advisories vom 2026-01-14", "url" : "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-Space-TLS-SSL-server-supports-use-of-static-key-ciphers-ssl-static-key-ciphers-CVE-2026-21907" }, { "category" : "external", "summary" : "Juniper Security Advisories vom 2026-01-14", "url" : "https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Paragon-Automation-A-clickjacking-vulnerability-in-the-web-server-configuration-has-been-addressed-CVE-2025-52987" } ], "source_lang" : "en-US", "title" : "Juniper Junos OS, Junos Space: Mehrere Schwachstellen", "tracking" : { "current_release_date" : "2026-01-15T23:00:00.000+00:00", "generator" : { "date" : "2026-01-16T09:16:13.074+00:00", "engine" : { "name" : "BSI-WID", "version" : "1.5.0" } }, "id" : "WID-SEC-W-2026-0117", "initial_release_date" : "2026-01-14T23:00:00.000+00:00", "revision_history" : [ { "date" : "2026-01-14T23:00:00.000+00:00", "number" : "1", "summary" : "Initiale Fassung" }, { "date" : "2026-01-15T23:00:00.000+00:00", "number" : "2", "summary" : "Referenz(en) aufgenommen: EUVD-2026-2697, EUVD-2026-2689, EUVD-2026-2683, EUVD-2026-2700, EUVD-2026-2692, EUVD-2026-2681, EUVD-2026-2713, EUVD-2026-2703, EUVD-2026-2702, EUVD-2026-2685, EUVD-2026-2693, EUVD-2026-2696, EUVD-2026-2694, EUVD-2026-2682, EUVD-2026-2690, EUVD-2026-2688, EUVD-2026-2698, EUVD-2026-2687, EUVD-2026-2718, EUVD-2026-2705, EUVD-2026-2709, EUVD-2026-2712, EUVD-2026-2699" } ], "status" : "final", "version" : "2" } }, "product_tree" : { "branches" : [ { "branches" : [ { "branches" : [ { "category" : "product_version_range", "name" : "Paragon Automation (Pathfinder, Planner, Insights) <24.1.1", "product" : { "name" : "Juniper JUNOS Paragon Automation (Pathfinder, Planner, Insights) <24.1.1", "product_id" : "T049965" } }, { "category" : "product_version", "name" : "Paragon Automation (Pathfinder, Planner, Insights) 24.1.1", "product" : { "name" : "Juniper JUNOS Paragon Automation (Pathfinder, Planner, Insights) 24.1.1", "product_id" : "T049965-fixed", "product_identification_helper" : { "cpe" : "cpe:/o:juniper:junos:paragon_automation_%2528pathfinder_planner_insights%2529__24.1.1" } } }, { "category" : "product_version", "name" : "OS SRX Series", "product" : { "name" : "Juniper JUNOS OS SRX Series", "product_id" : "T049977", "product_identification_helper" : { "cpe" : "cpe:/o:juniper:junos:os_srx_series" } } }, { "category" : "product_version", "name" : "OS", "product" : { "name" : "Juniper JUNOS OS", "product_id" : "T049978", "product_identification_helper" : { "cpe" : "cpe:/o:juniper:junos:os" } } }, { "category" : "product_version", "name" : "OS Evolved", "product" : { "name" : "Juniper JUNOS OS Evolved", "product_id" : "T049979", "product_identification_helper" : { "cpe" : "cpe:/o:juniper:junos:os_evolved" } } }, { "category" : "product_version", "name" : "OS EX4000", "product" : { "name" : "Juniper JUNOS OS EX4000", "product_id" : "T049980", "product_identification_helper" : { "cpe" : "cpe:/o:juniper:junos:os_ex4000" } } }, { "category" : "product_version", "name" : "OS EX4k Series", "product" : { "name" : "Juniper JUNOS OS EX4k Series", "product_id" : "T049981", "product_identification_helper" : { "cpe" : "cpe:/o:juniper:junos:os_ex4k_series" } } }, { "category" : "product_version", "name" : "OS QFX5k", "product" : { "name" : "Juniper JUNOS OS QFX5k", "product_id" : "T049982", "product_identification_helper" : { "cpe" : "cpe:/o:juniper:junos:os_qfx5k" } } }, { "category" : "product_version", "name" : "OS MX10k Series", "product" : { "name" : "Juniper JUNOS OS MX10k Series", "product_id" : "T049983", "product_identification_helper" : { "cpe" : "cpe:/o:juniper:junos:os_mx10k_series" } } }, { "category" : "product_version", "name" : "OS SRX and MX Series", "product" : { "name" : "Juniper JUNOS OS SRX and MX Series", "product_id" : "T049984", "product_identification_helper" : { "cpe" : "cpe:/o:juniper:junos:os_srx_and_mx_series" } } }, { "category" : "product_version", "name" : "OS MX Series with MX-SPC3", "product" : { "name" : "Juniper JUNOS OS MX Series with MX-SPC3", "product_id" : "T049985", "product_identification_helper" : { "cpe" : "cpe:/o:juniper:junos:os_mx_series_with_mx-spc3" } } }, { "category" : "product_version", "name" : "OS MX Series with MS-MPC", "product" : { "name" : "Juniper JUNOS OS MX Series with MS-MPC", "product_id" : "T049986", "product_identification_helper" : { "cpe" : "cpe:/o:juniper:junos:os_mx_series_with_ms-mpc" } } } ], "category" : "product_name", "name" : "JUNOS" }, { "branches" : [ { "category" : "product_version_range", "name" : "<24.1R5", "product" : { "name" : "Juniper Junos Space <24.1R5", "product_id" : "T049987" } }, { "category" : "product_version", "name" : "24.1R5", "product" : { "name" : "Juniper Junos Space 24.1R5", "product_id" : "T049987-fixed", "product_identification_helper" : { "cpe" : "cpe:/a:juniper:junos_space:24.1r5" } } } ], "category" : "product_name", "name" : "Junos Space" } ], "category" : "vendor", "name" : "Juniper" } ] }, "vulnerabilities" : [ { "cve" : "CVE-2025-52987", "product_status" : { "known_affected" : [ "T049965" ] }, "release_date" : "2026-01-14T23:00:00.000+00:00", "title" : "CVE-2025-52987" }, { "cve" : "CVE-2026-21907", "product_status" : { "known_affected" : [ "T049987" ] }, "release_date" : "2026-01-14T23:00:00.000+00:00", "title" : "CVE-2026-21907" }, { "cve" : "CVE-2025-60007", "product_status" : { "known_affected" : [ "T049978" ] }, "release_date" : "2026-01-14T23:00:00.000+00:00", "title" : "CVE-2025-60007" }, { "cve" : "CVE-2026-0203", "product_status" : { "known_affected" : [ "T049978" ] }, "release_date" : "2026-01-14T23:00:00.000+00:00", "title" : "CVE-2026-0203" }, { "cve" : "CVE-2026-21903", "product_status" : { "known_affected" : [ "T049978" ] }, "release_date" : "2026-01-14T23:00:00.000+00:00", "title" : "CVE-2026-21903" }, { "cve" : "CVE-2026-21906", "product_status" : { "known_affected" : [ "T049977" ] }, "release_date" : "2026-01-14T23:00:00.000+00:00", "title" : "CVE-2026-21906" }, { "cve" : "CVE-2026-21914", "product_status" : { "known_affected" : [ "T049977" ] }, "release_date" : "2026-01-14T23:00:00.000+00:00", "title" : "CVE-2026-21914" }, { "cve" : "CVE-2026-21917", "product_status" : { "known_affected" : [ "T049977" ] }, "release_date" : "2026-01-14T23:00:00.000+00:00", "title" : "CVE-2026-21917" }, { "cve" : "CVE-2026-21920", "product_status" : { "known_affected" : [ "T049977" ] }, "release_date" : "2026-01-14T23:00:00.000+00:00", "title" : "CVE-2026-21920" }, { "cve" : "CVE-2025-59959", "product_status" : { "known_affected" : [ "T049979", "T049978" ] }, "release_date" : "2026-01-14T23:00:00.000+00:00", "title" : "CVE-2025-59959" }, { "cve" : "CVE-2025-59960", "product_status" : { "known_affected" : [ "T049979", "T049978" ] }, "release_date" : "2026-01-14T23:00:00.000+00:00", "title" : "CVE-2025-59960" }, { "cve" : "CVE-2025-59961", "product_status" : { "known_affected" : [ "T049979", "T049978" ] }, "release_date" : "2026-01-14T23:00:00.000+00:00", "title" : "CVE-2025-59961" }, { "cve" : "CVE-2025-60003", "product_status" : { "known_affected" : [ "T049979", "T049978" ] }, "release_date" : "2026-01-14T23:00:00.000+00:00", "title" : "CVE-2025-60003" }, { "cve" : "CVE-2025-60011", "product_status" : { "known_affected" : [ "T049979", "T049978" ] }, "release_date" : "2026-01-14T23:00:00.000+00:00", "title" : "CVE-2025-60011" }, { "cve" : "CVE-2026-21908", "product_status" : { "known_affected" : [ "T049979", "T049978" ] }, "release_date" : "2026-01-14T23:00:00.000+00:00", "title" : "CVE-2026-21908" }, { "cve" : "CVE-2026-21909", "product_status" : { "known_affected" : [ "T049979", "T049978" ] }, "release_date" : "2026-01-14T23:00:00.000+00:00", "title" : "CVE-2026-21909" }, { "cve" : "CVE-2026-21921", "product_status" : { "known_affected" : [ "T049979", "T049978" ] }, "release_date" : "2026-01-14T23:00:00.000+00:00", "title" : "CVE-2026-21921" }, { "cve" : "CVE-2024-50302", "product_status" : { "known_affected" : [ "T049979" ] }, "release_date" : "2026-01-14T23:00:00.000+00:00", "title" : "CVE-2024-50302" }, { "cve" : "CVE-2026-21911", "product_status" : { "known_affected" : [ "T049979" ] }, "release_date" : "2026-01-14T23:00:00.000+00:00", "title" : "CVE-2026-21911" }, { "cve" : "CVE-2026-21913", "product_status" : { "known_affected" : [ "T049980" ] }, "release_date" : "2026-01-14T23:00:00.000+00:00", "title" : "CVE-2026-21913" }, { "cve" : "CVE-2026-21910", "product_status" : { "known_affected" : [ "T049978", "T049982", "T049981" ] }, "release_date" : "2026-01-14T23:00:00.000+00:00", "title" : "CVE-2026-21910" }, { "cve" : "CVE-2026-21912", "product_status" : { "known_affected" : [ "T049978", "T049983" ] }, "release_date" : "2026-01-14T23:00:00.000+00:00", "title" : "CVE-2026-21912" }, { "cve" : "CVE-2026-21905", "product_status" : { "known_affected" : [ "T049978", "T049977", "T049965", "T049986", "T049985", "T049984" ] }, "release_date" : "2026-01-14T23:00:00.000+00:00", "title" : "CVE-2026-21905" }, { "cve" : "CVE-2026-21918", "product_status" : { "known_affected" : [ "T049978", "T049977", "T049965", "T049986", "T049985", "T049984" ] }, "release_date" : "2026-01-14T23:00:00.000+00:00", "title" : "CVE-2026-21918" } ] }