216.73.217.50

CVE-2026-33797

· Published 09/04/2026 22:16 · Modified 09/04/2026 22:16

Labels: CVE-2026-33797 2026-04-09CVE-2026-33797CWE-20[email protected]

Essential information

Published
09/04/2026 22:16
Modified
09/04/2026 22:16
Author
Creator
CVSS
7.1 HIGH (v3) 7.1 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

An Improper Input Validation vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker, sending a specific genuine BGP packet in an already established BGP session to reset only that session causing a Denial of Service (DoS). An attacker repeatedly sending the packet will sustain the Denial of Service (DoS).This issue affects Junos OS: * 25.2 versions before 25.2R2 This issue doesn't not affected Junos OS versions before 25.2R1. This issue affects Junos OS Evolved: * 25.2-EVO versions before 25.2R2-EVO This issue doesn't not affected Junos OS Evolved versions before 25.2R1-EVO. eBGP and iBGP are affected. IPv4 and IPv6 are affected.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
juniper / junos os cpe:2.3:a:juniper:junos_os:<25.2R2:*:*:*:*:*:*:*
juniper / junos os evolved cpe:2.3:a:juniper:junos_os_evolved:<25.2R2-EVO:*:*:*:*:*:*:*

References