目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1336 CNY

100%

CVE-2026-57028— Junos OS Evolved 意外暴露端口可导致攻击者访问

CVSS 7.3 · High EPSS 0.30% · P22
新しい脆弱性情報の通知を購読するログインして購読

I. CVE-2026-57028の基本情報

脆弱性情報

脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗

高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。

脆弱性タイトル
Junos OS Evolved: A port which has been inadvertently exposed can be reached by an attacker
ソース: NVD (National Vulnerability Database)
脆弱性説明
An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause license exhaustion. Due to an incorrect initialization, a process which should only be able to communicate internally within the device, can be reached over the network via an open port. This leads to unauthorized access to the license management. This issue affects all Junos OS Evolved versions before 23.2R2-EVO.
ソース: NVD (National Vulnerability Database)
CVSS情報
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
通信信道对预期端点的不适当限制
ソース: NVD (National Vulnerability Database)

影響を受ける製品

ベンダープロダクト影響を受けるバージョンCPE購読
Juniper NetworksJunos OS Evolved 0 ~ 23.2R2-EVO -

II. CVE-2026-57028の公開POC

#POC説明ソースリンクShenlongリンク
AI生成POCプレミアム

公開POCは見つかりませんでした。

ログインしてAI POCを生成

III. CVE-2026-57028のインテリジェンス情報

登录查看更多情报信息。

CVE-2026-57028 厂商安全公告 (1)

Same Patch Batch · Juniper Networks · 2026-07-09 · 22 CVEs total

CVE-2026-570267.5 HIGHJunos OS: MX Series with SPC3, SRX Series: Processing of a specifically malformed SIP invi
CVE-2026-570237.5 HIGHJunos OS: MX with SPC3, SRX Series: A specifically malformed TCP packet causes a flowd cra
CVE-2026-570326.5 MEDIUMJunos OS: EX Series: Subscribing to an unsupported telemetry sensor path causes fxpc proce
CVE-2026-338006.5 MEDIUMJunos OS: MX Series: In a VC scenario a high rate of micro-BFD session flaps will cause an
CVE-2026-338016.5 MEDIUMJunos OS and Junos OS Evolved: When a specifically malformed BGP route update is received
CVE-2026-570276.5 MEDIUMJunos OS: EX4100 Series, EX4400: With sFlow configured in a VC scenario multicast traffic
CVE-2026-338036.5 MEDIUMJunos OS Evolved: A port which has been inadvertently exposed can be reached by an attacke
CVE-2026-570196.5 MEDIUMJunos OS: MX Series: Specific traffic causes an FPC to reset
CVE-2026-570206.5 MEDIUMJunos OS: QFX10000 Series: IPv6 multicast traffic received on non-IRB interfaces causes a
CVE-2026-570225.9 MEDIUMJunos OS: MX Series with SPC3, SRX Series: Specific packet in response to a TCP connection
CVE-2026-337945.9 MEDIUMJunos OS Evolved: PTX Series: Receipt of repeated ECMP routing updates results in PFE cras
CVE-2026-570305.9 MEDIUMJunos OS: SRX Series: Flow sessions are not getting cleared leading to a DoS
CVE-2026-570545.8 MEDIUMJunos OS: MX Series: Web filtering doesn't block specifically formatted URLs
CVE-2026-570255.5 MEDIUMJunos OS and Junos OS Evolved: EX Series, QFX Series, MX Series: A specific 'show l2-learn
CVE-2026-338025.5 MEDIUMJunos OS: EX Series: Unauthorized users can execute service-impacting CLI command
CVE-2026-570215.3 MEDIUMJunos OS: SRX Series: If VPN compliance-check is configured an attacker can cause http-gk
CVE-2026-570245.3 MEDIUMJunos OS: MX with SPC3, SRX Series: Repeated VPN negotiation failures will eventually caus
CVE-2026-570295.3 MEDIUMJunos OS Evolved: QFX Series: When sFlow collector reachability changes evo-pfemand proces
CVE-2026-570314.7 MEDIUMJunos OS: MX Series: For subscribers configured on static interfaces, input filters are no
CVE-2026-219014.4 MEDIUMJunos OS and Junos OS Evolved: Configuration of a specific SSH option results in mgd crash

Showing 20 of 22 CVEs. View all on vendor page →

IV. 関連脆弱性

V. CVE-2026-57028へのコメント

まだコメントはありません


コメントを残す