{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-33797", "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "state": "PUBLISHED", "assignerShortName": "juniper", "dateReserved": "2026-03-23T19:46:13.673Z", "datePublished": "2026-04-09T21:31:22.902Z", "dateUpdated": "2026-04-09T21:31:22.902Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Junos OS", "vendor": "Juniper Networks", "versions": [{"lessThan": "25.2R2", "status": "affected", "version": "25.2", "versionType": "semver"}, {"lessThan": "25.2R1", "status": "unaffected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "modules": ["bgp"], "product": "Junos OS Evolved", "vendor": "Juniper Networks", "versions": [{"lessThan": "25.2R2-EVO", "status": "affected", "version": "25.2", "versionType": "semver"}, {"lessThan": "25.2R1-EVO", "status": "unaffected", "version": "0", "versionType": "semver"}]}], "configurations": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<tt>&nbsp; [ protocols bgp group &lt;group&gt; neighbor ]</tt><br>"}], "value": "[ protocols bgp group <group> neighbor ]"}], "datePublic": "2026-04-08T16:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An Improper Input Validation vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker, sending a specific genuine BGP packet in an already established BGP session to reset only that session causing a Denial of Service (DoS).<br><br>An attacker repeatedly sending the packet will sustain the Denial of Service (DoS).<p>This issue affects Junos OS:</p><ul><li>25.2 versions before 25.2R2</li></ul>This issue doesn't not affected Junos OS versions before 25.2R1.<br><br>This issue affects Junos OS Evolved: <br><ul><li>25.2-EVO versions before 25.2R2-EVO</li></ul>This issue doesn't not affected Junos OS Evolved versions before 25.2R1-EVO.<br><br>eBGP and iBGP are affected.<br>IPv4 and IPv6 are affected.&nbsp;<br>"}], "value": "An Improper Input Validation vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker, sending a specific genuine BGP packet in an already established BGP session to reset only that session causing a Denial of Service (DoS).\n\nAn attacker repeatedly sending the packet will sustain the Denial of Service (DoS).This issue affects Junos OS:\n\n * 25.2 versions before 25.2R2\n\n\nThis issue doesn't not affected Junos OS versions before 25.2R1.\n\nThis issue affects Junos OS Evolved: \n * 25.2-EVO versions before 25.2R2-EVO\n\n\nThis issue doesn't not affected Junos OS Evolved versions before 25.2R1-EVO.\n\neBGP and iBGP are affected.\nIPv4 and IPv6 are affected."}], "exploits": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"cvssV4_0": {"Automatable": "YES", "Recovery": "AUTOMATIC", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "ADJACENT", "baseScore": 7.1, "baseSeverity": "HIGH", "privilegesRequired": "NONE", "providerUrgency": "GREEN", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:A/V:C/RE:M/U:Green", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "MODERATE"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper", "dateUpdated": "2026-04-09T21:31:22.902Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://kb.juniper.net/JSA107850"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The following software releases have been updated to resolve this specific issue:<br>Junos OS:&nbsp;25.2R2,&nbsp;25.4R1, and all subsequent releases.<br>Junos OS Evolved: 25.2R2-EVO, 25.4R1-EVO, and all subsequent releases."}], "value": "The following software releases have been updated to resolve this specific issue:\nJunos OS:\u00a025.2R2,\u00a025.4R1, and all subsequent releases.\nJunos OS Evolved: 25.2R2-EVO, 25.4R1-EVO, and all subsequent releases."}], "source": {"advisory": "JSA107850", "defect": ["1893316"], "discovery": "INTERNAL"}, "title": "Junos OS and Junos OS Evolved: An attacker sending a specific genuine BGP packet causes a BGP reset", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "There are no known workarounds for this issue.<br>"}], "value": "There are no known workarounds for this issue."}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An Improper Input Validation vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker, sending a specific genuine BGP packet in an already established BGP session to reset only that session causing a Denial of Service (DoS).\n\nAn attacker repeatedly sending the packet will sustain the Denial of Service (DoS).This issue affects Junos OS:\n\n * 25.2 versions before 25.2R2\n\n\nThis issue doesn't not affected Junos OS versions before 25.2R1.\n\nThis issue affects Junos OS Evolved: \n * 25.2-EVO versions before 25.2R2-EVO\n\n\nThis issue doesn't not affected Junos OS Evolved versions before 25.2R1-EVO.\n\neBGP and iBGP are affected.\nIPv4 and IPv6 are affected."}], "id": "CVE-2026-33797", "lastModified": "2026-04-09T22:16:29.547", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 4.0, "source": "sirt@juniper.net", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "YES", "Recovery": "AUTOMATIC", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "ADJACENT", "availabilityRequirement": "NOT_DEFINED", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "GREEN", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:C/RE:M/U:Green", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "MODERATE"}, "source": "sirt@juniper.net", "type": "Secondary"}]}, "published": "2026-04-09T22:16:29.547", "references": [{"source": "sirt@juniper.net", "url": "https://kb.juniper.net/JSA107850"}], "sourceIdentifier": "sirt@juniper.net", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "sirt@juniper.net", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[25.2,25.2R2)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[0,25.2R1)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Junos OS", "source": "cna", "vendor": "Juniper Networks"}, "product": "junos_os", "vendor": "juniper_networks"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[25.2,25.2R2-EVO)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[0,25.2R1-EVO)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Junos OS Evolved", "source": "cna", "vendor": "Juniper Networks"}, "product": "junos_os_evolved", "vendor": "juniper_networks"}], "analysis": {"en": {"generated_at": "2026-04-09T23:27:11.583043+00:00", "value": {"mitigation_remediation": ["Apply the latest Junos OS or Junos OS Evolved releases (25.2R2, 25.4R1, or later) that address this issue."], "summary": {"action": "Immediate Patch", "impact": "Denial of Service (DoS)"}, "threat_synthesis": {"affected_systems": "Juniper Networks Junos OS and Junos OS Evolved are impacted. For Junos OS the flaw exists in all releases prior to 25.2R2; the 25.2R2, 25.4R1, and all newer releases contain the fix. For Junos OS Evolved, the issue exists in all releases prior to 25.2R2-EVO; the 25.2R2-EVO, 25.4R1-EVO, and all later releases resolve the vulnerability. Both eBGP and iBGP sessions over IPv4 and IPv6 are affected; versions earlier than 25.2R1 (Junos OS) or 25.2R1-EVO (Junos OS Evolved) are not affected.", "description_and_impact": "This vulnerability is an improper input validation flaw that permits an unauthenticated adjacent attacker to send a specific genuine BGP packet into an established BGP session. The packet causes the router to reset that session, disrupting the exchange of routing information and resulting in a denial of service for all routes learned over the affected link. When the attacker repeats the injection, the outage can be sustained until the session is reestablished or the device is rebooted.", "risk_and_exploitability": "The CVSS score of 7.1 reflects moderate to high severity. Because the exploit requires only access to a pre\u2011established BGP session and no authentication, the threat is realistic for attackers who can become an adjacent BGP neighbor on the network. No exploit probability metric is available and the vulnerability is not listed in the CISA KEV catalog, but the lack of a workaround and the potential for widespread service interruption make the risk significant. Attackers can trigger repeated BGP resets to sustain a denial of service, compromising network reliability."}}}}, "created": "2026-04-10T08:37:01.350277+00:00", "updated": "2026-04-10T09:27:58.939698+00:00", "vendors": ["juniper_networks", "juniper_networks$PRODUCT$junos_os", "juniper_networks$PRODUCT$junos_os_evolved"]}