An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a limited information disclosure and availability impact to the device.
Due to a wrong initialization, a process which should only be able to communicate internally within the device can be reached over the network via an open port. This leads to a device being inadvertently exposed and increased CPU cycles spent processing ingress packets.
This issue affects Junos OS Evolved:
* all versions before 23.2R2-S7-EVO,
* 23.4 versions before 23.4R2-S8-EVO,
* 24.2 versions before 24.2R2-S5-EVO,
* 24.4 versions before 24.4R2-S4-EVO,
* 25.2 versions before 25.2R2-S1-EVO,
* 25.4 versions before 25.4R1-S2-EVO.
Metrics
Affected Vendors & Products
References
| Link | Providers |
|---|---|
| https://supportportal.juniper.net/JSA110078 |
|
History
Thu, 09 Jul 2026 22:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Juniper Networks
Juniper Networks junos Os Evolved |
|
| Vendors & Products |
Juniper Networks
Juniper Networks junos Os Evolved |
Thu, 09 Jul 2026 21:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a limited information disclosure and availability impact to the device. Due to a wrong initialization, a process which should only be able to communicate internally within the device can be reached over the network via an open port. This leads to a device being inadvertently exposed and increased CPU cycles spent processing ingress packets. This issue affects Junos OS Evolved: * all versions before 23.2R2-S7-EVO, * 23.4 versions before 23.4R2-S8-EVO, * 24.2 versions before 24.2R2-S5-EVO, * 24.4 versions before 24.4R2-S4-EVO, * 25.2 versions before 25.2R2-S1-EVO, * 25.4 versions before 25.4R1-S2-EVO. | |
| Title | Junos OS Evolved: A port which has been inadvertently exposed can be reached by an attacker | |
| Weaknesses | CWE-923 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: juniper
Published:
Updated: 2026-07-09T21:04:14.997Z
Reserved: 2026-03-23T19:46:13.674Z
Link: CVE-2026-33803
No data.
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-09T22:30:05Z