CVE-2026-21907
published 2026-01-15CVE-2026-21907: A Use of a Broken or Risky Cryptographic Algorithm vulnerability in the TLS/SSL server of Juniper Networks Junos Space allows the use of static key ciphers…
high8.2CVSS 4.0
AVNACLATPPRNUINVCHVINVANSCLSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUYRXVXREMUGreen
A Use of a Broken or Risky Cryptographic Algorithm vulnerability in the TLS/SSL server of Juniper Networks Junos Space allows the use of static key ciphers (ssl-static-key-ciphers), reducing the confidentiality of on-path traffic communicated across the connection. These ciphers also do not support Perfect Forward Secrecy (PFS), affecting the long-term confidentiality of encrypted communications.This issue affects all versions of Junos Space before 24.1R5.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| juniper | junos_os | — | — |
| juniper | junos_space | < 24.1 | 24.1 |
| juniper | junos_space | — | — |
| juniper | junos_space | — | — |
| juniper_networks | junos_space | < 24.1R5 | 24.1R5 |