CVE-2026-21917

CWE-12864 documents4 sources
Severity
8.7HIGH
EPSS
0.0%
top 89.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper Networks Junos OSJuniper Junos
Timeline
PublishedJan 15

Description

An Improper Validation of Syntactic Correctness of Input vulnerability in the Web-Filtering module of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). If an SRX device configured for UTM Web-Filtering receives a specifically malformed SSL packet, this will cause an FPC crash and restart. This issue affects Junos OS on SRX Series: * 23.2 versions from 23.2R2-S2 before 23.2R2-S5, * 23.4 versions from 23.4R2-S1 before 2

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L

Affected Packages2 packages

CVEListV5juniper_networks/junos_os23.2R2-S223.2R2-S5+3
NVDjuniper/junos4 versions+3

🔴Vulnerability Details

2
GHSA
GHSA-hq5p-jr85-6779: An Improper Validation of Syntactic Correctness of Input vulnerability in the Web-Filtering module of Juniper Networks Junos OS on SRX Series allows a2026-01-15
CVEList
Junos OS: SRX Series: Specifically malformed SSL packet causes FPC crash2026-01-15

📋Vendor Advisories

1
Juniper
CVE-2026-21917: An Improper Validation of Syntactic Correctness of Input vulnerability in the Web-Filtering module of Juniper Networks Junos OS on SRX Series allows a2026-01-15
CVE-2026-21917 (HIGH CVSS 8.7) | An Improper Validation of Syntactic | cvebase.io