CVE-2026-33773

CWE-14194 documents4 sources
Severity
6.9MEDIUM
EPSS
0.0%
top 91.80%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Juniper Networks Junos OS
Timeline
PublishedApr 9
Latest updateApr 10

Description

An Incorrect Initialization of Resource vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on specific EX Series and QFX Series device allows an unauthenticated, network-based attacker to cause an integrity impact to downstream networks. When the same family inet or inet6 filter is applied on an IRB interface and on a physical interface as egress filter on EX4100, EX4400, EX4650 and QFX5120 devices, only one of the two filters will be applied, which can lead to tra

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N

Affected Packages1 packages

CVEListV5juniper_networks/junos_os23.4R2-S623.4R2-S7+1

🔴Vulnerability Details

3
VulDB
Juniper Junos OS up to 23.4R2-S6/24.2R2-S3 on EX4100 IRB Interface initialization of resource (JSA107815)2026-04-10
GHSA
GHSA-m7p5-cqg5-94p6: An Incorrect Initialization of Resource vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on specific EX Series and QFX2026-04-10
CVEList
Junos OS: EX Series, QFX Series: If the same egress filter is configured on both an IRB and a physical interface one of those is not applied2026-04-09
CVE-2026-33773 (MEDIUM CVSS 6.9) | An Incorrect Initialization of Reso | cvebase.io