Back to overview

CVE-2026-57022

MEDIUM
5.9
CVSS 3.1
Description
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX with SPC3 and SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). When an affected device initiates a TCP connection to an attacker-controlled system that responds with a specific packet, this causes a PFE crash and restart, which affects all services until the system has automatically recovered. This issue can happen among others in the following scenarios: ALG, SSL proxy, UTM, RTLOG, AppQoE probing, AAMW, ICAP, URL filtering. This issue affects Junos OS on MX Series with SPC3, SRX5k Series with SPC3, SRX1600 Series, SRX2300 Series, SRX4000 Series, and vSRX Series: * all versions before 23.2R2-S4, * 23.4 versions before 23.4R2-S5, * 24.2 versions before 24.2R2.

Metadata

CVE ID
CVE-2026-57022
State
PUBLISHED
Assigner
juniper
Reserved
2026-06-23 16:27 UTC
Published
2026-07-09 21:06 UTC
Last updated
2026-07-09 21:06 UTC
Primary CWE
CWE-754
CWE-754 Improper Check for Unusual or Exceptional Conditions
Vendor / Product
Juniper Networks / Junos OS
Sources
cve.org  ·  NVD

Severity & Metrics

5.9 MEDIUM CVSS 3.1
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected products (1)
VendorProductPlatformVersions
Juniper Networks Junos OS MX Series with SPC3,SRX5k Series with SPC3,SRX1600 Series,SRX2300 Series,SRX4000 Series,vSRX Series 0 < 23.2R2-S4, 23.4 < 23.4R2-S5, 24.2 < 24.2R2
Weakness (CWE)
CWESourceDescription
CWE-754 cna CWE-754 Improper Check for Unusual or Exceptional Conditions
CVSS scores (2)
ScoreSeverityVersionSourceVector
8.2 HIGH 4.0 cna CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/R:A/RE:M
5.9 MEDIUM 3.1 cna CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Back to overview