保安警报 (A26-01-09): Juniper Networks 产品多个漏洞

描述:

Juniper Networks 发布了安全公告，以应对 Junos OS、Junos OS Evolved、Junos Space、Paragon Automation 及 Policy Enforcer 的多个漏洞。有关漏洞的详细资料，请参阅供应商网站的相应安全公告。

受影响的系统:

• Juniper Networks Junos OS
• Juniper Networks Junos OS Evolved
• Juniper Networks Junos Space
• Juniper Networks Paragon Automation
• Juniper Networks Policy Enforcer

有关受影响系统的详细资料，请参阅供应商网站的相应安全公告。

影响:

成功利用漏洞可以导致受影响的系统发生远端执行程式码、服务被拒绝、权限提升、泄漏资讯、绕过保安限制、仿冒诈骗或篡改。

建议:

适用于受影响系统的修补程式已可获取。受影响系统的系统管理员应遵从产品供应商的建议，立即採取行动以降低风险。

进一步资讯:

• https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-MX10k-Series-show-system-firmware-CLI-command-may-lead-to-LC480-or-LC2101-line-card-reset-CVE-2026-21912
• https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-SRX-Series-Specifically-malformed-SSL-packet-causes-FPC-crash-CVE-2026-21917
• https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-A-specifically-crafted-show-chassis-command-causes-chassisd-to-crash-CVE-2025-60007
• https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-SRX-Series-If-a-specific-request-is-processed-by-the-DNS-subsystem-flowd-will-crash-CVE-2026-21920
• https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-SRX-Series-With-GRE-performance-acceleration-enabled-receipt-of-a-specific-ICMP-packet-causes-the-PFE-to-crash-CVE-2026-21906
• https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-Evolved-A-Linux-kernel-vulnerability-in-the-HID-driver-allows-an-attacker-to-read-information-from-the-HID-Report-buffer-CVE-2024-50302
• https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-Receipt-of-a-specifically-malformed-ICMP-packet-causes-an-FPC-restart-CVE-2026-0203
• https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-BGP-update-with-a-set-of-specific-attributes-causes-rpd-crash-CVE-2025-60003
• https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-Subscribing-to-telemetry-sensors-at-scale-causes-all-FPCs-to-crash-CVE-2026-21903
• https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-EX4k-Series-QFX5k-Series-In-an-EVPN-VXLAN-configuration-link-flaps-cause-Inter-VNI-traffic-drop-CVE-2026-21910
• https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Receipt-of-specific-IS-IS-update-packet-causes-memory-leak-leading-to-RPD-crash-CVE-2026-21909
• https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-DHCP-Option-82-messages-from-clients-being-passed-unmodified-to-the-DHCP-server-CVE-2025-59960
• https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-SRX-and-MX-Series-When-TCP-packets-occur-in-a-specific-sequence-flowd-crashes-CVE-2026-21918
• https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-When-telemetry-collectors-are-frequently-subscribing-and-unsubscribing-to-sensors-chassisd-or-rpd-will-crash-CVE-2026-21921
• https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Paragon-Automation-A-clickjacking-vulnerability-in-the-web-server-configuration-has-been-addressed-CVE-2025-52987
• https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-Evolved-Flapping-management-interface-causes-MAC-learning-on-label-switched-interfaces-to-stop-CVE-2026-21911
• https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Use-after-free-vulnerability-In-802-1X-authentication-daemon-can-cause-crash-of-the-dot1xd-process-CVE-2026-21908
• https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-SRX-Series-MX-Series-with-MX-SPC3-or-MS-MPC-Receipt-of-multiple-specific-SIP-messages-results-in-flow-management-process-crash-CVE-2026-21905
• https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Policy-Enforcer-Multiple-vulnerabilities-in-Python-resolved-in-24-1R3-release
• https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Unix-socket-used-to-control-the-jdhcpd-process-is-world-writable-CVE-2025-59961
• https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Executing-a-specific-show-command-leads-to-an-rpd-crash-CVE-2025-59959
• https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-24-1R5-release
• https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-Space-TLS-SSL-server-supports-use-of-static-key-ciphers-ssl-static-key-ciphers-CVE-2026-21907
• https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Optional-transitive-BGP-attribute-is-modified-before-propagation-to-peers-causing-sessions-to-flap-CVE-2025-60011
• https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-SRX-Series-A-specifically-malformed-GTP-message-will-cause-an-FPC-crash-CVE-2026-21914
• https://supportportal.juniper.net/s/article/2026-01-Security-Bulletin-Junos-OS-EX4000-A-high-volume-of-traffic-destinated-to-the-device-leads-to-a-crash-and-restart-CVE-2026-21913
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20107
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20907
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8492
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26116
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3177
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3733
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3737
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4189
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24834
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45061
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45145
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31228
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31449
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-46981
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50302
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47273
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-52987
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59959 (to CVE-2025-59961)
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60003
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60007
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-60011
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0203
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21903
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21905 (to CVE-2026-21914)
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21917 (to CVE-2026-21918)
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21920 (to CVE-2026-21921)