CNNVD-202601-2538 Information
CNNVD ID
CNNVD-202601-2538
Related CVE
- CNNVD Published: 2026-01-15
Description (Chinese)
Juniper Networks Junos OS和Juniper Networks Junos OS Evolved都是美国瞻博网络(Juniper Networks)公司的产品。Juniper Networks Junos OS是一套专用于该公司的硬件设备的网络操作系统。该操作系统提供了安全编程接口和Junos SDK。Juniper Networks Junos OS Evolved是Junos OS 的升级版系统。 Juniper Networks Junos OS和Juniper Networks Junos OS Evolved存在资源管理错误漏洞,该漏洞源于802.1X身份验证守护进程存在释放后重用,可能导致拒绝服务或执行任意代码。以下版本受到影响:Juniper Networks Junos OS 23.2R2-S5之前版本、23.4R2-S6之前版本、24.2R2-S3之前版本、24.4R2-S1之前版本、25.2R1-S2和25.2R2之前版本和Junos OS Evolved 23.2R2-S5-EVO之前版本、23.4R2-S6-EVO之前版本、24.2R2-S3-EVO之前版本、24.4R2-S1-EVO之前版本、25.2R1-S2-EVO和25.2R2-EVO之前版本。
Description (English)
Juniper Networks Junos OS and Juniper Networks Junos OS Evolved are products of Juniper Networks. Juniper Networks Junos OS is a network operating system dedicated to the hardware equipment of the company. The operating system provides a security programming interface and Junos SDK. Juniper Networks Junos OS Evolved is an upgraded Junos OS system. There is a resource management error gap between Junos OS and Juniper Networks OS Evolved, which stems from the re-use of 802.1X identification daemonies after their release, which may lead to the denial of services or the enforcement of arbitrary codes. The following versions were affected: Juniper Networks Junos OS 23.2R2-S5, 23.4R2-S6, 24.2R2-S3, 24.4R2-S1, 25.2R1-S2 and 25.2R2 and 23.2R2-S5-EVO, 23.4R2-S6-EVO, 24.2R2-S3-EVO, 24.4R2-S1-EVO, 25.2R1-S2-EVO and 25.2R2-EVO.
Hazard Level
Medium
Vulnerability Type
资源管理错误
Affected Vendor
瞻博网络
Published
2026-01-15
Last Modified
2026-02-24
References
https://kb.juniper.net/JSA106007 https://supportportal.juniper.net/JSA106007