Home

Description

An Improper Input Validation vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker, sending a specific genuine BGP packet in an already established BGP session to reset only that session causing a Denial of Service (DoS). An attacker repeatedly sending the packet will sustain the Denial of Service (DoS).This issue affects Junos OS: * 25.2 versions before 25.2R2 This issue does not affect Junos OS versions before 25.2R1. This issue affects Junos OS Evolved: * 25.2-EVO versions before 25.2R2-EVO This issue does not affect Junos OS Evolved versions before 25.2R1-EVO. eBGP and iBGP are affected. IPv4 and IPv6 are affected.

PUBLISHED Reserved 2026-03-23 | Published 2026-04-09 | Updated 2026-04-23 | Assigner juniper




HIGH: 7.4CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

HIGH: 7.1CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:A/V:C/RE:M/U:Green

Problem types

CWE-20 Improper Input Validation

Product status

Default status
unaffected

25.2 (semver) before 25.2R2
affected

Any version before 25.2R1
unaffected

Default status
unaffected

25.2 (semver) before 25.2R2-EVO
affected

Any version before 25.2R1-EVO
unaffected

References

kb.juniper.net/JSA107850 vendor-advisory

supportportal.juniper.net/JSA107850 vendor-advisory

cve.org (CVE-2026-33797)

nvd.nist.gov (CVE-2026-33797)

Download JSON