Skip to main content

Juniper CVE-2026-33779

| EUVD-2026-21088 HIGH
Improper Following of a Certificate's Chain of Trust (CWE-296)
2026-04-09 juniper GHSA-9hcr-jp7m-44jv
Information Disclosure Juniper
8.3
CVSS 4.0
Share

CVSS VectorNVD

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:M/U:X
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

7
Re-analysis Queued
Apr 17, 2026 - 17:22 vuln.today
cvss_changed
Analysis Updated
Apr 16, 2026 - 05:59 EUVD-patch-fix
executive_summary
Re-analysis Queued
Apr 16, 2026 - 05:29 backfill_euvd_patch
patch_released
Patch available
Apr 16, 2026 - 05:29 EUVD
24.4R2-S2,25.2R1-S2,24.2R2-S3
EUVD ID Assigned
Apr 09, 2026 - 21:45 euvd
EUVD-2026-21088
Analysis Generated
Apr 09, 2026 - 21:45 vuln.today
CVE Published
Apr 09, 2026 - 21:30 nvd
HIGH 8.3

DescriptionNVD

An Improper Following of a Certificate's Chain of Trust vulnerability in J-Web of Juniper Networks Junos OS on SRX Series allows a PITM to intercept the communication of the device and get access to confidential information and potentially modify it.

When an SRX device is provisioned to connect to Security Director (SD) cloud, it doesn't perform sufficient verification of the received server certificate. This allows a PITM to intercept the communication between the SRX and SD cloud and access credentials and other sensitive information.

This issue affects Junos OS:

  • all versions before 22.4R3-S9,
  • 23.2 versions before 23.2R2-S6,
  • 23.4 versions before 23.4R2-S7,
  • 24.2 versions before 24.2R2-S3,
  • 24.4 versions before 24.4R2-S2,
  • 25.2 versions before 25.2R1-S2, 25.2R2.

AnalysisAI

Certificate chain validation bypass in Juniper Junos OS J-Web on SRX Series enables person-in-the-middle attackers to intercept Security Director cloud communications, exposing credentials and sensitive data. All SRX devices connecting to SD cloud fail to properly verify server certificates, allowing interception of authentication material and configuration data. …

Sign in for full analysis, threat intelligence, and remediation guidance.

RemediationAI

Within 24 hours: Identify all SRX Series devices in your environment and verify current Junos OS versions; cross-reference against affected versions (pre-22.4R3-S9, pre-23.2R2-S6, pre-23.4R2-S7, pre-24.2R2-S3, pre-24.4R2-S2, pre-25.2R1-S2/25.2R2). Within 7 days: Develop and test patching plan for affected devices; apply vendor-released patches to non-production SRX devices first. …

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

More from same product – last 7 days

CVE-2026-48687 CRITICAL
9.8 May 26

OS command injection in FastNetMon Community Edition (through 1.2.9) lets attacker-controlled input reach an unescaped e

Share

CVE-2026-33779 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy