Juniper Ex4400
25 CVEs affecting Juniper Ex4400. Latest disclosed: 2026-04-09. Critical: 1, High: 12.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-0211 | Critical | 10.0 | 2021-01-15 | An improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved Routing Protocol Daemon (RPD) service allows an attac… |
CVE-2024-39565 | High | 8.8 | 2024-07-10 | An Improper Neutralization of Data within XPath Expressions ('XPath Injection') vulnerability in J-Web shipped with Juniper Networks Junos OS allows an unauthe… |
CVE-2024-21620 | High | 8.8 | 2024-01-25 | An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and E… |
CVE-2021-0275 | High | 8.8 | 2021-04-22 | A Cross-site Scripting (XSS) vulnerability in J-Web on Juniper Networks Junos OS allows an attacker to target another user's session thereby gaining access to… |
CVE-2022-22221 | High | 7.8 | 2022-07-20 | An Improper Neutralization of Special Elements vulnerability in the download manager of Juniper Networks Junos OS on SRX Series and EX Series allows a locally… |
CVE-2025-30644 | High | 7.5 | 2025-04-09 | A Heap-based Buffer Overflow vulnerability in the flexible PIC concentrator (FPC) of Juniper Networks Junos OS on EX2300, EX3400, EX4100, EX4300, EX4300MP, EX4… |
CVE-2024-47497 | High | 7.5 | 2024-10-11 | An Uncontrolled Resource Consumption vulnerability in the http daemon (httpd) of Juniper Networks Junos OS on SRX Series, QFX Series, MX Series and EX Series a… |
CVE-2024-21595 | High | 7.5 | 2024-01-12 | An Improper Validation of Syntactic Correctness of Input vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows a network-bas… |
CVE-2023-44191 | High | 7.5 | 2023-10-13 | An Allocation of Resources Without Limits or Throttling vulnerability in Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause… |
CVE-2021-0285 | High | 7.5 | 2021-07-15 | An uncontrolled resource consumption vulnerability in Juniper Networks Junos OS on QFX5000 Series and EX4600 Series switches allows an attacker sending large a… |
CVE-2021-0261 | High | 7.5 | 2021-04-22 | A vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN (DVPN), Firewall Authentication Pass-Through with Web-Redirect, and Ca… |
CVE-2018-15504 | High | 7.5 | 2018-08-18 | An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. The server mishandles some HTTP request fields associated with time, which r… |
CVE-2021-0244 | High | 7.4 | 2021-04-22 | A signal handler race condition exists in the Layer 2 Address Learning Daemon (L2ALD) of Juniper Networks Junos OS due to the absence of a specific protection… |
CVE-2026-33781 | Medium | 6.5 | 2026-04-09 | An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on specific EX and QFX… |
CVE-2026-21910 | Medium | 6.5 | 2026-01-15 | An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on EX4k Series and QFX… |
CVE-2024-30388 | Medium | 6.5 | 2024-04-12 | An Improper Isolation or Compartmentalization vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on QFX5000 Series and EX Series… |
CVE-2023-44203 | Medium | 6.5 | 2023-10-13 | An Improper Check or Handling of Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on QFX5000 Series, EX… |
CVE-2021-0289 | Medium | 6.5 | 2021-07-15 | When user-defined ARP Policer is configured and applied on one or more Aggregated Ethernet (AE) interface units, a Time-of-check Time-of-use (TOCTOU) Race Cond… |
CVE-2026-33773 | Medium | 5.8 | 2026-04-09 | An Incorrect Initialization of Resource vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on specific EX Series and QFX Series d… |
CVE-2025-60007 | Medium | 5.5 | 2026-01-15 | A NULL Pointer Dereference vulnerability in the chassis daemon (chassisd) of Juniper Networks Junos OS on MX, SRX and EX Series allows a local attacker with lo… |