CVE-2026-21907
BaseFortify
Publication date: 2026-01-15
Last updated on: 2026-01-15
Assigner: Juniper Networks, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| juniper_networks | junos_space | to 24.1R5 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-327 | The product uses a broken or risky cryptographic algorithm or protocol. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves the use of static key ciphers in the TLS/SSL server of Juniper Networks Junos Space. These static key ciphers reduce the confidentiality of traffic because they do not support Perfect Forward Secrecy (PFS), which means that if the static key is compromised, past communications can be decrypted. This affects the security of encrypted communications by making them more vulnerable to interception and decryption.
How can this vulnerability impact me? :
The vulnerability can impact you by reducing the confidentiality of your encrypted communications. Since static key ciphers do not support Perfect Forward Secrecy, an attacker who obtains the static key could decrypt past traffic, leading to potential exposure of sensitive information transmitted over the network.