CVE-2026-21910
BaseFortify
Publication date: 2026-01-15
Last updated on: 2026-02-25
Assigner: Juniper Networks, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| juniper | junos | 21.4 |
| juniper | junos | 21.4 |
| juniper | junos | 21.4 |
| juniper | junos | 21.4 |
| juniper | junos | 21.4 |
| juniper | junos | 21.4 |
| juniper | junos | 21.4 |
| juniper | junos | 21.4 |
| juniper | junos | 21.4 |
| juniper | junos | 21.4 |
| juniper | junos | 22.4 |
| juniper | junos | 21.4 |
| juniper | junos | 22.4 |
| juniper | junos | 22.4 |
| juniper | junos | 22.4 |
| juniper | junos | 21.4 |
| juniper | junos | 23.2 |
| juniper | junos | 22.4 |
| juniper | junos | 21.4 |
| juniper | junos | 23.2 |
| juniper | junos | 22.4 |
| juniper | junos | 22.4 |
| juniper | junos | 22.4 |
| juniper | junos | 23.2 |
| juniper | junos | 23.2 |
| juniper | junos | 23.4 |
| juniper | junos | 21.4 |
| juniper | junos | 21.4 |
| juniper | junos | 23.4 |
| juniper | junos | 22.4 |
| juniper | junos | 22.4 |
| juniper | junos | 23.4 |
| juniper | junos | 23.2 |
| juniper | junos | 24.2 |
| juniper | junos | 24.2 |
| juniper | junos | to 21.4 (exc) |
| juniper | junos | 23.4 |
| juniper | junos | 21.4 |
| juniper | junos | 21.4 |
| juniper | junos | 22.4 |
| juniper | junos | 22.4 |
| juniper | junos | 22.4 |
| juniper | junos | 23.2 |
| juniper | junos | 23.2 |
| juniper | junos | 23.4 |
| juniper | junos | 23.4 |
| juniper | junos | 23.4 |
| juniper | junos | 23.4 |
| juniper | junos | 24.2 |
| juniper | junos | 24.2 |
| juniper | junos | 21.4 |
| juniper | junos | 21.4 |
| juniper | junos | 22.4 |
| juniper | junos | 22.4 |
| juniper | junos | 23.2 |
| juniper | junos | 23.2 |
| juniper | junos | 23.4 |
| juniper | junos | 24.2 |
| juniper | junos | 24.4 |
| juniper | junos | 24.4 |
| juniper | junos | 24.4 |
| juniper | junos | 24.4 |
| juniper | junos | 24.2 |
| juniper | junos | 24.2 |
| juniper | junos | 22.2 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-754 | The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an improper check for unusual or exceptional conditions in the packet forwarding engine of Juniper Networks Junos OS on EX4k and QFX5k Series platforms. It allows an unauthenticated network-adjacent attacker to cause an interface to flap, which leads to traffic between VXLAN Network Identifiers (VNIs) dropping. This results in a Denial of Service (DoS) condition. The issue occurs specifically in EVPN-VXLAN configurations using Link Aggregation Groups (LAG) when multiple load-balanced next-hop routes exist for the same destination. Service restoration requires restarting the affected FPC.
How can this vulnerability impact me? :
This vulnerability can cause a Denial of Service (DoS) by dropping traffic between VXLAN Network Identifiers (VNIs) when an attacker causes an interface to flap. This disrupts network communication on affected Juniper EX4k and QFX5k platforms configured with EVPN-VXLAN and Link Aggregation Groups, potentially impacting network availability and reliability until the affected FPC is restarted.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability immediately, you should restart the affected FPC using the command 'request chassis fpc restart slot <slot-number>'. Additionally, ensure your Junos OS version is updated to a fixed release version beyond the vulnerable ones listed.