CVE-2026-33802
Severity CVSS v4.0:
MEDIUM
Type:
Unavailable / Other
Publication date:
09/07/2026
Last modified:
10/07/2026
Description
A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS on EX Series allows a local, authenticated attacker to cause a Denial-of-Service (DoS).<br />
<br />
<br />
<br />
On EX2300, EX4000, EX4100, EX4300-MP (Multigigabit) and EX4400 switches, an authenticated, local attacker with no specific permissions or class can execute a specific, privileged CLI &#39;request&#39; command which will cause complete traffic impact until the system automatically recovers.<br />
<br />
This issue affects Junos OS on EX2300, EX4000, EX4100, EX4300-MP (Multigigabit) and EX4400:<br />
<br />
<br />
* 23.2R2 versions before 23.2R2-S6,<br />
* 23.4 versions before 23.4R2-S8,<br />
* 24.2 versions before 24.2R2-S4,<br />
* 24.4 versions before 24.4R2-S3,<br />
* 25.2 versions before 25.2R2,<br />
* 25.4 versions before 25.4R1-S1.
Impact
Base Score 4.0
6.80
Severity 4.0
MEDIUM
Base Score 3.x
5.50
Severity 3.x
MEDIUM



