CVE-2026-57028

HIGH

Junos OS Evolved: A port which has been inadvertently exposed can be reached by an attacker

Title source: cna
STIX 2.1

Description

An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause license exhaustion. Due to an incorrect initialization, a process which should only be able to communicate internally within the device, can be reached over the network via an open port. This leads to unauthorized access to the license management. This issue affects all Junos OS Evolved versions before 23.2R2-EVO.

References (1)

Core 1
Core References
Vendor Advisory vendor-advisory
https://supportportal.juniper.net/JSA110088

Scores

CVSS v3 7.3
EPSS 0.0030
EPSS Percentile 21.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-923
Status published
Products (3)
juniper/junos_os_evolved 23.2 (4 CPE variants)
juniper/junos_os_evolved < 23.2
Juniper Networks/Junos OS Evolved < 23.2R2-EVO
Published Jul 09, 2026
Tracked Since Jul 10, 2026