Description
An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on EX4k Series and QFX5k Series platforms allows an unauthenticated network-adjacent attacker flapping an interface to cause traffic between VXLAN Network Identifiers (VNIs) to drop, leading to a Denial of Service (DoS).

On all EX4k and QFX5k platforms, a link flap in an

EVPN-VXLAN configuration Link Aggregation Group (LAG)
results in Inter-VNI traffic dropping when there are multiple load-balanced next-hop routes for the same destination.

This issue is only applicable to systems that support EVPN-VXLAN Virtual Port-Link Aggregation Groups (VPLAG), such as the QFX5110, QFX5120, QFX5200, EX4100, EX4300, EX4400, and EX4650.

Service can only be restored by restarting the affected FPC via the 'request chassis fpc restart slot <slot-number>' command.

This issue affects Junos OS

on EX4k and QFX5k Series: 



* all versions before 21.4R3-S12, 
* all versions of 22.2
* from 22.4 before 22.4R3-S8, 
* from 23.2 before 23.2R2-S5, 
* from 23.4 before 23.4R2-S5, 
* from 24.2 before 24.2R2-S3,
* from 24.4 before 24.4R2.
Published: 2026-01-15
Score: 7.1 High
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service via inter‑VNI traffic drop
Action: Immediate Patch
AI Analysis

Impact

An Improper Check for Unusual or Exceptional Conditions flaw in the packet forwarding engine of Juniper Networks Junos OS allows an unauthenticated network‑adjacent attacker to cause traffic between VXLAN Network Identifiers to drop with a simple interface flap. The resulting denial of service interrupts inter‑VNI communication, impacting network availability on affected chassis. This vulnerability is captured by CWE‑754, which denotes failure to validate exceptional conditions during forwarding logic.

Affected Systems

The flaw targets Juniper Networks Junos OS on EX4k Series and QFX5k Series platforms, specifically the QFX5110, QFX5120, QFX5200, EX4100, EX4300, EX4400, and EX4650 devices. All software versions before 21.4R3‑S12, the entirety of 22.2, versions of 22.4 up to 22.4R3‑S8, versions of 23.2 up to 23.2R2‑S5, versions of 23.4 up to 23.4R2‑S5, versions of 24.2 up to 24.2R2‑S3, and versions of 24.4 up to 24.4R2 are impacted.

Risk and Exploitability

The CVSS score of 7.1 indicates medium‑to‑high severity, but the EPSS score of less than 1% suggests a presently low exploitation probability. The vulnerability is not listed in the CISA KEV catalog. An unauthenticated network‑adjacent attacker can trigger the issue by flapping an interface without privileged credentials, leading to a denial of service. The vulnerability can be neutralised by restarting the affected Fabric Processing Card, but permanent mitigation requires upgrading to a release that contains the fix.

Generated by OpenCVE AI on April 18, 2026 at 19:57 UTC.

Remediation

Vendor Solution

The following software releases have been updated to resolve this specific issue: Junos OS 21.4R3-S12, 22.4R3-S8, 23.2R2-S5, 23.4R2-S5, 24.2R2-S3, 24.4R2, 25.2R1, and all subsequent releases.

Vendor Workaround

There are no known workarounds for this issue.

OpenCVE Recommended Actions

  • Apply a Juniper update to Junos OS 21.4R3‑S12 or any later release that includes the fix for this issue
  • If a patch cannot be applied immediately, temporarily restore services by restarting the affected Fabric Processing Card with the command 'request chassis fpc restart slot <slot-number>'
  • Avoid or limit interface flapping on EVPN‑VXLAN interfaces until the patch is applied

Generated by OpenCVE AI on April 18, 2026 at 19:57 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 25 Feb 2026 17:30:00 +0000

Type Values Removed Values Added
First Time appeared Juniper ex4000
Juniper ex4100-f
Juniper ex4100-h
Juniper ex4600
Juniper junos
Juniper qfx5130
Juniper qfx5210
Juniper qfx5220
Juniper qfx5230-64cd
Juniper qfx5240
Juniper qfx5241
Juniper qfx5700
CPEs cpe:2.3:h:juniper:ex4000:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:ex4100-f:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:ex4100-h:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:ex4100:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:ex4300:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:ex4400:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:ex4650:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:qfx5120:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:qfx5130:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:qfx5210:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:qfx5220:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:qfx5230-64cd:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:qfx5240:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:qfx5241:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:qfx5700:-:*:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:21.4:r3-s10:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:21.4:r3-s11:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:21.4:r3-s3:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:21.4:r3-s4:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:21.4:r3-s5:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:21.4:r3-s6:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:21.4:r3-s7:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:21.4:r3-s8:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:21.4:r3-s9:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:22.2:*:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:22.4:-:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:22.4:r1-s1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:22.4:r1-s2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:22.4:r2-s1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:22.4:r2-s2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:22.4:r2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:22.4:r3-s1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:22.4:r3-s2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:22.4:r3-s3:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:22.4:r3-s4:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:22.4:r3-s5:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:22.4:r3-s6:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:22.4:r3-s7:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:22.4:r3:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:23.2:-:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:23.2:r1-s1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:23.2:r1-s2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:23.2:r1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:23.2:r2-s1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:23.2:r2-s2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:23.2:r2-s3:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:23.2:r2-s4:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:23.2:r2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:23.4:-:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:23.4:r1-s1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:23.4:r1-s2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:23.4:r1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:23.4:r2-s1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:23.4:r2-s2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:23.4:r2-s3:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:23.4:r2-s4:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:23.4:r2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.2:-:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.2:r1-s1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.2:r1-s2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.2:r1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.2:r2-s1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.2:r2-s2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.2:r2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.4:-:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.4:r1-s2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.4:r1-s3:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.4:r1:*:*:*:*:*:*
Vendors & Products Juniper ex4000
Juniper ex4100-f
Juniper ex4100-h
Juniper ex4600
Juniper junos
Juniper qfx5130
Juniper qfx5210
Juniper qfx5220
Juniper qfx5230-64cd
Juniper qfx5240
Juniper qfx5241
Juniper qfx5700

Fri, 16 Jan 2026 14:15:00 +0000

Type Values Removed Values Added
First Time appeared Juniper
Juniper ex-series
Juniper ex4100
Juniper ex4300
Juniper ex4400
Juniper ex4650
Juniper junos Os
Juniper qfx5110
Juniper qfx5120
Juniper qfx5200
Juniper Networks
Juniper Networks junos Os
Vendors & Products Juniper
Juniper ex-series
Juniper ex4100
Juniper ex4300
Juniper ex4400
Juniper ex4650
Juniper junos Os
Juniper qfx5110
Juniper qfx5120
Juniper qfx5200
Juniper Networks
Juniper Networks junos Os

Thu, 15 Jan 2026 21:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 15 Jan 2026 20:30:00 +0000

Type Values Removed Values Added
Description An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on EX4k Series and QFX5k Series platforms allows an unauthenticated network-adjacent attacker flapping an interface to cause traffic between VXLAN Network Identifiers (VNIs) to drop, leading to a Denial of Service (DoS). On all EX4k and QFX5k platforms, a link flap in an EVPN-VXLAN configuration Link Aggregation Group (LAG) results in Inter-VNI traffic dropping when there are multiple load-balanced next-hop routes for the same destination. This issue is only applicable to systems that support EVPN-VXLAN Virtual Port-Link Aggregation Groups (VPLAG), such as the QFX5110, QFX5120, QFX5200, EX4100, EX4300, EX4400, and EX4650. Service can only be restored by restarting the affected FPC via the 'request chassis fpc restart slot <slot-number>' command. This issue affects Junos OS on EX4k and QFX5k Series:  * all versions before 21.4R3-S12,  * all versions of 22.2 * from 22.4 before 22.4R3-S8,  * from 23.2 before 23.2R2-S5,  * from 23.4 before 23.4R2-S5,  * from 24.2 before 24.2R2-S3, * from 24.4 before 24.4R2.
Title Junos OS: EX4k Series, QFX5k Series: In an EVPN-VXLAN configuration link flaps cause Inter-VNI traffic drop
Weaknesses CWE-754
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

cvssV4_0

{'score': 7.1, 'vector': 'CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:U/RE:M/U:Green'}

Subscriptions

Juniper Ex-series Ex4000 Ex4100 Ex4100-f Ex4100-h Ex4300 Ex4400 Ex4600 Ex4650 Junos Junos Os Qfx5110 Qfx5120 Qfx5130 Qfx5200 Qfx5210 Qfx5220 Qfx5230-64cd Qfx5240 Qfx5241 Qfx5700
Juniper Networks Junos Os
cve-icon MITRE

Status: PUBLISHED

Assigner: juniper

Published:

Updated: 2026-01-15T20:51:57.933Z

Reserved: 2026-01-05T17:32:48.710Z

Link: CVE-2026-21910

cve-icon Vulnrichment

Updated: 2026-01-15T20:51:54.771Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-15T21:16:06.920

Modified: 2026-02-25T17:17:44.337

Link: CVE-2026-21910

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T20:00:09Z

Weaknesses