CVE-2026-21914

{"id": "CVE-2026-21914", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "sirt@juniper.net", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}], "cvssMetricV40": [{"type": "Secondary", "source": "sirt@juniper.net", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "AUTOMATIC", "baseScore": 8.7, "Automatable": "YES", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:X/RE:M/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "MODERATE", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2026-01-15T21:16:07.700", "references": [{"url": "https://kb.juniper.net/JSA106015", "tags": ["Vendor Advisory"], "source": "sirt@juniper.net"}, {"url": "https://supportportal.juniper.net/JSA106015", "tags": ["Vendor Advisory"], "source": "sirt@juniper.net"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "sirt@juniper.net", "description": [{"lang": "en", "value": "CWE-667"}]}], "descriptions": [{"lang": "en", "value": "An Improper Locking vulnerability in the GTP plugin of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (Dos).\n\nIf an SRX Series device receives a specifically malformed GPRS Tunnelling Protocol (GTP) Modify Bearer Request message, a lock is acquired and never released. This results in other threads not being able to acquire a lock themselves, causing a watchdog timeout leading to FPC crash and restart. This issue leads to a complete traffic outage until the device has automatically recovered.\n\nThis issue affects Junos OS on SRX Series:\n\n * all versions before 22.4R3-S8,\n * 23.2 versions before 23.2R2-S5,\n * 23.4 versions before 23.4R2-S6,\n * 24.2 versions before 24.2R2-S3,\n * 24.4 versions before 24.4R2-S2,\n * 25.2 versions before 25.2R1-S1, 25.2R2."}], "lastModified": "2026-01-23T19:41:03.710", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "57F66641-003B-49D6-A9B9-AB300CFE3C93", "versionEndExcluding": "22.4"}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1379EF30-AF04-4F98-8328-52A631F24737"}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "28E42A41-7965-456B-B0AF-9D3229CE4D4C"}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CB1A77D6-D3AD-481B-979C-8F778530B175"}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3A064B6B-A99B-4D8D-A62D-B00C7870BC30"}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "40813417-A938-4F74-A419-8C5188A35486"}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7FC1BA1A-DF0E-4B15-86BA-24C60E546732"}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EBB967BF-3495-476D-839A-9DBFCBE69F91"}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7E5688D6-DCA4-4550-9CD1-A3D792252129"}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8494546C-00EA-49B6-B6FA-FDE42CA5B1FA"}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8BB98579-FA33-4E41-A162-A46E9709FBD3"}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "08E2562F-FB18-4347-8497-7D61B8157EBB"}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "494D1D96-1DA2-4B0A-9536-1B5A4FDFCA09"}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "60A1E37B-1990-44D9-87FE-300678243BE2"}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D306ED88-8700-4FD4-8919-3C85728C04C3"}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "11340C63-A638-420C-85C9-1B4438C88D52"}, {"criteria": "cpe:2.3:o:juniper:junos:23.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1A78CC80-E8B1-4CDA-BB35-A61833657FA7"}, {"criteria": "cpe:2.3:o:juniper:junos:23.2:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4B3B2FE1-C228-46BE-AC76-70C2687050AE"}, {"criteria": "cpe:2.3:o:juniper:junos:23.2:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1B16FF0-900F-4AEE-B670-A537139F6909"}, {"criteria": "cpe:2.3:o:juniper:junos:23.2:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B227E831-30FF-4BE1-B8B2-31829A5610A6"}, {"criteria": "cpe:2.3:o:juniper:junos:23.2:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1ADA814B-EF98-45B1-AF7A-0C89688F7CA5"}, {"criteria": "cpe:2.3:o:juniper:junos:23.2:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A6FB32DF-D062-4FB9-8777-452978BEC7B7"}, {"criteria": "cpe:2.3:o:juniper:junos:23.2:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B3B6C811-5C10-4486-849D-5559B592350A"}, {"criteria": "cpe:2.3:o:juniper:junos:23.2:r2-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "078D61B9-A228-453C-9D20-6F9C6B20637F"}, {"criteria": "cpe:2.3:o:juniper:junos:23.2:r2-s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1F136A0-021D-43FE-BDD3-AD7201F7FC03"}, {"criteria": "cpe:2.3:o:juniper:junos:23.4:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "78481ABC-3620-410D-BC78-334657E0BB75"}, {"criteria": "cpe:2.3:o:juniper:junos:23.4:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BE8A5BA3-87BD-473A-B229-2AAB2C797005"}, {"criteria": "cpe:2.3:o:juniper:junos:23.4:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8B74AC3E-8FC9-400A-A176-4F7F21F10756"}, {"criteria": "cpe:2.3:o:juniper:junos:23.4:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CB2D1FCE-8019-4CE1-BA45-D62F91AF7B51"}, {"criteria": "cpe:2.3:o:juniper:junos:23.4:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "175CCB13-76C0-44A4-A71D-41E22B92EB23"}, {"criteria": "cpe:2.3:o:juniper:junos:23.4:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "166BFDB3-1945-4949-BC2B-E18442FF2E4D"}, {"criteria": "cpe:2.3:o:juniper:junos:23.4:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5923610F-878C-48CA-8B5D-9C609E4DD4DB"}, {"criteria": "cpe:2.3:o:juniper:junos:23.4:r2-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A7C207E3-0252-4192-8E8C-E2ED2831B4F4"}, {"criteria": "cpe:2.3:o:juniper:junos:23.4:r2-s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E6974492-FE69-4340-8881-61C3329C1545"}, {"criteria": "cpe:2.3:o:juniper:junos:23.4:r2-s5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "279E59FE-96DF-4E1D-A3A2-61D180F04533"}, {"criteria": "cpe:2.3:o:juniper:junos:24.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "89524D6D-0B22-4952-AD8E-8072C5A05D5C"}, {"criteria": "cpe:2.3:o:juniper:junos:24.2:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD69A194-1B03-44EA-8092-79BD10C6F729"}, {"criteria": "cpe:2.3:o:juniper:junos:24.2:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8463ADB4-B8A7-4D63-97A9-232ED713A21C"}, {"criteria": "cpe:2.3:o:juniper:junos:24.2:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE68337F-106E-4317-A5B6-292B0159F577"}, {"criteria": "cpe:2.3:o:juniper:junos:24.2:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "266B520A-482A-43F7-90F8-B9D64D30034F"}, {"criteria": "cpe:2.3:o:juniper:junos:24.2:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AC78BC9E-5DA7-4E42-9923-B49A0B7F3564"}, {"criteria": "cpe:2.3:o:juniper:junos:24.2:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD99F1B0-82B0-4CD3-8C8F-C0FFF44A8B90"}, {"criteria": "cpe:2.3:o:juniper:junos:24.4:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C452BDCB-34E3-42D3-8909-2312356EB70A"}, {"criteria": "cpe:2.3:o:juniper:junos:24.4:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2B8158F2-2028-40E9-955F-CFD581A32F60"}, {"criteria": "cpe:2.3:o:juniper:junos:24.4:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1A7233A1-EC7A-4458-9AE1-835480A03A21"}, {"criteria": "cpe:2.3:o:juniper:junos:24.4:r1-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D74087E2-5CAA-4085-8408-EB70EC1D5D91"}, {"criteria": "cpe:2.3:o:juniper:junos:24.4:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0EEF1798-F3C2-4645-96E7-1E82368B184D"}, {"criteria": "cpe:2.3:o:juniper:junos:24.4:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C8BB5EE1-04C7-4DF3-807A-06005ECFEEE5"}, {"criteria": "cpe:2.3:o:juniper:junos:25.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1B7572BB-9C77-4214-9C5F-CC83C7B93E37"}, {"criteria": "cpe:2.3:o:juniper:junos:25.2:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CAADBF98-38BE-40E2-AF1B-9077DCED0809"}, {"criteria": "cpe:2.3:o:juniper:junos:25.2:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6C7B9DEB-7472-4010-8717-8050555C2FAD"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B"}, {"criteria": "cpe:2.3:h:juniper:srx1600:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4AE06B18-BFB5-4029-A05D-386CFBFBF683"}, {"criteria": "cpe:2.3:h:juniper:srx2300:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "48A1DCCD-208C-46D9-8E14-89592B49AB9A"}, {"criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A"}, {"criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78"}, {"criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA"}, {"criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5"}, {"criteria": "cpe:2.3:h:juniper:srx380:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2305DA9D-E6BA-48F4-80CF-9E2DE7661B2F"}, {"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7"}, {"criteria": "cpe:2.3:h:juniper:srx4120:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E5942B6E-AFC7-40E4-8007-68C804BD52E3"}, {"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9"}, {"criteria": "cpe:2.3:h:juniper:srx4300:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "826F893F-7B06-43B5-8653-A8D9794C052E"}, {"criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA"}, {"criteria": "cpe:2.3:h:juniper:srx4700:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "462CFD52-D3E2-4F7A-98AC-C589D2420556"}, {"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1"}, {"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710"}, {"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "sirt@juniper.net"}