CVE-2026-21917

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS on SRX Series versions 23.2R2-S2 through 23.2R2-S4 Juniper Networks Junos OS on SRX Series versions 23.4R2-S1 through 23.4R2-S4 Juniper Networks Junos OS on SRX Series versions prior to 24.2R2-S2 Juniper Networks Junos OS on SRX Series versions prior to 24.4R1-S3

Description An improper validation of syntactic correctness of input exists in the Web-Filtering module. This can allow an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). Specifically, if an SRX device configured for UTM Web-Filtering receives a malformed SSL packet, it can cause an FPC crash and restart.

Recommendations Upgrade to Junos OS version 23.2R2-S5 or later. Upgrade to Junos OS version 23.4R2-S5 or later. Upgrade to Junos OS version 24.2R2-S2 or later. Upgrade to Junos OS version 24.4R1-S3 or later.