What is the severity of CVE-2026-21917?

CVE-2026-21917 has a CVSS v3 score of 7.5, which is classified as High severity.

Is there an exploit available for CVE-2026-21917?

No known public exploits are currently available for CVE-2026-21917.

Is there a patch available for CVE-2026-21917?

Yes, patches are available for CVE-2026-21917. Check the vendor advisories for update instructions.

CVE-2026-21917 - CVE Details, Severity, and Analysis

CVE-2026-21917 - CVE Details, Severity, and Analysis | Strobes VI

Severity Scores

CVSS v37.5

CVSS v20.0

Priority Score386.0

EPSS Score0.0

High

Exploitation LikelihoodMinimal

0.00%EPSS

Very low probability of exploitation

Monitor and patch as resources allow

0.00%

EPSS

7.5

CVSS

Exploit

Yes

Patch

Low Priority

no major risk factors

EPSS predicts the probability of exploitation in the next 30 days based on real-world threat data, complementing CVSS severity scores with actual risk assessment.

Description

An Improper Validation of Syntactic Correctness of Input vulnerability in the Web-Filtering module of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).

If an SRX device configured for UTM Web-Filtering receives a specifically malformed SSL packet, this will cause an FPC crash and restart. This issue affects Junos OS on SRX Series:

23.2 versions from 23.2R2-S2 before 23.2R2-S5,
23.4 versions from 23.4R2-S1 before 23.4R2-S5,
24.2 versions before 24.2R2-S2,
24.4 versions before 24.4R1-S3, 24.4R2.

Earlier versions of Junos are also affected, but no fix is available.

CVSS v3 Breakdown

Attack Vector:Network

Attack Complexity:Local

Privileges Required:Network

User Interaction:Network

Scope:Unchanged

Confidentiality:Network

Integrity:Network

Availability:High

Patch References

[email protected][email protected]

Trend Analysis

Neutral

Vulnerable Products

Vendor	Product
Juniper	Junos
Juniper