COOEY // HUBcompliance · community · intelligence

FAIL › dossier

Juniper Networks company FedRAMP market

FedRAMP provider ·

8
failure events
0
zero-days
2
RCEs
8
on KEV
0
critical
65
worst shame

Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.

Failure history 8 events

DateEventSevFlagsShameSummary
2025-03-13 CVE-2025-21590 high ⚡RCE ⌖KEV 65 Juniper Junos OS contains an improper isolation or compartmentalization vulnerability. This vulnerability could allows a local attacker with high privileges to inject arbitrary code.
2022-03-25 CVE-2020-1631 high ⚡RCE ⌖KEV 65 A path traversal vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN (DVPN), Firewall Authentication Pass-Through with Web-Redirect, and Zero Touch Provisioning (ZTP) allows an unauthenticated attacker to perform remote code execution.
2025-10-02 CVE-2015-7755 high ⌖KEV 50 Juniper ScreenOS contains an improper authentication vulnerability that could allow unauthorized remote administrative access to the device.
2023-11-13 CVE-2023-36846 high ⌖KEV 50 Juniper Junos OS on SRX Series contains a missing authentication for critical function vulnerability that allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to user.php that doesn't require authenticatio
2023-11-13 CVE-2023-36847 high ⌖KEV 50 Juniper Junos OS on EX Series contains a missing authentication for critical function vulnerability that allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to installAppPackage.php that doesn't require a
2023-11-13 CVE-2023-36844 high ⌖KEV 50 Juniper Junos OS on EX Series contains a PHP external variable modification vulnerability that allows an unauthenticated, network-based attacker to control certain, important environment variables. Using a crafted request an attacker is able to modify certain PHP environment vari
2023-11-13 CVE-2023-36845 high ⌖KEV 50 Juniper Junos OS on EX Series and SRX Series contains a PHP external variable modification vulnerability that allows an unauthenticated, network-based attacker to control an important environment variable. Using a crafted request, which sets the variable PHPRC, an attacker is abl
2023-11-13 CVE-2023-36851 high ⌖KEV 50 Juniper Junos OS on SRX Series contains a missing authentication for critical function vulnerability that allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to webauth_operation.php that doesn't require

FedRAMP catalog products 1

ProductStatusImpact
Juniper Mist In Process Moderate