Vulnerability Details CVE-2026-21907
A Use of a Broken or Risky Cryptographic Algorithm vulnerability in the TLS/SSL server of Juniper Networks Junos Space allows the use of static key ciphers (ssl-static-key-ciphers), reducing the confidentiality of on-path traffic communicated across the connection. These ciphers also do not support Perfect Forward Secrecy (PFS), affecting the long-term confidentiality of encrypted communications.This issue affects all versions of Junos Space before 24.1R5.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 3.3%
CVSS Severity
CVSS v3 Score 5.9
Products affected by CVE-2026-21907
-
cpe:2.3:a:juniper:junos_space:-
-
cpe:2.3:a:juniper:junos_space:1.0
-
cpe:2.3:a:juniper:junos_space:1.1
-
cpe:2.3:a:juniper:junos_space:1.2
-
cpe:2.3:a:juniper:junos_space:1.3
-
cpe:2.3:a:juniper:junos_space:1.4
-
cpe:2.3:a:juniper:junos_space:11.1
-
cpe:2.3:a:juniper:junos_space:11.2
-
cpe:2.3:a:juniper:junos_space:11.3
-
cpe:2.3:a:juniper:junos_space:11.4
-
cpe:2.3:a:juniper:junos_space:12.1
-
cpe:2.3:a:juniper:junos_space:12.2
-
cpe:2.3:a:juniper:junos_space:12.3
-
cpe:2.3:a:juniper:junos_space:13.1
-
cpe:2.3:a:juniper:junos_space:13.3
-
cpe:2.3:a:juniper:junos_space:14.1
-
cpe:2.3:a:juniper:junos_space:15.1
-
cpe:2.3:a:juniper:junos_space:15.2
-
cpe:2.3:a:juniper:junos_space:16.1
-
cpe:2.3:a:juniper:junos_space:16.1r3
-
cpe:2.3:a:juniper:junos_space:17.1
-
cpe:2.3:a:juniper:junos_space:17.2
-
cpe:2.3:a:juniper:junos_space:18.1
-
cpe:2.3:a:juniper:junos_space:18.1r1
-
cpe:2.3:a:juniper:junos_space:18.2
-
cpe:2.3:a:juniper:junos_space:18.3
-
cpe:2.3:a:juniper:junos_space:18.4
-
cpe:2.3:a:juniper:junos_space:19.1
-
cpe:2.3:a:juniper:junos_space:2.0
-
cpe:2.3:a:juniper:junos_space:24.1