EX4500-LB
Announced in: EX4500 40F BF C EX4500 40F DC C EX4500 40F FB C EX4500 LB
Chassis
· EX Series
Is the EX4500-LB still supported?
No. Juniper ended support for the EX4500 40F BF C EX4500 40F DC C EX4500 40F FB C EX4500 LB on 2018-12-31. No further security fixes will be issued. See Juniper's lifecycle bulletin.
When does the EX4500-LB reach end of support?
Juniper support for the EX4500 40F BF C EX4500 40F DC C EX4500 40F FB C EX4500 LB ends on 2018-12-31.
What replaces the EX4500-LB?
Juniper has not published a successor model for the EX4500 40F BF C EX4500 40F DC C EX4500 40F FB C EX4500 LB.
What known-exploited CVEs apply to the EX4500-LB past end of support?
7 CVEs in CISA's Known Exploited Vulnerabilities catalog apply to the platform the EX4500 40F BF C EX4500 40F DC C EX4500 40F FB C EX4500 LB runs. These will not be patched on this device because it is past the Juniper security-support date. See the Known Exploited Vulnerabilities table below for the full list.
Known Exploited Vulnerabilities
This device is past Juniper's security-support date. 7 CVEs in CISA's Known Exploited Vulnerabilities catalog apply to the platform it runs. Juniper is not issuing patches for this model. Isolate, compensate, or refresh.
| CVE | KEV added | Vulnerability | Flags |
|---|---|---|---|
CVE-2025-21590
|
Juniper Junos OS Improper Isolation or Compartmentalization Vulnerability | ||
CVE-2023-36844
|
Juniper Junos OS EX Series PHP External Variable Modification Vulnerability | ||
CVE-2023-36845
|
Juniper Junos OS EX Series and SRX Series PHP External Variable Modification Vulnerability | ||
CVE-2023-36846
|
Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability | ||
CVE-2023-36847
|
Juniper Junos OS EX Series Missing Authentication for Critical Function Vulnerability | ||
CVE-2023-36851
|
Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability | ||
CVE-2020-1631
|
Juniper Junos OS Path Traversal Vulnerability |
Source: CISA Known Exploited Vulnerabilities catalog. The Ransomware flag reflects CISA's own knownRansomwareCampaignUse field, set when the CVE has been observed in ransomware campaigns per their threat intel. It's not a property of the vulnerability description itself.
Correlation is at the platform level, not per-OS-version. Not exhaustive: KEV only lists actively-exploited CVEs and many relevant unexploited vulnerabilities are not here. Verify against vendor security advisories (PSIRT, JSA, PAN-SA) and NVD before acting. See compensating controls if refresh isn't immediate.
EX4500-LB Lifecycle Overview
The Juniper EX4500-LB (EX4500-LB) is a chassis product in the Juniper EX series. This product has reached end of life as of , meaning Juniper no longer provides technical support, software updates, or hardware replacement for this product. It was last available for purchase on . Organizations still running the EX4500-LB should plan a migration .
Lifecycle Milestones
| Lifecycle notice published | 12y 11mo ago | |
|---|---|---|
| End of sale | 12y 5mo ago | |
| Last date of support | 7y 5mo ago |
Additional Dates
| Last Warranty Conversion Date | 11y 5mo ago | |
|---|---|---|
| Same Day Support Discontinued Date | 10y 5mo ago | |
| Next Day Support Discontinued Date | 8y 5mo ago |