Vulnerability-Lookup

CVE-2025-52964 (GCVE-0-2025-52964)

Vulnerability from cvelistv5 – Published: 2025-07-11 15:06 – Updated: 2025-07-14 16:35

Title

Junos OS and Junos OS Evolved: Receipt of a specific BGP UPDATE causes an rpd crash on devices with BGP multipath configured

Summary

A Reachable Assertion vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When the device receives a specific BGP UPDATE packet, the rpd crashes and restarts. Continuous receipt of this specific packet will cause a sustained DoS condition. For the issue to occur, BGP multipath with "pause-computation-during-churn" must be configured on the device, and the attacker must send the paths via a BGP UPDATE from a established BGP peer. This issue affects: Junos OS: * All versions before 21.4R3-S7, * from 22.3 before 22.3R3-S3, * from 22.4 before 22.4R3-S5, * from 23.2 before 23.2R2, * from 23.4 before 23.4R2. Junos OS Evolved: * All versions before 21.4R3-S7-EVO, * from 22.3 before 22.3R3-S3-EVO, * from 22.4 before 22.4R3-S5-EVO, * from 23.2 before 23.2R2-EVO, * from 23.4 before 23.4R2-EVO.

Severity ?

6.5 (Medium)


                        
                          CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.1 (High)


                        
                          CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L

CWE

CWE-617 - Reachable Assertion

Assigner

juniper

References

1 reference

URL	Tags
https://supportportal.juniper.net/JSA100080	vendor-advisory

Impacted products

2 products

Vendor	Product	Version
Juniper Networks	Junos OS	Affected: 0 , < 21.4R3-S7 (semver) Affected: 22.3 , < 22.3R3-S3 (semver) Affected: 22.4 , < 22.4R3-S5 (semver) Affected: 23.2 , < 23.2R2 (semver) Affected: 23.4 , < 23.4R2 (semver) Affected: 22.1 , < 22.1* (semver) Affected: 22.2 , < 22.2* (semver)
Juniper Networks	Junos OS Evolved	Affected: 0 , < 21.4R3-S7-EVO (semver) Affected: 22.3 , < 22.3R3-S3-EVO (semver) Affected: 22.4 , < 22.4R3-S5-EVO (semver) Affected: 23.2 , < 23.2R2-EVO (semver) Affected: 23.4 , < 23.4R2-EVO (semver)

Date Public ?

2025-07-09 16:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-52964",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-14T16:35:26.479336Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-14T16:35:31.358Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "21.4R3-S7",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "22.3R3-S3",
              "status": "affected",
              "version": "22.3",
              "versionType": "semver"
            },
            {
              "lessThan": "22.4R3-S5",
              "status": "affected",
              "version": "22.4",
              "versionType": "semver"
            },
            {
              "lessThan": "23.2R2",
              "status": "affected",
              "version": "23.2",
              "versionType": "semver"
            },
            {
              "lessThan": "23.4R2",
              "status": "affected",
              "version": "23.4",
              "versionType": "semver"
            },
            {
              "lessThan": "22.1*",
              "status": "affected",
              "version": "22.1",
              "versionType": "semver"
            },
            {
              "lessThan": "22.2*",
              "status": "affected",
              "version": "22.2",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Junos OS Evolved",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "21.4R3-S7-EVO",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "22.3R3-S3-EVO",
              "status": "affected",
              "version": "22.3",
              "versionType": "semver"
            },
            {
              "lessThan": "22.4R3-S5-EVO",
              "status": "affected",
              "version": "22.4",
              "versionType": "semver"
            },
            {
              "lessThan": "23.2R2-EVO",
              "status": "affected",
              "version": "23.2",
              "versionType": "semver"
            },
            {
              "lessThan": "23.4R2-EVO",
              "status": "affected",
              "version": "23.4",
              "versionType": "semver"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A sample BGP multipath configuration is shown below: \u003cbr\u003e\u003ctt\u003e[ protocols bgp group \u0026lt;name\u0026gt; multipath ]\u003cbr\u003e\u003cbr\u003e\u003c/tt\u003eRequired config command:\u003cbr\u003e\u003ctt\u003e[ pause-computation-during-churn ]\u003c/tt\u003e\u003ctt\u003e\u003cbr\u003e\u003c/tt\u003e"
            }
          ],
          "value": "A sample BGP multipath configuration is shown below: \n[ protocols bgp group \u003cname\u003e multipath ]\n\nRequired config command:\n[ pause-computation-during-churn ]"
        }
      ],
      "datePublic": "2025-07-09T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A Reachable Assertion vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS).\u003cbr\u003e\u003cbr\u003eWhen the device receives a specific BGP UPDATE packet, the rpd crashes and restarts. Continuous receipt of this specific packet will cause a sustained DoS condition.\u003cbr\u003e\u003cbr\u003eFor the issue to occur, BGP multipath with \"pause-computation-during-churn\" must be configured on the device, and the attacker must send the paths via a BGP UPDATE from a established BGP peer.\u003cbr\u003e\u003cbr\u003eThis issue affects:\u003cbr\u003eJunos OS: \u003cbr\u003e\u003cul\u003e\u003cli\u003eAll versions before 21.4R3-S7, \u003c/li\u003e\u003cli\u003efrom 22.3 before 22.3R3-S3, \u003c/li\u003e\u003cli\u003efrom 22.4 before 22.4R3-S5, \u003c/li\u003e\u003cli\u003efrom 23.2 before 23.2R2, \u003c/li\u003e\u003cli\u003efrom 23.4 before 23.4R2.\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003eJunos OS Evolved: \u003cbr\u003e\u003cul\u003e\u003cli\u003eAll versions before 21.4R3-S7-EVO, \u003c/li\u003e\u003cli\u003efrom 22.3 before 22.3R3-S3-EVO, \u003c/li\u003e\u003cli\u003efrom 22.4 before 22.4R3-S5-EVO, \u003c/li\u003e\u003cli\u003efrom 23.2 before 23.2R2-EVO, \u003c/li\u003e\u003cli\u003efrom 23.4 before 23.4R2-EVO.\u003c/li\u003e\u003c/ul\u003e"
            }
          ],
          "value": "A Reachable Assertion vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS).\n\nWhen the device receives a specific BGP UPDATE packet, the rpd crashes and restarts. Continuous receipt of this specific packet will cause a sustained DoS condition.\n\nFor the issue to occur, BGP multipath with \"pause-computation-during-churn\" must be configured on the device, and the attacker must send the paths via a BGP UPDATE from a established BGP peer.\n\nThis issue affects:\nJunos OS: \n  *  All versions before 21.4R3-S7, \n  *  from 22.3 before 22.3R3-S3, \n  *  from 22.4 before 22.4R3-S5, \n  *  from 23.2 before 23.2R2, \n  *  from 23.4 before 23.4R2.\n\n\n\nJunos OS Evolved: \n  *  All versions before 21.4R3-S7-EVO, \n  *  from 22.3 before 22.3R3-S3-EVO, \n  *  from 22.4 before 22.4R3-S5-EVO, \n  *  from 23.2 before 23.2R2-EVO, \n  *  from 23.4 before 23.4R2-EVO."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
            }
          ],
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "ADJACENT",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "LOW",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-617",
              "description": "CWE-617 Reachable Assertion",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-11T15:06:49.951Z",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://supportportal.juniper.net/JSA100080"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The following software releases have been updated to resolve this specific issue: \u003cbr\u003eJunos OS: 21.4R3-S7, 22.3R3-S3, 22.4R3-S5, 23.2R2, 23.4R2, 24.2R1, and all subsequent releases.\u003cbr\u003eJunos OS Evolved: 21.4R3-S7-EVO, 22.3R3-S3-EVO, 22.4R3-S5-EVO, 23.2R2-EVO, 23.4R2-EVO, 24.2R1-EVO, and all subsequent releases.\u003cbr\u003e"
            }
          ],
          "value": "The following software releases have been updated to resolve this specific issue: \nJunos OS: 21.4R3-S7, 22.3R3-S3, 22.4R3-S5, 23.2R2, 23.4R2, 24.2R1, and all subsequent releases.\nJunos OS Evolved: 21.4R3-S7-EVO, 22.3R3-S3-EVO, 22.4R3-S5-EVO, 23.2R2-EVO, 23.4R2-EVO, 24.2R1-EVO, and all subsequent releases."
        }
      ],
      "source": {
        "advisory": "JSA100080",
        "defect": [
          "1766960"
        ],
        "discovery": "USER"
      },
      "title": "Junos OS and Junos OS Evolved: Receipt of a specific BGP UPDATE causes an rpd crash on devices with BGP multipath configured",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue can be mitigated by disabling the multipath computation pause command \"pause-computation-during-churn\".\u003cbr\u003e\u003cbr\u003e"
            }
          ],
          "value": "This issue can be mitigated by disabling the multipath computation pause command \"pause-computation-during-churn\"."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2025-52964",
    "datePublished": "2025-07-11T15:06:49.951Z",
    "dateReserved": "2025-06-23T13:17:37.424Z",
    "dateUpdated": "2025-07-14T16:35:31.358Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2025-52964",
      "date": "2026-05-20",
      "epss": "0.00057",
      "percentile": "0.17685"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-52964\",\"sourceIdentifier\":\"sirt@juniper.net\",\"published\":\"2025-07-11T15:15:26.997\",\"lastModified\":\"2026-01-23T19:37:45.807\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A Reachable Assertion vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS).\\n\\nWhen the device receives a specific BGP UPDATE packet, the rpd crashes and restarts. Continuous receipt of this specific packet will cause a sustained DoS condition.\\n\\nFor the issue to occur, BGP multipath with \\\"pause-computation-during-churn\\\" must be configured on the device, and the attacker must send the paths via a BGP UPDATE from a established BGP peer.\\n\\nThis issue affects:\\nJunos OS: \\n  *  All versions before 21.4R3-S7, \\n  *  from 22.3 before 22.3R3-S3, \\n  *  from 22.4 before 22.4R3-S5, \\n  *  from 23.2 before 23.2R2, \\n  *  from 23.4 before 23.4R2.\\n\\n\\n\\nJunos OS Evolved: \\n  *  All versions before 21.4R3-S7-EVO, \\n  *  from 22.3 before 22.3R3-S3-EVO, \\n  *  from 22.4 before 22.4R3-S5-EVO, \\n  *  from 23.2 before 23.2R2-EVO, \\n  *  from 23.4 before 23.4R2-EVO.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de aserci\u00f3n accesible en el daemon de protocolo de enrutamiento (rpd) de Juniper Networks Junos OS y Junos OS Evolved permite que un atacante no autenticado basado en la red provoque una denegaci\u00f3n de servicio (DoS). Cuando el dispositivo recibe un paquete BGP UPDATE espec\u00edfico, el rpd se bloquea y se reinicia. La recepci\u00f3n continua de este paquete espec\u00edfico provocar\u00e1 una condici\u00f3n de DoS sostenida. Para que esto ocurra, se debe configurar en el dispositivo la funci\u00f3n multitrayecto BGP con \\\"pausa-computaci\u00f3n-durante-la-rotaci\u00f3n\\\", y el atacante debe enviar las rutas mediante una actualizaci\u00f3n BGP desde un par BGP establecido. Este problema afecta a: Junos OS: * Todas las versiones anteriores a 21.4R3-S7, * desde la 22.3 hasta la 22.3R3-S3, * desde la 22.4 hasta la 22.4R3-S5, * desde la 23.2 hasta la 23.2R2, * desde la 23.4 hasta la 23.4R2. Junos OS Evolved: * Todas las versiones anteriores a 21.4R3-S7-EVO, * desde la 22.3 hasta la 22.3R3-S3-EVO, * desde la 22.4 hasta la 22.4R3-S5-EVO, * desde la 23.2 hasta la 23.2R2-EVO, * desde la 23.4 hasta la 23.4R2-EVO.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"NONE\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"LOW\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-617\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"21.4\",\"matchCriteriaId\":\"AA5E63CF-31E5-4391-896F-148F05DA6BFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"79ED3CE8-CC57-43AB-9A26-BBC87816062D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4310D2D9-A8A6-48F8-9384-0A0692A1E1C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9962B01C-C57C-4359-9532-676AB81CE8B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"62178549-B679-4902-BFDB-2993803B7FCE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"9AD697DF-9738-4276-94ED-7B9380CD09F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"09FF5818-0803-4646-A386-D7C645EE58A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"2229FA59-EB24-49A2-85CE-F529A8DE6BA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CB280D8-C5D8-4B51-A879-496ACCDE4538\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F3F54F1-75B3-400D-A735-2C27C8CEBE79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"476A49E7-37E9-40F9-BF2D-9BBFFAA1DFFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r3-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A5B196A-2AF1-4AE5-9148-A75A572807BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r3-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B457616-2D91-4913-9A7D-038BBF8F1F66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r3-s5:*:*:*:*:*:*\",\"matchCriteriaId\":\"C470FB4E-A927-4AF3-ACB0-AD1E264218B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r3-s6:*:*:*:*:*:*\",\"matchCriteriaId\":\"44E98BC3-1D43-481A-AB09-FFA502C36AAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"CEB98E3F-B0A9-488F-ACFC-56B9485E7C9E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.3:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"19519212-51DD-4448-B115-8A20A40192CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.3:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CC9909E-AE9F-414D-99B1-83AA04D5297B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.3:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDE9E767-4713-4EA2-8D00-1382975A4A15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.3:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"59DDA54E-6845-47EB-AE3C-5EC6BD33DFA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.3:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"574730B0-56C8-4A03-867B-1737148ED9B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.3:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"20EBC676-1B26-4A71-8326-0F892124290A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.3:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB4C0FBF-8813-44E5-B71A-22CBAA603E2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.3:r3-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8BCDE58C-80CC-4C5A-9667-8A4468D8D76C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.3:r3-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"19326769-2F08-4E61-8246-CCE7AE4483F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"1379EF30-AF04-4F98-8328-52A631F24737\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"28E42A41-7965-456B-B0AF-9D3229CE4D4C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB1A77D6-D3AD-481B-979C-8F778530B175\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A064B6B-A99B-4D8D-A62D-B00C7870BC30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"40813417-A938-4F74-A419-8C5188A35486\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FC1BA1A-DF0E-4B15-86BA-24C60E546732\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"EBB967BF-3495-476D-839A-9DBFCBE69F91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E5688D6-DCA4-4550-9CD1-A3D792252129\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:r3-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8494546C-00EA-49B6-B6FA-FDE42CA5B1FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:r3-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"8BB98579-FA33-4E41-A162-A46E9709FBD3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:r3-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"08E2562F-FB18-4347-8497-7D61B8157EBB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:r3-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"494D1D96-1DA2-4B0A-9536-1B5A4FDFCA09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A78CC80-E8B1-4CDA-BB35-A61833657FA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B3B2FE1-C228-46BE-AC76-70C2687050AE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.2:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1B16FF0-900F-4AEE-B670-A537139F6909\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.2:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"B227E831-30FF-4BE1-B8B2-31829A5610A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"78481ABC-3620-410D-BC78-334657E0BB75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE8A5BA3-87BD-473A-B229-2AAB2C797005\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.4:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B74AC3E-8FC9-400A-A176-4F7F21F10756\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.4:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB2D1FCE-8019-4CE1-BA45-D62F91AF7B51\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"21.4\",\"matchCriteriaId\":\"A51696D6-8503-4CBD-AD19-861E5BE94ED4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:21.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E907193-075E-45BC-9257-9607DB790D71\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:21.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B73A41D-3FF5-4E53-83FF-74DF58E0D6C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"CEDF46A8-FC3A-4779-B695-2CA11D045AEB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"39809219-9F87-4583-9DAD-9415DD320B36\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:21.4:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB299492-A919-4EBA-A62A-B3CF02FC0A95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:21.4:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"74ED0939-D5F8-4334-9838-40F29DE3597F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:21.4:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6937069-8C19-4B01-8415-ED7E9EAE2CE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:21.4:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"97DB6DD5-F5DD-4AE1-AF2F-8DB9E18FF882\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"21DF05B8-EF7E-422F-8831-06904160714C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"492FCE45-68A1-4378-85D4-C4034FE0D836\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"522114CC-1505-4205-B4B8-797DE1BD833B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9D664AB-0FA7-49C7-B6E1-69C77652FBEF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s5:*:*:*:*:*:*\",\"matchCriteriaId\":\"9DB01252-2F11-41DB-9023-C74FD723334E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s6:*:*:*:*:*:*\",\"matchCriteriaId\":\"F91450D5-F8CE-42EA-BB7E-312FCE024CD1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE2EF84D-55A9-41DC-A324-69E1DC426D0B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.3:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"433631CA-3AC4-4D66-9B46-AEA4209347F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.3:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E4CD8AD-277A-4FC5-A102-3E151060C216\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.3:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BC09BAC-83E7-48CE-B571-ED49277B2987\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.3:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA4481D2-F693-48A5-8DBC-E86430987A25\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.3:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"136CA584-2475-4A14-9771-F367180201D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.3:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4546776C-A657-42E3-9A36-47F9F59A88AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.3:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"156DD8ED-CE6E-48C0-9E67-16B04767D62E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.3:r3-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"10F9C2B1-BD81-4EDC-ADF5-4B0F39001C7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.3:r3-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"61F649B0-0121-4760-9432-5F57214EFC2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A33C425-921F-4795-B834-608C8F1597E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"93887799-F62C-4A4A-BCF5-004D0B4D4154\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"62C473D2-2612-4480-82D8-8A24D0687BBD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FB4C5CA-A709-4B13-A9E0-372098A72AD3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.4:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"04CE952D-E3C1-4B34-9E65-EC52BFE887AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AE9D1A7-4721-4E1D-B965-FDC38126B1DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8643AA3-29EF-48A7-B033-CB60988E214B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.4:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"9800BA03-E6BF-4212-B2E7-69C0FD27D294\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"ACCA655D-C542-44F1-B183-4C864CFF2D4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D499B19-A91A-4B76-B1CB-6A07A4CB212B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6B2830C-26EE-446E-B0C3-B5E43AD897B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C7367E6-B491-4A1F-B9D7-BC86A15A0773\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DEAA7FD-385F-4221-907E-65ABC16BE4BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDEC008A-3137-48D1-8ABC-6DB0EFC40E50\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"558D234D-BC50-415F-86D6-8E19D6C3ACE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"33F4EEEE-77E9-4973-A770-99E7BA2F05F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D7F0D73-85EE-4A07-B51B-6BF52ECBA75E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE777A1F-9CD9-426E-AF1C-FBE01EB9A4A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.4:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7147BA60-30A5-4CED-9AAF-F6BEA0528B89\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.4:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E5CE59B-14B2-4F4C-81B5-0430EC954956\"}]}]}],\"references\":[{\"url\":\"https://supportportal.juniper.net/JSA100080\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-52964\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-07-14T16:35:26.479336Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-07-11T20:12:11.253Z\"}}], \"cna\": {\"title\": \"Junos OS and Junos OS Evolved: Receipt of a specific BGP UPDATE causes an rpd crash on devices with BGP multipath configured\", \"source\": {\"defect\": [\"1766960\"], \"advisory\": \"JSA100080\", \"discovery\": \"USER\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.5, \"attackVector\": \"ADJACENT_NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}, {\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 7.1, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"ADJACENT\", \"baseSeverity\": \"HIGH\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"NONE\", \"subAvailabilityImpact\": \"LOW\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"NONE\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Juniper Networks\", \"product\": \"Junos OS\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"21.4R3-S7\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"22.3\", \"lessThan\": \"22.3R3-S3\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"22.4\", \"lessThan\": \"22.4R3-S5\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"23.2\", \"lessThan\": \"23.2R2\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"23.4\", \"lessThan\": \"23.4R2\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"22.1\", \"lessThan\": \"22.1*\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"22.2\", \"lessThan\": \"22.2*\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Juniper Networks\", \"product\": \"Junos OS Evolved\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"21.4R3-S7-EVO\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"22.3\", \"lessThan\": \"22.3R3-S3-EVO\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"22.4\", \"lessThan\": \"22.4R3-S5-EVO\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"23.2\", \"lessThan\": \"23.2R2-EVO\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"23.4\", \"lessThan\": \"23.4R2-EVO\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\", \"base64\": false}]}], \"solutions\": [{\"lang\": \"en\", \"value\": \"The following software releases have been updated to resolve this specific issue: \\nJunos OS: 21.4R3-S7, 22.3R3-S3, 22.4R3-S5, 23.2R2, 23.4R2, 24.2R1, and all subsequent releases.\\nJunos OS Evolved: 21.4R3-S7-EVO, 22.3R3-S3-EVO, 22.4R3-S5-EVO, 23.2R2-EVO, 23.4R2-EVO, 24.2R1-EVO, and all subsequent releases.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"The following software releases have been updated to resolve this specific issue: \u003cbr\u003eJunos OS: 21.4R3-S7, 22.3R3-S3, 22.4R3-S5, 23.2R2, 23.4R2, 24.2R1, and all subsequent releases.\u003cbr\u003eJunos OS Evolved: 21.4R3-S7-EVO, 22.3R3-S3-EVO, 22.4R3-S5-EVO, 23.2R2-EVO, 23.4R2-EVO, 24.2R1-EVO, and all subsequent releases.\u003cbr\u003e\", \"base64\": false}]}], \"datePublic\": \"2025-07-09T16:00:00.000Z\", \"references\": [{\"url\": \"https://supportportal.juniper.net/JSA100080\", \"tags\": [\"vendor-advisory\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"This issue can be mitigated by disabling the multipath computation pause command \\\"pause-computation-during-churn\\\".\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"This issue can be mitigated by disabling the multipath computation pause command \\\"pause-computation-during-churn\\\".\u003cbr\u003e\u003cbr\u003e\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A Reachable Assertion vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS).\\n\\nWhen the device receives a specific BGP UPDATE packet, the rpd crashes and restarts. Continuous receipt of this specific packet will cause a sustained DoS condition.\\n\\nFor the issue to occur, BGP multipath with \\\"pause-computation-during-churn\\\" must be configured on the device, and the attacker must send the paths via a BGP UPDATE from a established BGP peer.\\n\\nThis issue affects:\\nJunos OS: \\n  *  All versions before 21.4R3-S7, \\n  *  from 22.3 before 22.3R3-S3, \\n  *  from 22.4 before 22.4R3-S5, \\n  *  from 23.2 before 23.2R2, \\n  *  from 23.4 before 23.4R2.\\n\\n\\n\\nJunos OS Evolved: \\n  *  All versions before 21.4R3-S7-EVO, \\n  *  from 22.3 before 22.3R3-S3-EVO, \\n  *  from 22.4 before 22.4R3-S5-EVO, \\n  *  from 23.2 before 23.2R2-EVO, \\n  *  from 23.4 before 23.4R2-EVO.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"A Reachable Assertion vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS).\u003cbr\u003e\u003cbr\u003eWhen the device receives a specific BGP UPDATE packet, the rpd crashes and restarts. Continuous receipt of this specific packet will cause a sustained DoS condition.\u003cbr\u003e\u003cbr\u003eFor the issue to occur, BGP multipath with \\\"pause-computation-during-churn\\\" must be configured on the device, and the attacker must send the paths via a BGP UPDATE from a established BGP peer.\u003cbr\u003e\u003cbr\u003eThis issue affects:\u003cbr\u003eJunos OS: \u003cbr\u003e\u003cul\u003e\u003cli\u003eAll versions before 21.4R3-S7, \u003c/li\u003e\u003cli\u003efrom 22.3 before 22.3R3-S3, \u003c/li\u003e\u003cli\u003efrom 22.4 before 22.4R3-S5, \u003c/li\u003e\u003cli\u003efrom 23.2 before 23.2R2, \u003c/li\u003e\u003cli\u003efrom 23.4 before 23.4R2.\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003eJunos OS Evolved: \u003cbr\u003e\u003cul\u003e\u003cli\u003eAll versions before 21.4R3-S7-EVO, \u003c/li\u003e\u003cli\u003efrom 22.3 before 22.3R3-S3-EVO, \u003c/li\u003e\u003cli\u003efrom 22.4 before 22.4R3-S5-EVO, \u003c/li\u003e\u003cli\u003efrom 23.2 before 23.2R2-EVO, \u003c/li\u003e\u003cli\u003efrom 23.4 before 23.4R2-EVO.\u003c/li\u003e\u003c/ul\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-617\", \"description\": \"CWE-617 Reachable Assertion\"}]}], \"configurations\": [{\"lang\": \"en\", \"value\": \"A sample BGP multipath configuration is shown below: \\n[ protocols bgp group \u003cname\u003e multipath ]\\n\\nRequired config command:\\n[ pause-computation-during-churn ]\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"A sample BGP multipath configuration is shown below: \u003cbr\u003e\u003ctt\u003e[ protocols bgp group \u0026lt;name\u0026gt; multipath ]\u003cbr\u003e\u003cbr\u003e\u003c/tt\u003eRequired config command:\u003cbr\u003e\u003ctt\u003e[ pause-computation-during-churn ]\u003c/tt\u003e\u003ctt\u003e\u003cbr\u003e\u003c/tt\u003e\", \"base64\": false}]}], \"providerMetadata\": {\"orgId\": \"8cbe9d5a-a066-4c94-8978-4b15efeae968\", \"shortName\": \"juniper\", \"dateUpdated\": \"2025-07-11T15:06:49.951Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-52964\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-07-14T16:35:31.358Z\", \"dateReserved\": \"2025-06-23T13:17:37.424Z\", \"assignerOrgId\": \"8cbe9d5a-a066-4c94-8978-4b15efeae968\", \"datePublished\": \"2025-07-11T15:06:49.951Z\", \"assignerShortName\": \"juniper\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CERTFR-2025-AVI-0583

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Juniper Networks. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une élévation de privilèges et un déni de service à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Juniper Networks	Apstra	Apstra versions antérieures à 6.0.0
Juniper Networks	Security Director	Security Director versions antérieures à 24.4.1-1703
Juniper Networks	CTPView	CTPview versions antérieures à 9.3R2
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions antérieures à 21.4R3-S7-EVO, 22.2R3-S6-EVO, 22.2R3-S7-EVO, 22.3R3-S3-EVO, 22.4R3-S5-EVO, 22.4R3-S6-EVO, 22.4R3-S7-EVO, 23.2R2-EVO, 23.2R2-S1-EVO, 23.2R2-S3-EVO, 23.2R2-S4-EVO, 23.4R1-S2-EVO, 23.4R2-EVO, 23.4R2-S4-EVO, 23.4R2-S5-EVO, 24.2R1-EVO, 24.2R2-EVO, 24.2R2-S1-EVO, 24.4R1-EVO, 24.4R1-S2-EVO, 24.4R1-S3-EVO, 24.4R2-EVO, 25.1R1-EVO et 25.2R1-EVO
Juniper Networks	Junos OS	Junos OS versions antérieures à 21.2R3-S9, 21.4R3-S10, 21.4R3-S11, 21.4R3-S7, 21.4R3-S8, 21.4R3-S9, 22.2R3-S1, 22.2R3-S4, 22.2R3-S5, 22.2R3-S6, 22.2R3-S7, 22.3R3-S3, 22.4R2, 22.4R3-S2, 22.4R3-S5, 22.4R3-S6, 22.4R3-S7, 23.2R1, 23.2R2, 23.2R2-S1, 23.2R2-S3, 23.2R2-S4, 23.4R1-S2, 23.4R2, 23.4R2-S3, 23.4R2-S4, 23.4R2-S5, 24.2R1, 24.2R1-S1, 24.2R1-S2, 24.2R2, 24.2R2-S1, 24.4R1, 24.4R1-S2, 24.4R1-S3, 24.4R2 et 25.2R1

References

Title

Publication Time

CERTFR-2025-AVI-0583

Vulnerability from certfr_avis - Published: - Updated:

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Juniper Networks	Apstra	Apstra versions antérieures à 6.0.0
Juniper Networks	Security Director	Security Director versions antérieures à 24.4.1-1703
Juniper Networks	CTPView	CTPview versions antérieures à 9.3R2
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions antérieures à 21.4R3-S7-EVO, 22.2R3-S6-EVO, 22.2R3-S7-EVO, 22.3R3-S3-EVO, 22.4R3-S5-EVO, 22.4R3-S6-EVO, 22.4R3-S7-EVO, 23.2R2-EVO, 23.2R2-S1-EVO, 23.2R2-S3-EVO, 23.2R2-S4-EVO, 23.4R1-S2-EVO, 23.4R2-EVO, 23.4R2-S4-EVO, 23.4R2-S5-EVO, 24.2R1-EVO, 24.2R2-EVO, 24.2R2-S1-EVO, 24.4R1-EVO, 24.4R1-S2-EVO, 24.4R1-S3-EVO, 24.4R2-EVO, 25.1R1-EVO et 25.2R1-EVO
Juniper Networks	Junos OS	Junos OS versions antérieures à 21.2R3-S9, 21.4R3-S10, 21.4R3-S11, 21.4R3-S7, 21.4R3-S8, 21.4R3-S9, 22.2R3-S1, 22.2R3-S4, 22.2R3-S5, 22.2R3-S6, 22.2R3-S7, 22.3R3-S3, 22.4R2, 22.4R3-S2, 22.4R3-S5, 22.4R3-S6, 22.4R3-S7, 23.2R1, 23.2R2, 23.2R2-S1, 23.2R2-S3, 23.2R2-S4, 23.4R1-S2, 23.4R2, 23.4R2-S3, 23.4R2-S4, 23.4R2-S5, 24.2R1, 24.2R1-S1, 24.2R1-S2, 24.2R2, 24.2R2-S1, 24.4R1, 24.4R1-S2, 24.4R1-S3, 24.4R2 et 25.2R1

References

Title

Publication Time

FKIE_CVE-2025-52964

Vulnerability from fkie_nvd - Published: 2025-07-11 15:15 - Updated: 2026-01-23 19:37

Severity ?

6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

	URL	Tags
	sirt@juniper.net	https://supportportal.juniper.net/JSA100080	Vendor Advisory

Impacted products

Vendor	Product	Version
juniper	junos	*
juniper	junos	21.4
juniper	junos	21.4
juniper	junos	21.4
juniper	junos	21.4
juniper	junos	21.4
juniper	junos	21.4
juniper	junos	21.4
juniper	junos	21.4
juniper	junos	21.4
juniper	junos	21.4
juniper	junos	21.4
juniper	junos	21.4
juniper	junos	21.4
juniper	junos	21.4
juniper	junos	22.3
juniper	junos	22.3
juniper	junos	22.3
juniper	junos	22.3
juniper	junos	22.3
juniper	junos	22.3
juniper	junos	22.3
juniper	junos	22.3
juniper	junos	22.3
juniper	junos	22.3
juniper	junos	22.4
juniper	junos	22.4
juniper	junos	22.4
juniper	junos	22.4
juniper	junos	22.4
juniper	junos	22.4
juniper	junos	22.4
juniper	junos	22.4
juniper	junos	22.4
juniper	junos	22.4
juniper	junos	22.4
juniper	junos	22.4
juniper	junos	23.2
juniper	junos	23.2
juniper	junos	23.2
juniper	junos	23.2
juniper	junos	23.4
juniper	junos	23.4
juniper	junos	23.4
juniper	junos	23.4
juniper	junos_os_evolved	*
juniper	junos_os_evolved	21.4
juniper	junos_os_evolved	21.4
juniper	junos_os_evolved	21.4
juniper	junos_os_evolved	21.4
juniper	junos_os_evolved	21.4
juniper	junos_os_evolved	21.4
juniper	junos_os_evolved	21.4
juniper	junos_os_evolved	21.4
juniper	junos_os_evolved	21.4
juniper	junos_os_evolved	21.4
juniper	junos_os_evolved	21.4
juniper	junos_os_evolved	21.4
juniper	junos_os_evolved	21.4
juniper	junos_os_evolved	21.4
juniper	junos_os_evolved	22.3
juniper	junos_os_evolved	22.3
juniper	junos_os_evolved	22.3
juniper	junos_os_evolved	22.3
juniper	junos_os_evolved	22.3
juniper	junos_os_evolved	22.3
juniper	junos_os_evolved	22.3
juniper	junos_os_evolved	22.3
juniper	junos_os_evolved	22.3
juniper	junos_os_evolved	22.3
juniper	junos_os_evolved	22.4
juniper	junos_os_evolved	22.4
juniper	junos_os_evolved	22.4
juniper	junos_os_evolved	22.4
juniper	junos_os_evolved	22.4
juniper	junos_os_evolved	22.4
juniper	junos_os_evolved	22.4
juniper	junos_os_evolved	22.4
juniper	junos_os_evolved	22.4
juniper	junos_os_evolved	22.4
juniper	junos_os_evolved	22.4
juniper	junos_os_evolved	22.4
juniper	junos_os_evolved	23.2
juniper	junos_os_evolved	23.2
juniper	junos_os_evolved	23.2
juniper	junos_os_evolved	23.2
juniper	junos_os_evolved	23.4
juniper	junos_os_evolved	23.4
juniper	junos_os_evolved	23.4
juniper	junos_os_evolved	23.4

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA5E63CF-31E5-4391-896F-148F05DA6BFE",
              "versionEndExcluding": "21.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*",
              "matchCriteriaId": "79ED3CE8-CC57-43AB-9A26-BBC87816062D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*",
              "matchCriteriaId": "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "9962B01C-C57C-4359-9532-676AB81CE8B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "62178549-B679-4902-BFDB-2993803B7FCE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*",
              "matchCriteriaId": "9AD697DF-9738-4276-94ED-7B9380CD09F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*",
              "matchCriteriaId": "09FF5818-0803-4646-A386-D7C645EE58A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*",
              "matchCriteriaId": "2229FA59-EB24-49A2-85CE-F529A8DE6BA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*",
              "matchCriteriaId": "0CB280D8-C5D8-4B51-A879-496ACCDE4538",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*",
              "matchCriteriaId": "5F3F54F1-75B3-400D-A735-2C27C8CEBE79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:*",
              "matchCriteriaId": "476A49E7-37E9-40F9-BF2D-9BBFFAA1DFFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s3:*:*:*:*:*:*",
              "matchCriteriaId": "0A5B196A-2AF1-4AE5-9148-A75A572807BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s4:*:*:*:*:*:*",
              "matchCriteriaId": "3B457616-2D91-4913-9A7D-038BBF8F1F66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s5:*:*:*:*:*:*",
              "matchCriteriaId": "C470FB4E-A927-4AF3-ACB0-AD1E264218B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s6:*:*:*:*:*:*",
              "matchCriteriaId": "44E98BC3-1D43-481A-AB09-FFA502C36AAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:22.3:-:*:*:*:*:*:*",
              "matchCriteriaId": "CEB98E3F-B0A9-488F-ACFC-56B9485E7C9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:22.3:r1:*:*:*:*:*:*",
              "matchCriteriaId": "19519212-51DD-4448-B115-8A20A40192CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "5CC9909E-AE9F-414D-99B1-83AA04D5297B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "FDE9E767-4713-4EA2-8D00-1382975A4A15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:22.3:r2:*:*:*:*:*:*",
              "matchCriteriaId": "59DDA54E-6845-47EB-AE3C-5EC6BD33DFA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:22.3:r2-s1:*:*:*:*:*:*",
              "matchCriteriaId": "574730B0-56C8-4A03-867B-1737148ED9B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:22.3:r2-s2:*:*:*:*:*:*",
              "matchCriteriaId": "20EBC676-1B26-4A71-8326-0F892124290A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:22.3:r3:*:*:*:*:*:*",
              "matchCriteriaId": "FB4C0FBF-8813-44E5-B71A-22CBAA603E2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:22.3:r3-s1:*:*:*:*:*:*",
              "matchCriteriaId": "8BCDE58C-80CC-4C5A-9667-8A4468D8D76C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:22.3:r3-s2:*:*:*:*:*:*",
              "matchCriteriaId": "19326769-2F08-4E61-8246-CCE7AE4483F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:22.4:-:*:*:*:*:*:*",
              "matchCriteriaId": "1379EF30-AF04-4F98-8328-52A631F24737",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*",
              "matchCriteriaId": "28E42A41-7965-456B-B0AF-9D3229CE4D4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "CB1A77D6-D3AD-481B-979C-8F778530B175",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "3A064B6B-A99B-4D8D-A62D-B00C7870BC30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:22.4:r2:*:*:*:*:*:*",
              "matchCriteriaId": "40813417-A938-4F74-A419-8C5188A35486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:22.4:r2-s1:*:*:*:*:*:*",
              "matchCriteriaId": "7FC1BA1A-DF0E-4B15-86BA-24C60E546732",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:22.4:r2-s2:*:*:*:*:*:*",
              "matchCriteriaId": "EBB967BF-3495-476D-839A-9DBFCBE69F91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:22.4:r3:*:*:*:*:*:*",
              "matchCriteriaId": "7E5688D6-DCA4-4550-9CD1-A3D792252129",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s1:*:*:*:*:*:*",
              "matchCriteriaId": "8494546C-00EA-49B6-B6FA-FDE42CA5B1FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s2:*:*:*:*:*:*",
              "matchCriteriaId": "8BB98579-FA33-4E41-A162-A46E9709FBD3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s3:*:*:*:*:*:*",
              "matchCriteriaId": "08E2562F-FB18-4347-8497-7D61B8157EBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s4:*:*:*:*:*:*",
              "matchCriteriaId": "494D1D96-1DA2-4B0A-9536-1B5A4FDFCA09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:23.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "1A78CC80-E8B1-4CDA-BB35-A61833657FA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:23.2:r1:*:*:*:*:*:*",
              "matchCriteriaId": "4B3B2FE1-C228-46BE-AC76-70C2687050AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:23.2:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "F1B16FF0-900F-4AEE-B670-A537139F6909",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:23.2:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "B227E831-30FF-4BE1-B8B2-31829A5610A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:23.4:-:*:*:*:*:*:*",
              "matchCriteriaId": "78481ABC-3620-410D-BC78-334657E0BB75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:23.4:r1:*:*:*:*:*:*",
              "matchCriteriaId": "BE8A5BA3-87BD-473A-B229-2AAB2C797005",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:23.4:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "8B74AC3E-8FC9-400A-A176-4F7F21F10756",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:23.4:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "CB2D1FCE-8019-4CE1-BA45-D62F91AF7B51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A51696D6-8503-4CBD-AD19-861E5BE94ED4",
              "versionEndExcluding": "21.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:-:*:*:*:*:*:*",
              "matchCriteriaId": "2E907193-075E-45BC-9257-9607DB790D71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1:*:*:*:*:*:*",
              "matchCriteriaId": "8B73A41D-3FF5-4E53-83FF-74DF58E0D6C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "CEDF46A8-FC3A-4779-B695-2CA11D045AEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "39809219-9F87-4583-9DAD-9415DD320B36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r2:*:*:*:*:*:*",
              "matchCriteriaId": "DB299492-A919-4EBA-A62A-B3CF02FC0A95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r2-s1:*:*:*:*:*:*",
              "matchCriteriaId": "74ED0939-D5F8-4334-9838-40F29DE3597F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r2-s2:*:*:*:*:*:*",
              "matchCriteriaId": "C6937069-8C19-4B01-8415-ED7E9EAE2CE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3:*:*:*:*:*:*",
              "matchCriteriaId": "97DB6DD5-F5DD-4AE1-AF2F-8DB9E18FF882",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s1:*:*:*:*:*:*",
              "matchCriteriaId": "21DF05B8-EF7E-422F-8831-06904160714C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s2:*:*:*:*:*:*",
              "matchCriteriaId": "492FCE45-68A1-4378-85D4-C4034FE0D836",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s3:*:*:*:*:*:*",
              "matchCriteriaId": "522114CC-1505-4205-B4B8-797DE1BD833B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s4:*:*:*:*:*:*",
              "matchCriteriaId": "C9D664AB-0FA7-49C7-B6E1-69C77652FBEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s5:*:*:*:*:*:*",
              "matchCriteriaId": "9DB01252-2F11-41DB-9023-C74FD723334E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s6:*:*:*:*:*:*",
              "matchCriteriaId": "F91450D5-F8CE-42EA-BB7E-312FCE024CD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:-:*:*:*:*:*:*",
              "matchCriteriaId": "BE2EF84D-55A9-41DC-A324-69E1DC426D0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r1:*:*:*:*:*:*",
              "matchCriteriaId": "433631CA-3AC4-4D66-9B46-AEA4209347F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "6E4CD8AD-277A-4FC5-A102-3E151060C216",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "4BC09BAC-83E7-48CE-B571-ED49277B2987",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r2:*:*:*:*:*:*",
              "matchCriteriaId": "FA4481D2-F693-48A5-8DBC-E86430987A25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r2-s1:*:*:*:*:*:*",
              "matchCriteriaId": "136CA584-2475-4A14-9771-F367180201D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r2-s2:*:*:*:*:*:*",
              "matchCriteriaId": "4546776C-A657-42E3-9A36-47F9F59A88AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r3:*:*:*:*:*:*",
              "matchCriteriaId": "156DD8ED-CE6E-48C0-9E67-16B04767D62E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r3-s1:*:*:*:*:*:*",
              "matchCriteriaId": "10F9C2B1-BD81-4EDC-ADF5-4B0F39001C7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r3-s2:*:*:*:*:*:*",
              "matchCriteriaId": "61F649B0-0121-4760-9432-5F57214EFC2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:-:*:*:*:*:*:*",
              "matchCriteriaId": "0A33C425-921F-4795-B834-608C8F1597E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1:*:*:*:*:*:*",
              "matchCriteriaId": "93887799-F62C-4A4A-BCF5-004D0B4D4154",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "62C473D2-2612-4480-82D8-8A24D0687BBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "7FB4C5CA-A709-4B13-A9E0-372098A72AD3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r2:*:*:*:*:*:*",
              "matchCriteriaId": "04CE952D-E3C1-4B34-9E65-EC52BFE887AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s1:*:*:*:*:*:*",
              "matchCriteriaId": "8AE9D1A7-4721-4E1D-B965-FDC38126B1DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s2:*:*:*:*:*:*",
              "matchCriteriaId": "A8643AA3-29EF-48A7-B033-CB60988E214B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3:*:*:*:*:*:*",
              "matchCriteriaId": "9800BA03-E6BF-4212-B2E7-69C0FD27D294",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s1:*:*:*:*:*:*",
              "matchCriteriaId": "ACCA655D-C542-44F1-B183-4C864CFF2D4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s2:*:*:*:*:*:*",
              "matchCriteriaId": "6D499B19-A91A-4B76-B1CB-6A07A4CB212B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s3:*:*:*:*:*:*",
              "matchCriteriaId": "B6B2830C-26EE-446E-B0C3-B5E43AD897B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s4:*:*:*:*:*:*",
              "matchCriteriaId": "1C7367E6-B491-4A1F-B9D7-BC86A15A0773",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "6DEAA7FD-385F-4221-907E-65ABC16BE4BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r1:*:*:*:*:*:*",
              "matchCriteriaId": "DDEC008A-3137-48D1-8ABC-6DB0EFC40E50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "558D234D-BC50-415F-86D6-8E19D6C3ACE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "33F4EEEE-77E9-4973-A770-99E7BA2F05F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:-:*:*:*:*:*:*",
              "matchCriteriaId": "9D7F0D73-85EE-4A07-B51B-6BF52ECBA75E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r1:*:*:*:*:*:*",
              "matchCriteriaId": "FE777A1F-9CD9-426E-AF1C-FBE01EB9A4A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "7147BA60-30A5-4CED-9AAF-F6BEA0528B89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "6E5CE59B-14B2-4F4C-81B5-0430EC954956",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A Reachable Assertion vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS).\n\nWhen the device receives a specific BGP UPDATE packet, the rpd crashes and restarts. Continuous receipt of this specific packet will cause a sustained DoS condition.\n\nFor the issue to occur, BGP multipath with \"pause-computation-during-churn\" must be configured on the device, and the attacker must send the paths via a BGP UPDATE from a established BGP peer.\n\nThis issue affects:\nJunos OS: \n  *  All versions before 21.4R3-S7, \n  *  from 22.3 before 22.3R3-S3, \n  *  from 22.4 before 22.4R3-S5, \n  *  from 23.2 before 23.2R2, \n  *  from 23.4 before 23.4R2.\n\n\n\nJunos OS Evolved: \n  *  All versions before 21.4R3-S7-EVO, \n  *  from 22.3 before 22.3R3-S3-EVO, \n  *  from 22.4 before 22.4R3-S5-EVO, \n  *  from 23.2 before 23.2R2-EVO, \n  *  from 23.4 before 23.4R2-EVO."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de aserci\u00f3n accesible en el daemon de protocolo de enrutamiento (rpd) de Juniper Networks Junos OS y Junos OS Evolved permite que un atacante no autenticado basado en la red provoque una denegaci\u00f3n de servicio (DoS). Cuando el dispositivo recibe un paquete BGP UPDATE espec\u00edfico, el rpd se bloquea y se reinicia. La recepci\u00f3n continua de este paquete espec\u00edfico provocar\u00e1 una condici\u00f3n de DoS sostenida. Para que esto ocurra, se debe configurar en el dispositivo la funci\u00f3n multitrayecto BGP con \"pausa-computaci\u00f3n-durante-la-rotaci\u00f3n\", y el atacante debe enviar las rutas mediante una actualizaci\u00f3n BGP desde un par BGP establecido. Este problema afecta a: Junos OS: * Todas las versiones anteriores a 21.4R3-S7, * desde la 22.3 hasta la 22.3R3-S3, * desde la 22.4 hasta la 22.4R3-S5, * desde la 23.2 hasta la 23.2R2, * desde la 23.4 hasta la 23.4R2. Junos OS Evolved: * Todas las versiones anteriores a 21.4R3-S7-EVO, * desde la 22.3 hasta la 22.3R3-S3-EVO, * desde la 22.4 hasta la 22.4R3-S5-EVO, * desde la 23.2 hasta la 23.2R2-EVO, * desde la 23.4 hasta la 23.4R2-EVO."
    }
  ],
  "id": "CVE-2025-52964",
  "lastModified": "2026-01-23T19:37:45.807",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "sirt@juniper.net",
        "type": "Secondary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "ADJACENT",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 7.1,
          "baseSeverity": "HIGH",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "NONE",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "LOW",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "HIGH",
          "vulnConfidentialityImpact": "NONE",
          "vulnIntegrityImpact": "NONE",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "sirt@juniper.net",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-07-11T15:15:26.997",
  "references": [
    {
      "source": "sirt@juniper.net",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://supportportal.juniper.net/JSA100080"
    }
  ],
  "sourceIdentifier": "sirt@juniper.net",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-617"
        }
      ],
      "source": "sirt@juniper.net",
      "type": "Secondary"
    }
  ]
}

GHSA-JRX6-PJGP-JH2Q

Vulnerability from github – Published: 2025-07-11 15:31 – Updated: 2025-07-11 15:31

Details

When the device receives a specific BGP UPDATE packet, the rpd crashes and restarts. Continuous receipt of this specific packet will cause a sustained DoS condition.

For the issue to occur, BGP multipath with "pause-computation-during-churn" must be configured on the device, and the attacker must send the paths via a BGP UPDATE from a established BGP peer.

This issue affects: Junos OS: * All versions before 21.4R3-S7, * from 22.3 before 22.3R3-S3, * from 22.4 before 22.4R3-S5, * from 23.2 before 23.2R2, * from 23.4 before 23.4R2.

Junos OS Evolved: * All versions before 21.4R3-S7-EVO, * from 22.3 before 22.3R3-S3-EVO, * from 22.4 before 22.4R3-S5-EVO, * from 23.2 before 23.2R2-EVO, * from 23.4 before 23.4R2-EVO.

Severity ?

6.5 (Medium)


                  
                    CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.1 (High)


                  
                    CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-52964"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-617"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-11T15:15:26Z",
    "severity": "HIGH"
  },
  "details": "A Reachable Assertion vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS).\n\nWhen the device receives a specific BGP UPDATE packet, the rpd crashes and restarts. Continuous receipt of this specific packet will cause a sustained DoS condition.\n\nFor the issue to occur, BGP multipath with \"pause-computation-during-churn\" must be configured on the device, and the attacker must send the paths via a BGP UPDATE from a established BGP peer.\n\nThis issue affects:\nJunos OS: \n  *  All versions before 21.4R3-S7, \n  *  from 22.3 before 22.3R3-S3, \n  *  from 22.4 before 22.4R3-S5, \n  *  from 23.2 before 23.2R2, \n  *  from 23.4 before 23.4R2.\n\n\n\nJunos OS Evolved: \n  *  All versions before 21.4R3-S7-EVO, \n  *  from 22.3 before 22.3R3-S3-EVO, \n  *  from 22.4 before 22.4R3-S5-EVO, \n  *  from 23.2 before 23.2R2-EVO, \n  *  from 23.4 before 23.4R2-EVO.",
  "id": "GHSA-jrx6-pjgp-jh2q",
  "modified": "2025-07-11T15:31:39Z",
  "published": "2025-07-11T15:31:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52964"
    },
    {
      "type": "WEB",
      "url": "https://supportportal.juniper.net/JSA100080"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

WID-SEC-W-2025-1519

Vulnerability from csaf_certbund - Published: 2025-07-09 22:00 - Updated: 2025-10-08 22:00

Summary

Juniper JUNOS: Mehrere Schwachstellen ermöglichen Privilegieneskalation

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: JUNOS ist das "Juniper Network Operating System", das in Juniper Appliances verwendet wird. Die Juniper MX-Serie ist eine Produktfamilie von Routern. SRX Series Services Gateways ist ein Next-Generation Anti-Threat Firewall von Juniper. Juniper Security Director ermöglicht die Verwaltung und Kontrolle von Sicherheitsrichtlinien für lokale Infrastrukturen über eine zentrale, webbasierte Benutzeroberfläche.

Angriff: Ein entfernter Angreifer kann mehrere Schwachstellen in Juniper JUNOS, Juniper MX Series, Juniper SRX Series und Juniper Security Director ausnutzen, um Daten zu manipulieren oder offenzulegen, Sicherheitsmaßnahmen zu umgehen, Code auszuführen, einen Denial of Service zu verursachen oder seine Privilegien zu erweitern.

Betroffene Betriebssysteme: - Juniper Appliance

CVE-2024-3596

Affected products

Known affected 7 products

Product	Identifier	Version
Juniper JUNOS Evolved Juniper / JUNOS	`cpe:/o:juniper:junos:evolved`	Evolved
Juniper SRX Series Juniper	`cpe:/h:juniper:srx_service_gateways:-`	—
Juniper Security Director Juniper	`cpe:/a:juniper:security_director:-`	—
Juniper MX Series Juniper	`cpe:/h:juniper:mx:-`	—
Juniper Junos Space <24.1R4 Juniper / Junos Space		<24.1R4
Juniper Junos Space Security Director <24.1R4 Juniper / Junos Space		Security Director <24.1R4
Juniper JUNOS Juniper / JUNOS	`cpe:/o:juniper:junos:-`	—

CVE-2025-26466

Affected products

Known affected 7 products

Product	Identifier	Version
Juniper JUNOS Evolved Juniper / JUNOS	`cpe:/o:juniper:junos:evolved`	Evolved
Juniper SRX Series Juniper	`cpe:/h:juniper:srx_service_gateways:-`	—
Juniper Security Director Juniper	`cpe:/a:juniper:security_director:-`	—
Juniper MX Series Juniper	`cpe:/h:juniper:mx:-`	—
Juniper Junos Space <24.1R4 Juniper / Junos Space		<24.1R4
Juniper Junos Space Security Director <24.1R4 Juniper / Junos Space		Security Director <24.1R4
Juniper JUNOS Juniper / JUNOS	`cpe:/o:juniper:junos:-`	—

CVE-2025-30661

Affected products

Known affected 7 products

Product	Identifier	Version
Juniper JUNOS Evolved Juniper / JUNOS	`cpe:/o:juniper:junos:evolved`	Evolved
Juniper SRX Series Juniper	`cpe:/h:juniper:srx_service_gateways:-`	—
Juniper Security Director Juniper	`cpe:/a:juniper:security_director:-`	—
Juniper MX Series Juniper	`cpe:/h:juniper:mx:-`	—
Juniper Junos Space <24.1R4 Juniper / Junos Space		<24.1R4
Juniper Junos Space Security Director <24.1R4 Juniper / Junos Space		Security Director <24.1R4
Juniper JUNOS Juniper / JUNOS	`cpe:/o:juniper:junos:-`	—

CVE-2025-52946

Affected products

Known affected 7 products

Product	Identifier	Version
Juniper JUNOS Evolved Juniper / JUNOS	`cpe:/o:juniper:junos:evolved`	Evolved
Juniper SRX Series Juniper	`cpe:/h:juniper:srx_service_gateways:-`	—
Juniper Security Director Juniper	`cpe:/a:juniper:security_director:-`	—
Juniper MX Series Juniper	`cpe:/h:juniper:mx:-`	—
Juniper Junos Space <24.1R4 Juniper / Junos Space		<24.1R4
Juniper Junos Space Security Director <24.1R4 Juniper / Junos Space		Security Director <24.1R4
Juniper JUNOS Juniper / JUNOS	`cpe:/o:juniper:junos:-`	—

CVE-2025-52947

Affected products

Known affected 7 products

Product	Identifier	Version
Juniper JUNOS Evolved Juniper / JUNOS	`cpe:/o:juniper:junos:evolved`	Evolved
Juniper SRX Series Juniper	`cpe:/h:juniper:srx_service_gateways:-`	—
Juniper Security Director Juniper	`cpe:/a:juniper:security_director:-`	—
Juniper MX Series Juniper	`cpe:/h:juniper:mx:-`	—
Juniper Junos Space <24.1R4 Juniper / Junos Space		<24.1R4
Juniper Junos Space Security Director <24.1R4 Juniper / Junos Space		Security Director <24.1R4
Juniper JUNOS Juniper / JUNOS	`cpe:/o:juniper:junos:-`	—

CVE-2025-52948

Affected products

Known affected 7 products

Product	Identifier	Version
Juniper JUNOS Evolved Juniper / JUNOS	`cpe:/o:juniper:junos:evolved`	Evolved
Juniper SRX Series Juniper	`cpe:/h:juniper:srx_service_gateways:-`	—
Juniper Security Director Juniper	`cpe:/a:juniper:security_director:-`	—
Juniper MX Series Juniper	`cpe:/h:juniper:mx:-`	—
Juniper Junos Space <24.1R4 Juniper / Junos Space		<24.1R4
Juniper Junos Space Security Director <24.1R4 Juniper / Junos Space		Security Director <24.1R4
Juniper JUNOS Juniper / JUNOS	`cpe:/o:juniper:junos:-`	—

CVE-2025-52949

Affected products

Known affected 7 products

Product	Identifier	Version
Juniper JUNOS Evolved Juniper / JUNOS	`cpe:/o:juniper:junos:evolved`	Evolved
Juniper SRX Series Juniper	`cpe:/h:juniper:srx_service_gateways:-`	—
Juniper Security Director Juniper	`cpe:/a:juniper:security_director:-`	—
Juniper MX Series Juniper	`cpe:/h:juniper:mx:-`	—
Juniper Junos Space <24.1R4 Juniper / Junos Space		<24.1R4
Juniper Junos Space Security Director <24.1R4 Juniper / Junos Space		Security Director <24.1R4
Juniper JUNOS Juniper / JUNOS	`cpe:/o:juniper:junos:-`	—

CVE-2025-52950

Affected products

Known affected 7 products

Product	Identifier	Version
Juniper JUNOS Evolved Juniper / JUNOS	`cpe:/o:juniper:junos:evolved`	Evolved
Juniper SRX Series Juniper	`cpe:/h:juniper:srx_service_gateways:-`	—
Juniper Security Director Juniper	`cpe:/a:juniper:security_director:-`	—
Juniper MX Series Juniper	`cpe:/h:juniper:mx:-`	—
Juniper Junos Space <24.1R4 Juniper / Junos Space		<24.1R4
Juniper Junos Space Security Director <24.1R4 Juniper / Junos Space		Security Director <24.1R4
Juniper JUNOS Juniper / JUNOS	`cpe:/o:juniper:junos:-`	—

CVE-2025-52951

Affected products

Known affected 7 products

Product	Identifier	Version
Juniper JUNOS Evolved Juniper / JUNOS	`cpe:/o:juniper:junos:evolved`	Evolved
Juniper SRX Series Juniper	`cpe:/h:juniper:srx_service_gateways:-`	—
Juniper Security Director Juniper	`cpe:/a:juniper:security_director:-`	—
Juniper MX Series Juniper	`cpe:/h:juniper:mx:-`	—
Juniper Junos Space <24.1R4 Juniper / Junos Space		<24.1R4
Juniper Junos Space Security Director <24.1R4 Juniper / Junos Space		Security Director <24.1R4
Juniper JUNOS Juniper / JUNOS	`cpe:/o:juniper:junos:-`	—

CVE-2025-52952

Affected products

Known affected 7 products

Product	Identifier	Version
Juniper JUNOS Evolved Juniper / JUNOS	`cpe:/o:juniper:junos:evolved`	Evolved
Juniper SRX Series Juniper	`cpe:/h:juniper:srx_service_gateways:-`	—
Juniper Security Director Juniper	`cpe:/a:juniper:security_director:-`	—
Juniper MX Series Juniper	`cpe:/h:juniper:mx:-`	—
Juniper Junos Space <24.1R4 Juniper / Junos Space		<24.1R4
Juniper Junos Space Security Director <24.1R4 Juniper / Junos Space		Security Director <24.1R4
Juniper JUNOS Juniper / JUNOS	`cpe:/o:juniper:junos:-`	—

CVE-2025-52953

Affected products

Known affected 7 products

Product	Identifier	Version
Juniper JUNOS Evolved Juniper / JUNOS	`cpe:/o:juniper:junos:evolved`	Evolved
Juniper SRX Series Juniper	`cpe:/h:juniper:srx_service_gateways:-`	—
Juniper Security Director Juniper	`cpe:/a:juniper:security_director:-`	—
Juniper MX Series Juniper	`cpe:/h:juniper:mx:-`	—
Juniper Junos Space <24.1R4 Juniper / Junos Space		<24.1R4
Juniper Junos Space Security Director <24.1R4 Juniper / Junos Space		Security Director <24.1R4
Juniper JUNOS Juniper / JUNOS	`cpe:/o:juniper:junos:-`	—

CVE-2025-52954

Affected products

Known affected 7 products

Product	Identifier	Version
Juniper JUNOS Evolved Juniper / JUNOS	`cpe:/o:juniper:junos:evolved`	Evolved
Juniper SRX Series Juniper	`cpe:/h:juniper:srx_service_gateways:-`	—
Juniper Security Director Juniper	`cpe:/a:juniper:security_director:-`	—
Juniper MX Series Juniper	`cpe:/h:juniper:mx:-`	—
Juniper Junos Space <24.1R4 Juniper / Junos Space		<24.1R4
Juniper Junos Space Security Director <24.1R4 Juniper / Junos Space		Security Director <24.1R4
Juniper JUNOS Juniper / JUNOS	`cpe:/o:juniper:junos:-`	—

CVE-2025-52955

Affected products

Known affected 7 products

Product	Identifier	Version
Juniper JUNOS Evolved Juniper / JUNOS	`cpe:/o:juniper:junos:evolved`	Evolved
Juniper SRX Series Juniper	`cpe:/h:juniper:srx_service_gateways:-`	—
Juniper Security Director Juniper	`cpe:/a:juniper:security_director:-`	—
Juniper MX Series Juniper	`cpe:/h:juniper:mx:-`	—
Juniper Junos Space <24.1R4 Juniper / Junos Space		<24.1R4
Juniper Junos Space Security Director <24.1R4 Juniper / Junos Space		Security Director <24.1R4
Juniper JUNOS Juniper / JUNOS	`cpe:/o:juniper:junos:-`	—

CVE-2025-52958

Affected products

Known affected 7 products

Product	Identifier	Version
Juniper JUNOS Evolved Juniper / JUNOS	`cpe:/o:juniper:junos:evolved`	Evolved
Juniper SRX Series Juniper	`cpe:/h:juniper:srx_service_gateways:-`	—
Juniper Security Director Juniper	`cpe:/a:juniper:security_director:-`	—
Juniper MX Series Juniper	`cpe:/h:juniper:mx:-`	—
Juniper Junos Space <24.1R4 Juniper / Junos Space		<24.1R4
Juniper Junos Space Security Director <24.1R4 Juniper / Junos Space		Security Director <24.1R4
Juniper JUNOS Juniper / JUNOS	`cpe:/o:juniper:junos:-`	—

CVE-2025-52963

Affected products

Known affected 7 products

Product	Identifier	Version
Juniper JUNOS Evolved Juniper / JUNOS	`cpe:/o:juniper:junos:evolved`	Evolved
Juniper SRX Series Juniper	`cpe:/h:juniper:srx_service_gateways:-`	—
Juniper Security Director Juniper	`cpe:/a:juniper:security_director:-`	—
Juniper MX Series Juniper	`cpe:/h:juniper:mx:-`	—
Juniper Junos Space <24.1R4 Juniper / Junos Space		<24.1R4
Juniper Junos Space Security Director <24.1R4 Juniper / Junos Space		Security Director <24.1R4
Juniper JUNOS Juniper / JUNOS	`cpe:/o:juniper:junos:-`	—

CVE-2025-52964

Affected products

Known affected 7 products

Product	Identifier	Version
Juniper JUNOS Evolved Juniper / JUNOS	`cpe:/o:juniper:junos:evolved`	Evolved
Juniper SRX Series Juniper	`cpe:/h:juniper:srx_service_gateways:-`	—
Juniper Security Director Juniper	`cpe:/a:juniper:security_director:-`	—
Juniper MX Series Juniper	`cpe:/h:juniper:mx:-`	—
Juniper Junos Space <24.1R4 Juniper / Junos Space		<24.1R4
Juniper Junos Space Security Director <24.1R4 Juniper / Junos Space		Security Director <24.1R4
Juniper JUNOS Juniper / JUNOS	`cpe:/o:juniper:junos:-`	—

CVE-2025-52980

Affected products

Known affected 7 products

Product	Identifier	Version
Juniper JUNOS Evolved Juniper / JUNOS	`cpe:/o:juniper:junos:evolved`	Evolved
Juniper SRX Series Juniper	`cpe:/h:juniper:srx_service_gateways:-`	—
Juniper Security Director Juniper	`cpe:/a:juniper:security_director:-`	—
Juniper MX Series Juniper	`cpe:/h:juniper:mx:-`	—
Juniper Junos Space <24.1R4 Juniper / Junos Space		<24.1R4
Juniper Junos Space Security Director <24.1R4 Juniper / Junos Space		Security Director <24.1R4
Juniper JUNOS Juniper / JUNOS	`cpe:/o:juniper:junos:-`	—

CVE-2025-52981

Affected products

Known affected 7 products

Product	Identifier	Version
Juniper JUNOS Evolved Juniper / JUNOS	`cpe:/o:juniper:junos:evolved`	Evolved
Juniper SRX Series Juniper	`cpe:/h:juniper:srx_service_gateways:-`	—
Juniper Security Director Juniper	`cpe:/a:juniper:security_director:-`	—
Juniper MX Series Juniper	`cpe:/h:juniper:mx:-`	—
Juniper Junos Space <24.1R4 Juniper / Junos Space		<24.1R4
Juniper Junos Space Security Director <24.1R4 Juniper / Junos Space		Security Director <24.1R4
Juniper JUNOS Juniper / JUNOS	`cpe:/o:juniper:junos:-`	—

CVE-2025-52982

Affected products

Known affected 7 products

Product	Identifier	Version
Juniper JUNOS Evolved Juniper / JUNOS	`cpe:/o:juniper:junos:evolved`	Evolved
Juniper SRX Series Juniper	`cpe:/h:juniper:srx_service_gateways:-`	—
Juniper Security Director Juniper	`cpe:/a:juniper:security_director:-`	—
Juniper MX Series Juniper	`cpe:/h:juniper:mx:-`	—
Juniper Junos Space <24.1R4 Juniper / Junos Space		<24.1R4
Juniper Junos Space Security Director <24.1R4 Juniper / Junos Space		Security Director <24.1R4
Juniper JUNOS Juniper / JUNOS	`cpe:/o:juniper:junos:-`	—

CVE-2025-52983

Affected products

Known affected 7 products

Product	Identifier	Version
Juniper JUNOS Evolved Juniper / JUNOS	`cpe:/o:juniper:junos:evolved`	Evolved
Juniper SRX Series Juniper	`cpe:/h:juniper:srx_service_gateways:-`	—
Juniper Security Director Juniper	`cpe:/a:juniper:security_director:-`	—
Juniper MX Series Juniper	`cpe:/h:juniper:mx:-`	—
Juniper Junos Space <24.1R4 Juniper / Junos Space		<24.1R4
Juniper Junos Space Security Director <24.1R4 Juniper / Junos Space		Security Director <24.1R4
Juniper JUNOS Juniper / JUNOS	`cpe:/o:juniper:junos:-`	—

CVE-2025-52984

Affected products

Known affected 7 products

Product	Identifier	Version
Juniper JUNOS Evolved Juniper / JUNOS	`cpe:/o:juniper:junos:evolved`	Evolved
Juniper SRX Series Juniper	`cpe:/h:juniper:srx_service_gateways:-`	—
Juniper Security Director Juniper	`cpe:/a:juniper:security_director:-`	—
Juniper MX Series Juniper	`cpe:/h:juniper:mx:-`	—
Juniper Junos Space <24.1R4 Juniper / Junos Space		<24.1R4
Juniper Junos Space Security Director <24.1R4 Juniper / Junos Space		Security Director <24.1R4
Juniper JUNOS Juniper / JUNOS	`cpe:/o:juniper:junos:-`	—

CVE-2025-52985

Affected products

Known affected 7 products

Product	Identifier	Version
Juniper JUNOS Evolved Juniper / JUNOS	`cpe:/o:juniper:junos:evolved`	Evolved
Juniper SRX Series Juniper	`cpe:/h:juniper:srx_service_gateways:-`	—
Juniper Security Director Juniper	`cpe:/a:juniper:security_director:-`	—
Juniper MX Series Juniper	`cpe:/h:juniper:mx:-`	—
Juniper Junos Space <24.1R4 Juniper / Junos Space		<24.1R4
Juniper Junos Space Security Director <24.1R4 Juniper / Junos Space		Security Director <24.1R4
Juniper JUNOS Juniper / JUNOS	`cpe:/o:juniper:junos:-`	—

CVE-2025-52986

Affected products

Known affected 7 products

Product	Identifier	Version
Juniper JUNOS Evolved Juniper / JUNOS	`cpe:/o:juniper:junos:evolved`	Evolved
Juniper SRX Series Juniper	`cpe:/h:juniper:srx_service_gateways:-`	—
Juniper Security Director Juniper	`cpe:/a:juniper:security_director:-`	—
Juniper MX Series Juniper	`cpe:/h:juniper:mx:-`	—
Juniper Junos Space <24.1R4 Juniper / Junos Space		<24.1R4
Juniper Junos Space Security Director <24.1R4 Juniper / Junos Space		Security Director <24.1R4
Juniper JUNOS Juniper / JUNOS	`cpe:/o:juniper:junos:-`	—

CVE-2025-52988

Affected products

Known affected 7 products

Product	Identifier	Version
Juniper JUNOS Evolved Juniper / JUNOS	`cpe:/o:juniper:junos:evolved`	Evolved
Juniper SRX Series Juniper	`cpe:/h:juniper:srx_service_gateways:-`	—
Juniper Security Director Juniper	`cpe:/a:juniper:security_director:-`	—
Juniper MX Series Juniper	`cpe:/h:juniper:mx:-`	—
Juniper Junos Space <24.1R4 Juniper / Junos Space		<24.1R4
Juniper Junos Space Security Director <24.1R4 Juniper / Junos Space		Security Director <24.1R4
Juniper JUNOS Juniper / JUNOS	`cpe:/o:juniper:junos:-`	—

CVE-2025-52989

Affected products

Known affected 7 products

Product	Identifier	Version
Juniper JUNOS Evolved Juniper / JUNOS	`cpe:/o:juniper:junos:evolved`	Evolved
Juniper SRX Series Juniper	`cpe:/h:juniper:srx_service_gateways:-`	—
Juniper Security Director Juniper	`cpe:/a:juniper:security_director:-`	—
Juniper MX Series Juniper	`cpe:/h:juniper:mx:-`	—
Juniper Junos Space <24.1R4 Juniper / Junos Space		<24.1R4
Juniper Junos Space Security Director <24.1R4 Juniper / Junos Space		Security Director <24.1R4
Juniper JUNOS Juniper / JUNOS	`cpe:/o:juniper:junos:-`	—

CVE-2025-6549

Affected products

Known affected 7 products

Product	Identifier	Version
Juniper JUNOS Evolved Juniper / JUNOS	`cpe:/o:juniper:junos:evolved`	Evolved
Juniper SRX Series Juniper	`cpe:/h:juniper:srx_service_gateways:-`	—
Juniper Security Director Juniper	`cpe:/a:juniper:security_director:-`	—
Juniper MX Series Juniper	`cpe:/h:juniper:mx:-`	—
Juniper Junos Space <24.1R4 Juniper / Junos Space		<24.1R4
Juniper Junos Space Security Director <24.1R4 Juniper / Junos Space		Security Director <24.1R4
Juniper JUNOS Juniper / JUNOS	`cpe:/o:juniper:junos:-`	—

References

34 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://supportportal.juniper.net/s/global-search…	external
https://supportportal.juniper.net/s/article/2025-…	external
https://supportportal.juniper.net/s/article/2025-…	external
https://supportportal.juniper.net/s/article/2025-…	external
https://supportportal.juniper.net/s/article/2025-…	external
https://supportportal.juniper.net/s/article/2025-…	external
https://supportportal.juniper.net/s/article/2025-…	external
https://supportportal.juniper.net/s/article/2025-…	external
https://supportportal.juniper.net/s/article/2025-…	external
https://supportportal.juniper.net/s/article/2025-…	external
https://supportportal.juniper.net/s/article/2025-…	external
https://supportportal.juniper.net/s/article/2025-…	external
https://supportportal.juniper.net/s/article/2025-…	external
https://supportportal.juniper.net/s/article/2025-…	external
https://supportportal.juniper.net/s/article/2025-…	external
https://supportportal.juniper.net/s/article/2025-…	external
https://supportportal.juniper.net/s/article/2025-…	external
https://supportportal.juniper.net/s/article/2025-…	external
https://supportportal.juniper.net/s/article/2025-…	external
https://supportportal.juniper.net/s/article/2025-…	external
https://supportportal.juniper.net/s/article/2025-…	external
https://supportportal.juniper.net/s/article/2025-…	external
https://supportportal.juniper.net/s/article/2025-…	external
https://supportportal.juniper.net/s/article/2025-…	external
https://supportportal.juniper.net/s/article/2025-…	external
https://supportportal.juniper.net/s/article/2025-…	external
https://supportportal.juniper.net/s/article/2025-…	external
https://supportportal.juniper.net/s/article/2025-…	external
https://supportportal.juniper.net/s/article/2025-…	external
https://supportportal.juniper.net/s/article/2025-…	external
https://supportportal.juniper.net/s/article/2025-…	external
https://supportportal.juniper.net/s/article/2025-…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "JUNOS ist das \"Juniper Network Operating System\", das in Juniper Appliances verwendet wird.\r\nDie Juniper MX-Serie ist eine Produktfamilie von Routern.\r\nSRX Series Services Gateways ist ein Next-Generation Anti-Threat Firewall von Juniper.\r\nJuniper Security Director erm\u00f6glicht die Verwaltung und Kontrolle von Sicherheitsrichtlinien f\u00fcr lokale Infrastrukturen \u00fcber eine zentrale, webbasierte Benutzeroberfl\u00e4che.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter Angreifer kann mehrere Schwachstellen in Juniper JUNOS, Juniper MX Series, Juniper SRX Series und Juniper Security Director ausnutzen, um Daten zu manipulieren oder offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, Code auszuf\u00fchren, einen Denial of Service zu verursachen oder seine Privilegien zu erweitern.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Juniper Appliance",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-1519 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1519.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-1519 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1519"
      },
      {
        "category": "external",
        "summary": "Juniper Security Advisories vom 2025-07-09",
        "url": "https://supportportal.juniper.net/s/global-search/%40uri?language=en_US#sortCriteria=date%20descending\u0026f-sf_primarysourcename=Knowledge\u0026f-sf_articletype=Security%20Advisories\u0026numberOfResults=30"
      },
      {
        "category": "external",
        "summary": "Juniper Security Bulletin CVE-2024-3596 vom 2025-07-09",
        "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Vulnerability-in-the-RADIUS-protocol-for-Subscriber-Management-Blast-RADIUS-CVE-2024-3596"
      },
      {
        "category": "external",
        "summary": "Juniper Security Bulletin CVE-2025-26466-resolved-in-9-3R2-release vom 2025-07-09",
        "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-CTPView-OpenSSH-vulnerability-CVE-2025-26466-resolved-in-9-3R2-release"
      },
      {
        "category": "external",
        "summary": "Juniper Security Bulletin CVE-2025-30661 vom 2025-07-09",
        "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-Low-privileged-user-can-cause-script-to-run-as-root-leading-to-privilege-escalation-CVE-2025-30661"
      },
      {
        "category": "external",
        "summary": "Juniper Security Bulletin CVE-2025-52946 vom 2025-07-09",
        "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-With-traceoptions-enabled-receipt-of-malformed-AS-PATH-causes-RPD-crash-CVE-2025-52946"
      },
      {
        "category": "external",
        "summary": "Juniper Security Bulletin CVE-2025-52947 vom 2025-07-09",
        "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-ACX-Series-When-hot-standby-mode-is-configured-for-an-L2-circuit-interface-flap-causes-the-FEB-to-crash"
      },
      {
        "category": "external",
        "summary": "Juniper Security Bulletin CVE-2025-52948 vom 2025-07-09",
        "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-Specific-unknown-traffic-pattern-causes-FPC-and-system-to-crash-when-packet-capturing-is-enabled-CVE-2025-52948"
      },
      {
        "category": "external",
        "summary": "Juniper Security Bulletin CVE-2025-52949 vom 2025-07-09",
        "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-an-EVPN-environment-receipt-of-a-specifically-malformed-BGP-update-causes-RPD-crash-CVE-2025-52949"
      },
      {
        "category": "external",
        "summary": "Juniper Security Bulletin CVE-2025-52950 vom 2025-07-09",
        "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Juniper-Security-Director-Insufficient-authorization-for-multiple-endpoints-in-web-interface-CVE-2025-52950"
      },
      {
        "category": "external",
        "summary": "Juniper Security Bulletin CVE-2025-52951 vom 2025-07-09",
        "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-IPv6-firewall-filter-fails-to-match-payload-protocol-CVE-2025-52951"
      },
      {
        "category": "external",
        "summary": "Juniper Security Bulletin CVE-2025-52952 vom 2025-07-09",
        "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-MX-Series-with-MPC-BUILTIN-MPC-1-through-MPC-9-Receipt-and-processing-of-a-malformed-packet-causes-one-or-more-FPCs-to-crash-CVE-2025-52952"
      },
      {
        "category": "external",
        "summary": "Juniper Security Bulletin CVE-2025-52953 vom 2025-07-09",
        "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-An-unauthenticated-adjacent-attacker-sending-a-valid-BGP-UPDATE-packet-forces-a-BGP-session-reset-CVE-2025-52953"
      },
      {
        "category": "external",
        "summary": "Juniper Security Bulletin CVE-2025-52954 vom 2025-07-09",
        "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-Evolved-A-low-privileged-user-can-execute-CLI-commands-and-modify-the-configuration-compromise-the-system-CVE-2025-52954"
      },
      {
        "category": "external",
        "summary": "Juniper Security Bulletin CVE-2025-52955 vom 2025-07-09",
        "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-When-jflow-sflow-is-enabled-receipt-of-specific-route-updates-causes-rpd-crash-CVE-2025-52955"
      },
      {
        "category": "external",
        "summary": "Juniper Security Bulletin CVE-2025-52958 vom 2025-07-09",
        "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-When-route-validation-is-enabled-BGP-connection-establishment-failure-causes-RPD-crash-CVE-2025-52958"
      },
      {
        "category": "external",
        "summary": "Juniper Security Bulletin CVE-2025-52963 vom 2025-07-09",
        "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-A-low-privileged-user-can-disable-an-interface-CVE-2025-52963"
      },
      {
        "category": "external",
        "summary": "Juniper Security Bulletin CVE-2025-52964 vom 2025-07-09",
        "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Junos-OS-and-Junos-OS-Evolved-Receipt-of-a-specific-BGP-UPDATE-causes-an-rpd-crash-on-devices-with-BGP-multipath-configured-CVE-2025-52964"
      },
      {
        "category": "external",
        "summary": "Juniper Security Bulletin CVE-2025-52980 vom 2025-07-09",
        "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-SRX300-Series-Upon-receiving-a-specific-valid-BGP-UPDATE-message-rpd-will-crash-CVE-2025-52980"
      },
      {
        "category": "external",
        "summary": "Juniper Security Bulletin CVE-2025-52981 vom 2025-07-09",
        "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-SRX-Series-Sequence-of-specific-PIM-packets-causes-a-flowd-crash-CVE-2025-52981"
      },
      {
        "category": "external",
        "summary": "Juniper Security Bulletin CVE-2025-52982 vom 2025-07-09",
        "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-MX-Series-When-specific-SIP-packets-are-processed-the-MS-MPC-will-crash-CVE-2025-52982"
      },
      {
        "category": "external",
        "summary": "Juniper Security Bulletin CVE-2025-52983 vom 2025-07-09",
        "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-After-removing-ssh-public-key-authentication-root-can-still-log-in-CVE-2025-52983"
      },
      {
        "category": "external",
        "summary": "Juniper Security Bulletin CVE-2025-52984 vom 2025-07-09",
        "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-When-a-static-route-points-to-an-unreachable-next-hop-and-a-gNMI-query-for-this-route-is-processed-RPD-crashes-CVE-2025-52984"
      },
      {
        "category": "external",
        "summary": "Juniper Security Bulletin CVE-2025-52985 vom 2025-07-09",
        "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-Evolved-When-a-control-plane-firewall-filter-refers-to-a-prefix-list-with-more-then-10-entries-it-s-not-matching-CVE-2025-52985"
      },
      {
        "category": "external",
        "summary": "Juniper Security Bulletin CVE-2025-52986 vom 2025-07-09",
        "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-When-RIB-sharding-is-configured-each-time-a-show-command-is-executed-RPD-memory-leaks-CVE-2025-52986"
      },
      {
        "category": "external",
        "summary": "Juniper Security Bulletin CVE-2025-52988 vom 2025-07-09",
        "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Privilege-escalation-via-CLI-command-request-system-logout-CVE-2025-52988"
      },
      {
        "category": "external",
        "summary": "Juniper Security Bulletin CVE-2025-52989 vom 2025-07-09",
        "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Annotate-configuration-command-can-be-used-for-privilege-escalation-CVE-2025-52989"
      },
      {
        "category": "external",
        "summary": "Juniper Security Bulletin CVE-2025-6549 vom 2025-07-09",
        "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-SRX-Series-J-Web-can-be-exposed-on-additional-interfaces-CVE-2025-6549"
      },
      {
        "category": "external",
        "summary": "Juniper Security Bulletin VU#199397 vom 2025-07-09",
        "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-Evolved-Multiple-vulnerabilities-resolved-for-Insecure-Implementation-of-Tunneling-Protocols-GRE-IPIP-4in6-6in4-VU-199397"
      },
      {
        "category": "external",
        "summary": "Juniper Security Advisory JSA103141 vom 2024-10-08",
        "url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-24-1R4-release"
      },
      {
        "category": "external",
        "summary": "Juniper Security Advisory JSA103139 vom 2024-10-08",
        "url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Security-Director-Multiple-vulnerabilities-resolved-in-24-1R4"
      },
      {
        "category": "external",
        "summary": "Juniper Security Advisory JSA103138 vom 2024-10-08",
        "url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Security-Director-Multiple-vulnerabilities-resolved-in-24-1R4-by-upgrading-Log4j-Java-library-to-2-23-1-and-ElasticSearch-to-6-8-17"
      },
      {
        "category": "external",
        "summary": "Juniper Security Advisory JSA103140 vom 2024-10-08",
        "url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Multiple-XSS-vulnerabilities-resolved-in-24-1R4-release"
      }
    ],
    "source_lang": "en-US",
    "title": "Juniper JUNOS: Mehrere Schwachstellen erm\u00f6glichen Privilegieneskalation",
    "tracking": {
      "current_release_date": "2025-10-08T22:00:00.000+00:00",
      "generator": {
        "date": "2025-10-09T07:29:59.775+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.4.0"
        }
      },
      "id": "WID-SEC-W-2025-1519",
      "initial_release_date": "2025-07-09T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-07-09T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2025-07-13T22:00:00.000+00:00",
          "number": "2",
          "summary": "Referenz(en) aufgenommen: EUVD-2025-21162, EUVD-2025-21161, EUVD-2025-21160, EUVD-2025-21158, EUVD-2025-21157, EUVD-2025-21165, EUVD-2025-21167, EUVD-2025-21156, EUVD-2025-21155, EUVD-2025-21166, EUVD-2025-21163"
        },
        {
          "date": "2025-10-08T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Juniper aufgenommen"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Juniper JUNOS",
                "product": {
                  "name": "Juniper JUNOS",
                  "product_id": "T032362",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:juniper:junos:-"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Evolved",
                "product": {
                  "name": "Juniper JUNOS Evolved",
                  "product_id": "T042696",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:juniper:junos:evolved"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "JUNOS"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "Security Director \u003c24.1R4",
                "product": {
                  "name": "Juniper Junos Space Security Director \u003c24.1R4",
                  "product_id": "T047484"
                }
              },
              {
                "category": "product_version",
                "name": "Security Director 24.1R4",
                "product": {
                  "name": "Juniper Junos Space Security Director 24.1R4",
                  "product_id": "T047484-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:juniper:junos_space:24.1r4::security_director"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c24.1R4",
                "product": {
                  "name": "Juniper Junos Space \u003c24.1R4",
                  "product_id": "T047485"
                }
              },
              {
                "category": "product_version",
                "name": "24.1R4",
                "product": {
                  "name": "Juniper Junos Space 24.1R4",
                  "product_id": "T047485-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:juniper:junos_space:24.1r4"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Junos Space"
          },
          {
            "category": "product_name",
            "name": "Juniper MX Series",
            "product": {
              "name": "Juniper MX Series",
              "product_id": "918766",
              "product_identification_helper": {
                "cpe": "cpe:/h:juniper:mx:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Juniper SRX Series",
            "product": {
              "name": "Juniper SRX Series",
              "product_id": "T045305",
              "product_identification_helper": {
                "cpe": "cpe:/h:juniper:srx_service_gateways:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Juniper Security Director",
            "product": {
              "name": "Juniper Security Director",
              "product_id": "T045307",
              "product_identification_helper": {
                "cpe": "cpe:/a:juniper:security_director:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Juniper"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-3596",
      "product_status": {
        "known_affected": [
          "T042696",
          "T045305",
          "T045307",
          "918766",
          "T047485",
          "T047484",
          "T032362"
        ]
      },
      "release_date": "2025-07-09T22:00:00.000+00:00",
      "title": "CVE-2024-3596"
    },
    {
      "cve": "CVE-2025-26466",
      "product_status": {
        "known_affected": [
          "T042696",
          "T045305",
          "T045307",
          "918766",
          "T047485",
          "T047484",
          "T032362"
        ]
      },
      "release_date": "2025-07-09T22:00:00.000+00:00",
      "title": "CVE-2025-26466"
    },
    {
      "cve": "CVE-2025-30661",
      "product_status": {
        "known_affected": [
          "T042696",
          "T045305",
          "T045307",
          "918766",
          "T047485",
          "T047484",
          "T032362"
        ]
      },
      "release_date": "2025-07-09T22:00:00.000+00:00",
      "title": "CVE-2025-30661"
    },
    {
      "cve": "CVE-2025-52946",
      "product_status": {
        "known_affected": [
          "T042696",
          "T045305",
          "T045307",
          "918766",
          "T047485",
          "T047484",
          "T032362"
        ]
      },
      "release_date": "2025-07-09T22:00:00.000+00:00",
      "title": "CVE-2025-52946"
    },
    {
      "cve": "CVE-2025-52947",
      "product_status": {
        "known_affected": [
          "T042696",
          "T045305",
          "T045307",
          "918766",
          "T047485",
          "T047484",
          "T032362"
        ]
      },
      "release_date": "2025-07-09T22:00:00.000+00:00",
      "title": "CVE-2025-52947"
    },
    {
      "cve": "CVE-2025-52948",
      "product_status": {
        "known_affected": [
          "T042696",
          "T045305",
          "T045307",
          "918766",
          "T047485",
          "T047484",
          "T032362"
        ]
      },
      "release_date": "2025-07-09T22:00:00.000+00:00",
      "title": "CVE-2025-52948"
    },
    {
      "cve": "CVE-2025-52949",
      "product_status": {
        "known_affected": [
          "T042696",
          "T045305",
          "T045307",
          "918766",
          "T047485",
          "T047484",
          "T032362"
        ]
      },
      "release_date": "2025-07-09T22:00:00.000+00:00",
      "title": "CVE-2025-52949"
    },
    {
      "cve": "CVE-2025-52950",
      "product_status": {
        "known_affected": [
          "T042696",
          "T045305",
          "T045307",
          "918766",
          "T047485",
          "T047484",
          "T032362"
        ]
      },
      "release_date": "2025-07-09T22:00:00.000+00:00",
      "title": "CVE-2025-52950"
    },
    {
      "cve": "CVE-2025-52951",
      "product_status": {
        "known_affected": [
          "T042696",
          "T045305",
          "T045307",
          "918766",
          "T047485",
          "T047484",
          "T032362"
        ]
      },
      "release_date": "2025-07-09T22:00:00.000+00:00",
      "title": "CVE-2025-52951"
    },
    {
      "cve": "CVE-2025-52952",
      "product_status": {
        "known_affected": [
          "T042696",
          "T045305",
          "T045307",
          "918766",
          "T047485",
          "T047484",
          "T032362"
        ]
      },
      "release_date": "2025-07-09T22:00:00.000+00:00",
      "title": "CVE-2025-52952"
    },
    {
      "cve": "CVE-2025-52953",
      "product_status": {
        "known_affected": [
          "T042696",
          "T045305",
          "T045307",
          "918766",
          "T047485",
          "T047484",
          "T032362"
        ]
      },
      "release_date": "2025-07-09T22:00:00.000+00:00",
      "title": "CVE-2025-52953"
    },
    {
      "cve": "CVE-2025-52954",
      "product_status": {
        "known_affected": [
          "T042696",
          "T045305",
          "T045307",
          "918766",
          "T047485",
          "T047484",
          "T032362"
        ]
      },
      "release_date": "2025-07-09T22:00:00.000+00:00",
      "title": "CVE-2025-52954"
    },
    {
      "cve": "CVE-2025-52955",
      "product_status": {
        "known_affected": [
          "T042696",
          "T045305",
          "T045307",
          "918766",
          "T047485",
          "T047484",
          "T032362"
        ]
      },
      "release_date": "2025-07-09T22:00:00.000+00:00",
      "title": "CVE-2025-52955"
    },
    {
      "cve": "CVE-2025-52958",
      "product_status": {
        "known_affected": [
          "T042696",
          "T045305",
          "T045307",
          "918766",
          "T047485",
          "T047484",
          "T032362"
        ]
      },
      "release_date": "2025-07-09T22:00:00.000+00:00",
      "title": "CVE-2025-52958"
    },
    {
      "cve": "CVE-2025-52963",
      "product_status": {
        "known_affected": [
          "T042696",
          "T045305",
          "T045307",
          "918766",
          "T047485",
          "T047484",
          "T032362"
        ]
      },
      "release_date": "2025-07-09T22:00:00.000+00:00",
      "title": "CVE-2025-52963"
    },
    {
      "cve": "CVE-2025-52964",
      "product_status": {
        "known_affected": [
          "T042696",
          "T045305",
          "T045307",
          "918766",
          "T047485",
          "T047484",
          "T032362"
        ]
      },
      "release_date": "2025-07-09T22:00:00.000+00:00",
      "title": "CVE-2025-52964"
    },
    {
      "cve": "CVE-2025-52980",
      "product_status": {
        "known_affected": [
          "T042696",
          "T045305",
          "T045307",
          "918766",
          "T047485",
          "T047484",
          "T032362"
        ]
      },
      "release_date": "2025-07-09T22:00:00.000+00:00",
      "title": "CVE-2025-52980"
    },
    {
      "cve": "CVE-2025-52981",
      "product_status": {
        "known_affected": [
          "T042696",
          "T045305",
          "T045307",
          "918766",
          "T047485",
          "T047484",
          "T032362"
        ]
      },
      "release_date": "2025-07-09T22:00:00.000+00:00",
      "title": "CVE-2025-52981"
    },
    {
      "cve": "CVE-2025-52982",
      "product_status": {
        "known_affected": [
          "T042696",
          "T045305",
          "T045307",
          "918766",
          "T047485",
          "T047484",
          "T032362"
        ]
      },
      "release_date": "2025-07-09T22:00:00.000+00:00",
      "title": "CVE-2025-52982"
    },
    {
      "cve": "CVE-2025-52983",
      "product_status": {
        "known_affected": [
          "T042696",
          "T045305",
          "T045307",
          "918766",
          "T047485",
          "T047484",
          "T032362"
        ]
      },
      "release_date": "2025-07-09T22:00:00.000+00:00",
      "title": "CVE-2025-52983"
    },
    {
      "cve": "CVE-2025-52984",
      "product_status": {
        "known_affected": [
          "T042696",
          "T045305",
          "T045307",
          "918766",
          "T047485",
          "T047484",
          "T032362"
        ]
      },
      "release_date": "2025-07-09T22:00:00.000+00:00",
      "title": "CVE-2025-52984"
    },
    {
      "cve": "CVE-2025-52985",
      "product_status": {
        "known_affected": [
          "T042696",
          "T045305",
          "T045307",
          "918766",
          "T047485",
          "T047484",
          "T032362"
        ]
      },
      "release_date": "2025-07-09T22:00:00.000+00:00",
      "title": "CVE-2025-52985"
    },
    {
      "cve": "CVE-2025-52986",
      "product_status": {
        "known_affected": [
          "T042696",
          "T045305",
          "T045307",
          "918766",
          "T047485",
          "T047484",
          "T032362"
        ]
      },
      "release_date": "2025-07-09T22:00:00.000+00:00",
      "title": "CVE-2025-52986"
    },
    {
      "cve": "CVE-2025-52988",
      "product_status": {
        "known_affected": [
          "T042696",
          "T045305",
          "T045307",
          "918766",
          "T047485",
          "T047484",
          "T032362"
        ]
      },
      "release_date": "2025-07-09T22:00:00.000+00:00",
      "title": "CVE-2025-52988"
    },
    {
      "cve": "CVE-2025-52989",
      "product_status": {
        "known_affected": [
          "T042696",
          "T045305",
          "T045307",
          "918766",
          "T047485",
          "T047484",
          "T032362"
        ]
      },
      "release_date": "2025-07-09T22:00:00.000+00:00",
      "title": "CVE-2025-52989"
    },
    {
      "cve": "CVE-2025-6549",
      "product_status": {
        "known_affected": [
          "T042696",
          "T045305",
          "T045307",
          "918766",
          "T047485",
          "T047484",
          "T032362"
        ]
      },
      "release_date": "2025-07-09T22:00:00.000+00:00",
      "title": "CVE-2025-6549"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-52964 (GCVE-0-2025-52964)

CERTFR-2025-AVI-0583

Solutions

CERTFR-2025-AVI-0583

Solutions

FKIE_CVE-2025-52964

GHSA-JRX6-PJGP-JH2Q

WID-SEC-W-2025-1519

Tags

Sightings

Nomenclature