Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-52984 (GCVE-0-2025-52984)
Vulnerability from cvelistv5 – Published: 2025-07-11 15:09 – Updated: 2025-07-15 19:55
VLAI?
EPSS
Title
Junos OS and Junos OS Evolved: When a static route points to a reject next-hop and a gNMI query for this route is processed, RPD crashes
Summary
A NULL Pointer Dereference vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause impact to the availability of the device.
When static route points to a reject next hop and a gNMI query is processed for that static route, rpd crashes and restarts.
This issue affects:
Junos OS: * all versions before 21.2R3-S9,
* 21.4 versions before 21.4R3-S10,
* 22.2 versions before 22.2R3-S6,
* 22.4 versions before 22.4R3-S6,
* 23.2 versions before 23.2R2-S3,
* 23.4 versions before 23.4R2-S4,
* 24.2 versions before 24.2R1-S2, 24.2R2;
Junos OS Evolved:
* all versions before 22.4R3-S7-EVO,
* 23.2-EVO
versions before 23.2R2-S3-EVO,
* 23.4-EVO versions before 23.4R2-S4-EVO,
* 24.2-EVO versions before 24.2R2-EVO.
Severity ?
CWE
- CWE-476 - NULL Pointer Dereference
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://supportportal.juniper.net/JSA100090 | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Juniper Networks | Junos OS |
Affected:
0 , < 21.2R3-S9
(semver)
Affected: 21.4 , < 21.4R3-S10 (semver) Affected: 22.2 , < 22.2R3-S6 (semver) Affected: 22.4 , < 22.4R3-S6 (semver) Affected: 23.2 , < 23.2R2-S3 (semver) Affected: 23.4 , < 23.4R2-S4 (semver) Affected: 24.2 , < 24.2R1-S2, 24.2R2 (semver) |
|
| Juniper Networks | Junos OS Evolved |
Affected:
0 , < 22.4R3-S7-EVO
(semver)
Affected: 23.2-EVO , < 23.2R2-S3-EVO (semver) Affected: 23.4-EVO , < 23.4R2-S4-EVO (semver) Affected: 24.2-EVO , < 24.2R2-EVO (semver) |
Date Public ?
2025-07-09 16:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-52984",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-11T16:04:49.396427Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-15T19:55:22.722Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "21.2R3-S9",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "21.4R3-S10",
"status": "affected",
"version": "21.4",
"versionType": "semver"
},
{
"lessThan": "22.2R3-S6",
"status": "affected",
"version": "22.2",
"versionType": "semver"
},
{
"lessThan": "22.4R3-S6",
"status": "affected",
"version": "22.4",
"versionType": "semver"
},
{
"lessThan": "23.2R2-S3",
"status": "affected",
"version": "23.2",
"versionType": "semver"
},
{
"lessThan": "23.4R2-S4",
"status": "affected",
"version": "23.4",
"versionType": "semver"
},
{
"lessThan": "24.2R1-S2, 24.2R2",
"status": "affected",
"version": "24.2",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Junos OS Evolved",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "22.4R3-S7-EVO",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "23.2R2-S3-EVO",
"status": "affected",
"version": "23.2-EVO",
"versionType": "semver"
},
{
"lessThan": "23.4R2-S4-EVO",
"status": "affected",
"version": "23.4-EVO",
"versionType": "semver"
},
{
"lessThan": "24.2R2-EVO",
"status": "affected",
"version": "24.2-EVO",
"versionType": "semver"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "To be exposed to this issue the system needs to be configured for GRPC:\u003cbr\u003e\u003ctt\u003e\u003cbr\u003e[ system services extension-service request-response grpc ]\u003cbr\u003e\u003c/tt\u003e\u003cbr\u003eand a static route needs to point to a reject next-hop as shown in the following example:\u003cbr\u003e\u003cbr\u003e\u003ctt\u003e\u003ctt\u003e[ routing-options static route 192.0.2.0/24 next-hop 198.51.100.1 resolve ]\n\u003cbr\u003e\u003ctt\u003e[ routing-options static route 198.51.100.1/32 reject]\u003c/tt\u003e\u003c/tt\u003e\u003c/tt\u003e"
}
],
"value": "To be exposed to this issue the system needs to be configured for GRPC:\n\n[ system services extension-service request-response grpc ]\n\nand a static route needs to point to a reject next-hop as shown in the following example:\n\n[ routing-options static route 192.0.2.0/24 next-hop 198.51.100.1 resolve ]\n\n[ routing-options static route 198.51.100.1/32 reject]"
}
],
"datePublic": "2025-07-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A NULL Pointer Dereference vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause impact to the availability of the device.\u003cbr\u003e\u003cbr\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eWhen static route points to a\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ereject\u003c/span\u003e\u0026nbsp;next hop and a gNMI query is processed for that static route,\u0026nbsp;\u003c/span\u003erpd crashes and restarts.\u003cbr\u003e\u003cbr\u003eThis issue affects:\u003cbr\u003e\u003cbr\u003eJunos OS:\u0026nbsp;\u003cul\u003e\u003cli\u003eall versions before 21.2R3-S9,\u003c/li\u003e\u003cli\u003e21.4 versions before 21.4R3-S10,\u0026nbsp;\u003c/li\u003e\u003cli\u003e22.2 versions before 22.2R3-S6,\u003c/li\u003e\u003cli\u003e22.4 versions before 22.4R3-S6,\u003c/li\u003e\u003cli\u003e23.2 versions before 23.2R2-S3,\u003c/li\u003e\u003cli\u003e23.4 versions before 23.4R2-S4,\u003c/li\u003e\u003cli\u003e24.2 versions before 24.2R1-S2, 24.2R2;\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eJunos OS Evolved:\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eall versions before 22.4R3-S7-EVO,\u003c/li\u003e\u003cli\u003e23.2\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e-EVO \u003c/span\u003e\n\n versions before 23.2R2-S3-EVO,\u003c/li\u003e\u003cli\u003e23.4-EVO versions before 23.4R2-S4-EVO,\u003c/li\u003e\u003cli\u003e24.2-EVO versions before 24.2R2-EVO.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "A NULL Pointer Dereference vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause impact to the availability of the device.\n\nWhen static route points to a\u00a0reject\u00a0next hop and a gNMI query is processed for that static route,\u00a0rpd crashes and restarts.\n\nThis issue affects:\n\nJunos OS:\u00a0 * all versions before 21.2R3-S9,\n * 21.4 versions before 21.4R3-S10,\u00a0\n * 22.2 versions before 22.2R3-S6,\n * 22.4 versions before 22.4R3-S6,\n * 23.2 versions before 23.2R2-S3,\n * 23.4 versions before 23.4R2-S4,\n * 24.2 versions before 24.2R1-S2, 24.2R2;\n\n\nJunos OS Evolved:\n\n\n\n * all versions before 22.4R3-S7-EVO,\n * 23.2-EVO \n\n versions before 23.2R2-S3-EVO,\n * 23.4-EVO versions before 23.4R2-S4-EVO,\n * 24.2-EVO versions before 24.2R2-EVO."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "AUTOMATIC",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:A/RE:M",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-11T15:09:37.765Z",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://supportportal.juniper.net/JSA100090"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The following software releases have been updated to resolve this specific issue:\u003cbr\u003eJunos OS Evolved: 22.4R3-S7-EVO, 23.2R2-S3-EVO, 23.4R2-S4-EVO, 24.2R2-EVO, 24.4R1-EVO, \n\nand all subsequent releases;\u003cbr\u003eJunos OS: 21.2R3-S9, 21.4R3-S10, 22.2R3-S6, 22.4R3-S6, 23.2R2-S3, 23.4R2-S4, 24.2R1-S2, 24.2R2, 24.4R1, and all subsequent releases."
}
],
"value": "The following software releases have been updated to resolve this specific issue:\nJunos OS Evolved: 22.4R3-S7-EVO, 23.2R2-S3-EVO, 23.4R2-S4-EVO, 24.2R2-EVO, 24.4R1-EVO, \n\nand all subsequent releases;\nJunos OS: 21.2R3-S9, 21.4R3-S10, 22.2R3-S6, 22.4R3-S6, 23.2R2-S3, 23.4R2-S4, 24.2R1-S2, 24.2R2, 24.4R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA100090",
"defect": [
"1809740"
],
"discovery": "INTERNAL"
},
"title": "Junos OS and Junos OS Evolved: When a static route points to a reject next-hop and a gNMI query for this route is processed, RPD crashes",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "There are no known workarounds for this issue.\u003cbr\u003eTo reduce the risk of exploitation use access lists or firewall filters to limit access to the device only from trusted, administrative networks or hosts, and configure authentication for grpc."
}
],
"value": "There are no known workarounds for this issue.\nTo reduce the risk of exploitation use access lists or firewall filters to limit access to the device only from trusted, administrative networks or hosts, and configure authentication for grpc."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2025-52984",
"datePublished": "2025-07-11T15:09:37.765Z",
"dateReserved": "2025-06-23T18:23:44.546Z",
"dateUpdated": "2025-07-15T19:55:22.722Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-52984",
"date": "2026-05-19",
"epss": "0.00304",
"percentile": "0.53769"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-52984\",\"sourceIdentifier\":\"sirt@juniper.net\",\"published\":\"2025-07-11T16:15:25.697\",\"lastModified\":\"2026-01-23T17:05:16.023\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A NULL Pointer Dereference vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause impact to the availability of the device.\\n\\nWhen static route points to a\u00a0reject\u00a0next hop and a gNMI query is processed for that static route,\u00a0rpd crashes and restarts.\\n\\nThis issue affects:\\n\\nJunos OS:\u00a0 * all versions before 21.2R3-S9,\\n * 21.4 versions before 21.4R3-S10,\u00a0\\n * 22.2 versions before 22.2R3-S6,\\n * 22.4 versions before 22.4R3-S6,\\n * 23.2 versions before 23.2R2-S3,\\n * 23.4 versions before 23.4R2-S4,\\n * 24.2 versions before 24.2R1-S2, 24.2R2;\\n\\n\\nJunos OS Evolved:\\n\\n\\n\\n * all versions before 22.4R3-S7-EVO,\\n * 23.2-EVO \\n\\n versions before 23.2R2-S3-EVO,\\n * 23.4-EVO versions before 23.4R2-S4-EVO,\\n * 24.2-EVO versions before 24.2R2-EVO.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de desreferencia de puntero nulo en el daemon de protocolo de enrutamiento (rpd) de Juniper Networks Junos OS y Junos OS Evolved permite que un atacante no autenticado basado en la red afecte la disponibilidad del dispositivo. Cuando una ruta est\u00e1tica apunta a un siguiente salto rechazado y se procesa una consulta gNMI para dicha ruta est\u00e1tica, rpd se bloquea y se reinicia. Este problema afecta a: Junos OS: * todas las versiones anteriores a 21.2R3-S9, * versiones 21.4 anteriores a 21.4R3-S10, * versiones 22.2 anteriores a 22.2R3-S6, * versiones 22.4 anteriores a 22.4R3-S6, * versiones 23.2 anteriores a 23.2R2-S3, * versiones 23.4 anteriores a 23.4R2-S4, * versiones 24.2 anteriores a 24.2R1-S2, 24.2R2; Junos OS Evolved: * todas las versiones anteriores a 22.4R3-S7-EVO, * versiones 23.2-EVO anteriores a 23.2R2-S3-EVO, * versiones 23.4-EVO anteriores a 23.4R2-S4-EVO, * versiones 24.2-EVO anteriores a 24.2R2-EVO.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:X/RE:M/U:X\",\"baseScore\":8.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"PRESENT\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"NONE\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"LOW\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"YES\",\"Recovery\":\"AUTOMATIC\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"MODERATE\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"21.2\",\"matchCriteriaId\":\"331C0F12-D9B9-483B-9EF0-28E48ED8346D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"216E7DDE-453D-481F-92E2-9F8466CDDA3F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A52AF794-B36B-43A6-82E9-628658624B0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3998DC76-F72F-4452-9150-652140B113EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"36ED4552-2420-45F9-B6E4-6DA2B2B12870\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"C28A14E7-7EA0-4757-9764-E39A27CFDFA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A43752D-A4AF-4B4E-B95B-192E42883A5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"42986538-E9D0-4C2E-B1C4-A763A4EE451B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE22CA01-EA7E-4EE5-B59F-EE100688C1DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E596ABD9-6ECD-48DC-B770-87B7E62EA345\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r3-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"71745D02-D226-44DC-91AD-678C85F5E6FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r3-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"39E44B09-7310-428C-8144-AE9DB0484D1F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r3-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"53938295-8999-4316-9DED-88E24D037852\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r3-s5:*:*:*:*:*:*\",\"matchCriteriaId\":\"2307BF56-640F-49A8-B060-6ACB0F653A61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r3-s6:*:*:*:*:*:*\",\"matchCriteriaId\":\"737DDF96-7B1D-44E2-AD0F-E2F50858B2A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r3-s7:*:*:*:*:*:*\",\"matchCriteriaId\":\"35E0BB39-18AE-4FAD-A528-FDFF6222DDE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r3-s8:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DCAA120-20A2-43D8-87D3-716225CE233F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"79ED3CE8-CC57-43AB-9A26-BBC87816062D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4310D2D9-A8A6-48F8-9384-0A0692A1E1C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9962B01C-C57C-4359-9532-676AB81CE8B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"62178549-B679-4902-BFDB-2993803B7FCE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"9AD697DF-9738-4276-94ED-7B9380CD09F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"09FF5818-0803-4646-A386-D7C645EE58A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"2229FA59-EB24-49A2-85CE-F529A8DE6BA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CB280D8-C5D8-4B51-A879-496ACCDE4538\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F3F54F1-75B3-400D-A735-2C27C8CEBE79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r3-s10:*:*:*:*:*:*\",\"matchCriteriaId\":\"521DE11A-805C-4727-AE9F-52272D515BC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"476A49E7-37E9-40F9-BF2D-9BBFFAA1DFFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r3-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A5B196A-2AF1-4AE5-9148-A75A572807BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r3-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B457616-2D91-4913-9A7D-038BBF8F1F66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r3-s5:*:*:*:*:*:*\",\"matchCriteriaId\":\"C470FB4E-A927-4AF3-ACB0-AD1E264218B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r3-s6:*:*:*:*:*:*\",\"matchCriteriaId\":\"44E98BC3-1D43-481A-AB09-FFA502C36AAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r3-s7:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A0DA88F-6C61-4FEA-ABF3-99F7DD43DB0B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r3-s8:*:*:*:*:*:*\",\"matchCriteriaId\":\"25B4FC60-140D-49EF-8011-A5888D8493B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r3-s9:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CB6507D-FFEF-44B4-B27B-0FA8B4A3B3D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"06156CD6-09D3-4A05-9C5E-BC64A70640F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E949B21B-AD62-4022-9088-06313277479E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D862E6F-0D01-4B25-8340-888C30F75A2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F28F73E-8563-41B9-A313-BBAAD5B57A67\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"E37D4694-C80B-475E-AB5B-BB431F59C5E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"5EC0D2D2-4922-4675-8A2C-57A08D7BE334\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.2:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EC91F9D-DEDA-46B4-A39F-59A2CDB86C2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.2:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"591AA3E6-62A2-4A1A-A04C-E808F71D8B6E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.2:r3-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"786F993E-32CB-492A-A7CC-A7E4F48EA8B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.2:r3-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"60CEA89D-BAC4-41CD-A1D1-AA5EDDEBD54A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.2:r3-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC449CC7-B2D6-41CB-8D6C-81DE89E79520\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.2:r3-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"05E47861-3311-45E2-A722-8CD7FFDC2DFD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.2:r3-s5:*:*:*:*:*:*\",\"matchCriteriaId\":\"748EAB0A-6B22-4098-8735-CC76BEAA9BB7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"1379EF30-AF04-4F98-8328-52A631F24737\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"28E42A41-7965-456B-B0AF-9D3229CE4D4C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB1A77D6-D3AD-481B-979C-8F778530B175\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A064B6B-A99B-4D8D-A62D-B00C7870BC30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"40813417-A938-4F74-A419-8C5188A35486\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FC1BA1A-DF0E-4B15-86BA-24C60E546732\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"EBB967BF-3495-476D-839A-9DBFCBE69F91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E5688D6-DCA4-4550-9CD1-A3D792252129\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:r3-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8494546C-00EA-49B6-B6FA-FDE42CA5B1FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:r3-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"8BB98579-FA33-4E41-A162-A46E9709FBD3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:r3-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"08E2562F-FB18-4347-8497-7D61B8157EBB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:r3-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"494D1D96-1DA2-4B0A-9536-1B5A4FDFCA09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.4:r3-s5:*:*:*:*:*:*\",\"matchCriteriaId\":\"60A1E37B-1990-44D9-87FE-300678243BE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A78CC80-E8B1-4CDA-BB35-A61833657FA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B3B2FE1-C228-46BE-AC76-70C2687050AE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.2:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1B16FF0-900F-4AEE-B670-A537139F6909\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.2:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"B227E831-30FF-4BE1-B8B2-31829A5610A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.2:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"1ADA814B-EF98-45B1-AF7A-0C89688F7CA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.2:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6FB32DF-D062-4FB9-8777-452978BEC7B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.2:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3B6C811-5C10-4486-849D-5559B592350A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"78481ABC-3620-410D-BC78-334657E0BB75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE8A5BA3-87BD-473A-B229-2AAB2C797005\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.4:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B74AC3E-8FC9-400A-A176-4F7F21F10756\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.4:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB2D1FCE-8019-4CE1-BA45-D62F91AF7B51\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.4:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"175CCB13-76C0-44A4-A71D-41E22B92EB23\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.4:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"166BFDB3-1945-4949-BC2B-E18442FF2E4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.4:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"5923610F-878C-48CA-8B5D-9C609E4DD4DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:23.4:r2-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7C207E3-0252-4192-8E8C-E2ED2831B4F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:24.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"89524D6D-0B22-4952-AD8E-8072C5A05D5C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:24.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD69A194-1B03-44EA-8092-79BD10C6F729\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:24.2:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8463ADB4-B8A7-4D63-97A9-232ED713A21C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:24.2:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"266B520A-482A-43F7-90F8-B9D64D30034F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"22.4\",\"matchCriteriaId\":\"A9925263-E7B7-49AA-8271-AF320F355B80\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A33C425-921F-4795-B834-608C8F1597E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"93887799-F62C-4A4A-BCF5-004D0B4D4154\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"62C473D2-2612-4480-82D8-8A24D0687BBD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FB4C5CA-A709-4B13-A9E0-372098A72AD3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.4:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"04CE952D-E3C1-4B34-9E65-EC52BFE887AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AE9D1A7-4721-4E1D-B965-FDC38126B1DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8643AA3-29EF-48A7-B033-CB60988E214B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.4:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"9800BA03-E6BF-4212-B2E7-69C0FD27D294\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"ACCA655D-C542-44F1-B183-4C864CFF2D4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D499B19-A91A-4B76-B1CB-6A07A4CB212B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6B2830C-26EE-446E-B0C3-B5E43AD897B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C7367E6-B491-4A1F-B9D7-BC86A15A0773\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s5:*:*:*:*:*:*\",\"matchCriteriaId\":\"72A89D1E-9EA4-4959-9F54-84F1F99A4ADB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s6:*:*:*:*:*:*\",\"matchCriteriaId\":\"01980CDF-A5CE-480D-BCED-BD5E29E4DE5F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DEAA7FD-385F-4221-907E-65ABC16BE4BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDEC008A-3137-48D1-8ABC-6DB0EFC40E50\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"558D234D-BC50-415F-86D6-8E19D6C3ACE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"33F4EEEE-77E9-4973-A770-99E7BA2F05F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.2:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4BB6910-B994-45FD-8153-5EC00EE842E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D657944B-2066-4F2C-BC92-EDF4DE1C165C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"75A58924-6348-44CF-AB39-1FCE17FE81AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D7F0D73-85EE-4A07-B51B-6BF52ECBA75E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE777A1F-9CD9-426E-AF1C-FBE01EB9A4A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.4:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7147BA60-30A5-4CED-9AAF-F6BEA0528B89\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.4:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E5CE59B-14B2-4F4C-81B5-0430EC954956\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.4:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB82B22F-9005-4EF0-A1E3-4261757783D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"0224D3F1-8B86-432C-8F5B-B4B7B69ADF31\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB2FE5FE-0ADE-406E-A23D-FDCC104B2496\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E58987A-D7B7-4FFF-9969-E8FD76AE2BE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:24.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DD89AAD-C615-42AF-B8AF-E6067862F0F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:24.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"28AFF11D-E418-4A76-B557-F60622602537\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:24.2:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A86A69D-2B90-4B3B-A6EC-88358284787D\"}]}]}],\"references\":[{\"url\":\"https://supportportal.juniper.net/JSA100090\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-52984\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-07-11T16:04:49.396427Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-07-11T16:04:50.512Z\"}}], \"cna\": {\"title\": \"Junos OS and Junos OS Evolved: When a static route points to a reject next-hop and a gNMI query for this route is processed, RPD crashes\", \"source\": {\"defect\": [\"1809740\"], \"advisory\": \"JSA100090\", \"discovery\": \"INTERNAL\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.9, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}, {\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"AUTOMATIC\", \"baseScore\": 8.2, \"Automatable\": \"YES\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:A/RE:M\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"PRESENT\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"NONE\", \"subAvailabilityImpact\": \"LOW\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"NONE\", \"vulnerabilityResponseEffort\": \"MODERATE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Juniper Networks\", \"product\": \"Junos OS\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"21.2R3-S9\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"21.4\", \"lessThan\": \"21.4R3-S10\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"22.2\", \"lessThan\": \"22.2R3-S6\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"22.4\", \"lessThan\": \"22.4R3-S6\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"23.2\", \"lessThan\": \"23.2R2-S3\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"23.4\", \"lessThan\": \"23.4R2-S4\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"24.2\", \"lessThan\": \"24.2R1-S2, 24.2R2\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Juniper Networks\", \"product\": \"Junos OS Evolved\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"22.4R3-S7-EVO\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"23.2-EVO\", \"lessThan\": \"23.2R2-S3-EVO\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"23.4-EVO\", \"lessThan\": \"23.4R2-S4-EVO\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"24.2-EVO\", \"lessThan\": \"24.2R2-EVO\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\", \"base64\": false}]}], \"solutions\": [{\"lang\": \"en\", \"value\": \"The following software releases have been updated to resolve this specific issue:\\nJunos OS Evolved: 22.4R3-S7-EVO, 23.2R2-S3-EVO, 23.4R2-S4-EVO, 24.2R2-EVO, 24.4R1-EVO, \\n\\nand all subsequent releases;\\nJunos OS: 21.2R3-S9, 21.4R3-S10, 22.2R3-S6, 22.4R3-S6, 23.2R2-S3, 23.4R2-S4, 24.2R1-S2, 24.2R2, 24.4R1, and all subsequent releases.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"The following software releases have been updated to resolve this specific issue:\u003cbr\u003eJunos OS Evolved: 22.4R3-S7-EVO, 23.2R2-S3-EVO, 23.4R2-S4-EVO, 24.2R2-EVO, 24.4R1-EVO, \\n\\nand all subsequent releases;\u003cbr\u003eJunos OS: 21.2R3-S9, 21.4R3-S10, 22.2R3-S6, 22.4R3-S6, 23.2R2-S3, 23.4R2-S4, 24.2R1-S2, 24.2R2, 24.4R1, and all subsequent releases.\", \"base64\": false}]}], \"datePublic\": \"2025-07-09T16:00:00.000Z\", \"references\": [{\"url\": \"https://supportportal.juniper.net/JSA100090\", \"tags\": [\"vendor-advisory\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"There are no known workarounds for this issue.\\nTo reduce the risk of exploitation use access lists or firewall filters to limit access to the device only from trusted, administrative networks or hosts, and configure authentication for grpc.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"There are no known workarounds for this issue.\u003cbr\u003eTo reduce the risk of exploitation use access lists or firewall filters to limit access to the device only from trusted, administrative networks or hosts, and configure authentication for grpc.\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A NULL Pointer Dereference vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause impact to the availability of the device.\\n\\nWhen static route points to a\\u00a0reject\\u00a0next hop and a gNMI query is processed for that static route,\\u00a0rpd crashes and restarts.\\n\\nThis issue affects:\\n\\nJunos OS:\\u00a0 * all versions before 21.2R3-S9,\\n * 21.4 versions before 21.4R3-S10,\\u00a0\\n * 22.2 versions before 22.2R3-S6,\\n * 22.4 versions before 22.4R3-S6,\\n * 23.2 versions before 23.2R2-S3,\\n * 23.4 versions before 23.4R2-S4,\\n * 24.2 versions before 24.2R1-S2, 24.2R2;\\n\\n\\nJunos OS Evolved:\\n\\n\\n\\n * all versions before 22.4R3-S7-EVO,\\n * 23.2-EVO \\n\\n versions before 23.2R2-S3-EVO,\\n * 23.4-EVO versions before 23.4R2-S4-EVO,\\n * 24.2-EVO versions before 24.2R2-EVO.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"A NULL Pointer Dereference vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause impact to the availability of the device.\u003cbr\u003e\u003cbr\u003e\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eWhen static route points to a\u0026nbsp;\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003ereject\u003c/span\u003e\u0026nbsp;next hop and a gNMI query is processed for that static route,\u0026nbsp;\u003c/span\u003erpd crashes and restarts.\u003cbr\u003e\u003cbr\u003eThis issue affects:\u003cbr\u003e\u003cbr\u003eJunos OS:\u0026nbsp;\u003cul\u003e\u003cli\u003eall versions before 21.2R3-S9,\u003c/li\u003e\u003cli\u003e21.4 versions before 21.4R3-S10,\u0026nbsp;\u003c/li\u003e\u003cli\u003e22.2 versions before 22.2R3-S6,\u003c/li\u003e\u003cli\u003e22.4 versions before 22.4R3-S6,\u003c/li\u003e\u003cli\u003e23.2 versions before 23.2R2-S3,\u003c/li\u003e\u003cli\u003e23.4 versions before 23.4R2-S4,\u003c/li\u003e\u003cli\u003e24.2 versions before 24.2R1-S2, 24.2R2;\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eJunos OS Evolved:\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eall versions before 22.4R3-S7-EVO,\u003c/li\u003e\u003cli\u003e23.2\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003e-EVO \u003c/span\u003e\\n\\n versions before 23.2R2-S3-EVO,\u003c/li\u003e\u003cli\u003e23.4-EVO versions before 23.4R2-S4-EVO,\u003c/li\u003e\u003cli\u003e24.2-EVO versions before 24.2R2-EVO.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-476\", \"description\": \"CWE-476 NULL Pointer Dereference\"}]}], \"configurations\": [{\"lang\": \"en\", \"value\": \"To be exposed to this issue the system needs to be configured for GRPC:\\n\\n[ system services extension-service request-response grpc ]\\n\\nand a static route needs to point to a reject next-hop as shown in the following example:\\n\\n[ routing-options static route 192.0.2.0/24 next-hop 198.51.100.1 resolve ]\\n\\n[ routing-options static route 198.51.100.1/32 reject]\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"To be exposed to this issue the system needs to be configured for GRPC:\u003cbr\u003e\u003ctt\u003e\u003cbr\u003e[ system services extension-service request-response grpc ]\u003cbr\u003e\u003c/tt\u003e\u003cbr\u003eand a static route needs to point to a reject next-hop as shown in the following example:\u003cbr\u003e\u003cbr\u003e\u003ctt\u003e\u003ctt\u003e[ routing-options static route 192.0.2.0/24 next-hop 198.51.100.1 resolve ]\\n\u003cbr\u003e\u003ctt\u003e[ routing-options static route 198.51.100.1/32 reject]\u003c/tt\u003e\u003c/tt\u003e\u003c/tt\u003e\", \"base64\": false}]}], \"providerMetadata\": {\"orgId\": \"8cbe9d5a-a066-4c94-8978-4b15efeae968\", \"shortName\": \"juniper\", \"dateUpdated\": \"2025-07-11T15:09:37.765Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-52984\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-07-15T19:55:22.722Z\", \"dateReserved\": \"2025-06-23T18:23:44.546Z\", \"assignerOrgId\": \"8cbe9d5a-a066-4c94-8978-4b15efeae968\", \"datePublished\": \"2025-07-11T15:09:37.765Z\", \"assignerShortName\": \"juniper\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
CERTFR-2025-AVI-0583
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Juniper Networks. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | Apstra | Apstra versions antérieures à 6.0.0 | ||
| Juniper Networks | Security Director | Security Director versions antérieures à 24.4.1-1703 | ||
| Juniper Networks | CTPView | CTPview versions antérieures à 9.3R2 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions antérieures à 21.4R3-S7-EVO, 22.2R3-S6-EVO, 22.2R3-S7-EVO, 22.3R3-S3-EVO, 22.4R3-S5-EVO, 22.4R3-S6-EVO, 22.4R3-S7-EVO, 23.2R2-EVO, 23.2R2-S1-EVO, 23.2R2-S3-EVO, 23.2R2-S4-EVO, 23.4R1-S2-EVO, 23.4R2-EVO, 23.4R2-S4-EVO, 23.4R2-S5-EVO, 24.2R1-EVO, 24.2R2-EVO, 24.2R2-S1-EVO, 24.4R1-EVO, 24.4R1-S2-EVO, 24.4R1-S3-EVO, 24.4R2-EVO, 25.1R1-EVO et 25.2R1-EVO | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 21.2R3-S9, 21.4R3-S10, 21.4R3-S11, 21.4R3-S7, 21.4R3-S8, 21.4R3-S9, 22.2R3-S1, 22.2R3-S4, 22.2R3-S5, 22.2R3-S6, 22.2R3-S7, 22.3R3-S3, 22.4R2, 22.4R3-S2, 22.4R3-S5, 22.4R3-S6, 22.4R3-S7, 23.2R1, 23.2R2, 23.2R2-S1, 23.2R2-S3, 23.2R2-S4, 23.4R1-S2, 23.4R2, 23.4R2-S3, 23.4R2-S4, 23.4R2-S5, 24.2R1, 24.2R1-S1, 24.2R1-S2, 24.2R2, 24.2R2-S1, 24.4R1, 24.4R1-S2, 24.4R1-S3, 24.4R2 et 25.2R1 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Apstra versions ant\u00e9rieures \u00e0 6.0.0",
"product": {
"name": "Apstra",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Security Director versions ant\u00e9rieures \u00e0 24.4.1-1703",
"product": {
"name": "Security Director",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "CTPview versions ant\u00e9rieures \u00e0 9.3R2",
"product": {
"name": "CTPView",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 21.4R3-S7-EVO, 22.2R3-S6-EVO, 22.2R3-S7-EVO, 22.3R3-S3-EVO, 22.4R3-S5-EVO, 22.4R3-S6-EVO, 22.4R3-S7-EVO, 23.2R2-EVO, 23.2R2-S1-EVO, 23.2R2-S3-EVO, 23.2R2-S4-EVO, 23.4R1-S2-EVO, 23.4R2-EVO, 23.4R2-S4-EVO, 23.4R2-S5-EVO, 24.2R1-EVO, 24.2R2-EVO, 24.2R2-S1-EVO, 24.4R1-EVO, 24.4R1-S2-EVO, 24.4R1-S3-EVO, 24.4R2-EVO, 25.1R1-EVO et 25.2R1-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 21.2R3-S9, 21.4R3-S10, 21.4R3-S11, 21.4R3-S7, 21.4R3-S8, 21.4R3-S9, 22.2R3-S1, 22.2R3-S4, 22.2R3-S5, 22.2R3-S6, 22.2R3-S7, 22.3R3-S3, 22.4R2, 22.4R3-S2, 22.4R3-S5, 22.4R3-S6, 22.4R3-S7, 23.2R1, 23.2R2, 23.2R2-S1, 23.2R2-S3, 23.2R2-S4, 23.4R1-S2, 23.4R2, 23.4R2-S3, 23.4R2-S4, 23.4R2-S5, 24.2R1, 24.2R1-S1, 24.2R1-S2, 24.2R2, 24.2R2-S1, 24.4R1, 24.4R1-S2, 24.4R1-S3, 24.4R2 et 25.2R1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-52984",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52984"
},
{
"name": "CVE-2020-10136",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10136"
},
{
"name": "CVE-2024-23918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23918"
},
{
"name": "CVE-2024-21820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21820"
},
{
"name": "CVE-2025-52950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52950"
},
{
"name": "CVE-2025-52983",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52983"
},
{
"name": "CVE-2025-52952",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52952"
},
{
"name": "CVE-2025-52963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52963"
},
{
"name": "CVE-2024-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
},
{
"name": "CVE-2025-26466",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26466"
},
{
"name": "CVE-2024-23984",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23984"
},
{
"name": "CVE-2025-52986",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52986"
},
{
"name": "CVE-2025-52988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52988"
},
{
"name": "CVE-2025-52949",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52949"
},
{
"name": "CVE-2025-6549",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6549"
},
{
"name": "CVE-2025-52954",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52954"
},
{
"name": "CVE-2024-7595",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7595"
},
{
"name": "CVE-2025-52947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52947"
},
{
"name": "CVE-2025-52958",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52958"
},
{
"name": "CVE-2025-52964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52964"
},
{
"name": "CVE-2025-52946",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52946"
},
{
"name": "CVE-2024-21853",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21853"
},
{
"name": "CVE-2025-52951",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52951"
},
{
"name": "CVE-2025-23019",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23019"
},
{
"name": "CVE-2025-52955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52955"
},
{
"name": "CVE-2025-23018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23018"
},
{
"name": "CVE-2025-52948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52948"
},
{
"name": "CVE-2025-52981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52981"
},
{
"name": "CVE-2024-24968",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24968"
},
{
"name": "CVE-2025-52953",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52953"
},
{
"name": "CVE-2025-52985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52985"
},
{
"name": "CVE-2025-52989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52989"
},
{
"name": "CVE-2025-52980",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52980"
},
{
"name": "CVE-2025-52982",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52982"
},
{
"name": "CVE-2025-30661",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30661"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0583",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-07-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Juniper Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper Networks",
"vendor_advisories": [
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52988",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Privilege-escalation-via-CLI-command-request-system-logout-CVE-2025-52988"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52963",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-A-low-privileged-user-can-disable-an-interface-CVE-2025-52963"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52958",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-When-route-validation-is-enabled-BGP-connection-establishment-failure-causes-RPD-crash-CVE-2025-52958"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52985",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-Evolved-When-a-control-plane-firewall-filter-refers-to-a-prefix-list-with-more-then-10-entries-it-s-not-matching-CVE-2025-52985"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52986",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-When-RIB-sharding-is-configured-each-time-a-show-command-is-executed-RPD-memory-leaks-CVE-2025-52986"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2024-3596",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Vulnerability-in-the-RADIUS-protocol-for-Subscriber-Management-Blast-RADIUS-CVE-2024-3596"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52989",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Annotate-configuration-command-can-be-used-for-privilege-escalation-CVE-2025-52989"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52981",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-SRX-Series-Sequence-of-specific-PIM-packets-causes-a-flowd-crash-CVE-2025-52981"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52983",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-After-removing-ssh-public-key-authentication-root-can-still-log-in-CVE-2025-52983"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52946",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-With-traceoptions-enabled-receipt-of-malformed-AS-PATH-causes-RPD-crash-CVE-2025-52946"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52954",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-Evolved-A-low-privileged-user-can-execute-CLI-commands-and-modify-the-configuration-compromise-the-system-CVE-2025-52954"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52953",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-An-unauthenticated-adjacent-attacker-sending-a-valid-BGP-UPDATE-packet-forces-a-BGP-session-reset-CVE-2025-52953"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52947",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-ACX-Series-When-hot-standby-mode-is-configured-for-an-L2-circuit-interface-flap-causes-the-FEB-to-crash"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52949",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-an-EVPN-environment-receipt-of-a-specifically-malformed-BGP-update-causes-RPD-crash-CVE-2025-52949"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks 2025-07-Security-Bulletin-Juniper-Apstra-Multiple-Vulnerabilities-resolved-in-Intel-microcode-package",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Juniper-Apstra-Multiple-Vulnerabilities-resolved-in-Intel-microcode-package"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-26466",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-CTPView-OpenSSH-vulnerability-CVE-2025-26466-resolved-in-9-3R2-release"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52955",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-When-jflow-sflow-is-enabled-receipt-of-specific-route-updates-causes-rpd-crash-CVE-2025-52955"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52952",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-MX-Series-with-MPC-BUILTIN-MPC-1-through-MPC-9-Receipt-and-processing-of-a-malformed-packet-causes-one-or-more-FPCs-to-crash-CVE-2025-52952"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-30661",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-Low-privileged-user-can-cause-script-to-run-as-root-leading-to-privilege-escalation-CVE-2025-30661"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52951",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-IPv6-firewall-filter-fails-to-match-payload-protocol-CVE-2025-52951"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52984",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-When-a-static-route-points-to-an-unreachable-next-hop-and-a-gNMI-query-for-this-route-is-processed-RPD-crashes-CVE-2025-52984"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52948",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-Specific-unknown-traffic-pattern-causes-FPC-and-system-to-crash-when-packet-capturing-is-enabled-CVE-2025-52948"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52964",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Junos-OS-and-Junos-OS-Evolved-Receipt-of-a-specific-BGP-UPDATE-causes-an-rpd-crash-on-devices-with-BGP-multipath-configured-CVE-2025-52964"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52982",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-MX-Series-When-specific-SIP-packets-are-processed-the-MS-MPC-will-crash-CVE-2025-52982"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52950",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Juniper-Security-Director-Insufficient-authorization-for-multiple-endpoints-in-web-interface-CVE-2025-52950"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52980",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-SRX300-Series-Upon-receiving-a-specific-valid-BGP-UPDATE-message-rpd-will-crash-CVE-2025-52980"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-6549",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-SRX-Series-J-Web-can-be-exposed-on-additional-interfaces-CVE-2025-6549"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks 2025-07-Security-Bulletin-Junos-OS-Evolved-Multiple-vulnerabilities-resolved-for-Insecure-Implementation-of-Tunneling-Protocols-GRE-IPIP-4in6-6in4-VU-199397",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-Evolved-Multiple-vulnerabilities-resolved-for-Insecure-Implementation-of-Tunneling-Protocols-GRE-IPIP-4in6-6in4-VU-199397"
}
]
}
CERTFR-2025-AVI-0583
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Juniper Networks. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | Apstra | Apstra versions antérieures à 6.0.0 | ||
| Juniper Networks | Security Director | Security Director versions antérieures à 24.4.1-1703 | ||
| Juniper Networks | CTPView | CTPview versions antérieures à 9.3R2 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions antérieures à 21.4R3-S7-EVO, 22.2R3-S6-EVO, 22.2R3-S7-EVO, 22.3R3-S3-EVO, 22.4R3-S5-EVO, 22.4R3-S6-EVO, 22.4R3-S7-EVO, 23.2R2-EVO, 23.2R2-S1-EVO, 23.2R2-S3-EVO, 23.2R2-S4-EVO, 23.4R1-S2-EVO, 23.4R2-EVO, 23.4R2-S4-EVO, 23.4R2-S5-EVO, 24.2R1-EVO, 24.2R2-EVO, 24.2R2-S1-EVO, 24.4R1-EVO, 24.4R1-S2-EVO, 24.4R1-S3-EVO, 24.4R2-EVO, 25.1R1-EVO et 25.2R1-EVO | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 21.2R3-S9, 21.4R3-S10, 21.4R3-S11, 21.4R3-S7, 21.4R3-S8, 21.4R3-S9, 22.2R3-S1, 22.2R3-S4, 22.2R3-S5, 22.2R3-S6, 22.2R3-S7, 22.3R3-S3, 22.4R2, 22.4R3-S2, 22.4R3-S5, 22.4R3-S6, 22.4R3-S7, 23.2R1, 23.2R2, 23.2R2-S1, 23.2R2-S3, 23.2R2-S4, 23.4R1-S2, 23.4R2, 23.4R2-S3, 23.4R2-S4, 23.4R2-S5, 24.2R1, 24.2R1-S1, 24.2R1-S2, 24.2R2, 24.2R2-S1, 24.4R1, 24.4R1-S2, 24.4R1-S3, 24.4R2 et 25.2R1 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Apstra versions ant\u00e9rieures \u00e0 6.0.0",
"product": {
"name": "Apstra",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Security Director versions ant\u00e9rieures \u00e0 24.4.1-1703",
"product": {
"name": "Security Director",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "CTPview versions ant\u00e9rieures \u00e0 9.3R2",
"product": {
"name": "CTPView",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 21.4R3-S7-EVO, 22.2R3-S6-EVO, 22.2R3-S7-EVO, 22.3R3-S3-EVO, 22.4R3-S5-EVO, 22.4R3-S6-EVO, 22.4R3-S7-EVO, 23.2R2-EVO, 23.2R2-S1-EVO, 23.2R2-S3-EVO, 23.2R2-S4-EVO, 23.4R1-S2-EVO, 23.4R2-EVO, 23.4R2-S4-EVO, 23.4R2-S5-EVO, 24.2R1-EVO, 24.2R2-EVO, 24.2R2-S1-EVO, 24.4R1-EVO, 24.4R1-S2-EVO, 24.4R1-S3-EVO, 24.4R2-EVO, 25.1R1-EVO et 25.2R1-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 21.2R3-S9, 21.4R3-S10, 21.4R3-S11, 21.4R3-S7, 21.4R3-S8, 21.4R3-S9, 22.2R3-S1, 22.2R3-S4, 22.2R3-S5, 22.2R3-S6, 22.2R3-S7, 22.3R3-S3, 22.4R2, 22.4R3-S2, 22.4R3-S5, 22.4R3-S6, 22.4R3-S7, 23.2R1, 23.2R2, 23.2R2-S1, 23.2R2-S3, 23.2R2-S4, 23.4R1-S2, 23.4R2, 23.4R2-S3, 23.4R2-S4, 23.4R2-S5, 24.2R1, 24.2R1-S1, 24.2R1-S2, 24.2R2, 24.2R2-S1, 24.4R1, 24.4R1-S2, 24.4R1-S3, 24.4R2 et 25.2R1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-52984",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52984"
},
{
"name": "CVE-2020-10136",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10136"
},
{
"name": "CVE-2024-23918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23918"
},
{
"name": "CVE-2024-21820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21820"
},
{
"name": "CVE-2025-52950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52950"
},
{
"name": "CVE-2025-52983",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52983"
},
{
"name": "CVE-2025-52952",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52952"
},
{
"name": "CVE-2025-52963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52963"
},
{
"name": "CVE-2024-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
},
{
"name": "CVE-2025-26466",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26466"
},
{
"name": "CVE-2024-23984",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23984"
},
{
"name": "CVE-2025-52986",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52986"
},
{
"name": "CVE-2025-52988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52988"
},
{
"name": "CVE-2025-52949",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52949"
},
{
"name": "CVE-2025-6549",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6549"
},
{
"name": "CVE-2025-52954",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52954"
},
{
"name": "CVE-2024-7595",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7595"
},
{
"name": "CVE-2025-52947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52947"
},
{
"name": "CVE-2025-52958",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52958"
},
{
"name": "CVE-2025-52964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52964"
},
{
"name": "CVE-2025-52946",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52946"
},
{
"name": "CVE-2024-21853",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21853"
},
{
"name": "CVE-2025-52951",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52951"
},
{
"name": "CVE-2025-23019",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23019"
},
{
"name": "CVE-2025-52955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52955"
},
{
"name": "CVE-2025-23018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23018"
},
{
"name": "CVE-2025-52948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52948"
},
{
"name": "CVE-2025-52981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52981"
},
{
"name": "CVE-2024-24968",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24968"
},
{
"name": "CVE-2025-52953",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52953"
},
{
"name": "CVE-2025-52985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52985"
},
{
"name": "CVE-2025-52989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52989"
},
{
"name": "CVE-2025-52980",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52980"
},
{
"name": "CVE-2025-52982",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52982"
},
{
"name": "CVE-2025-30661",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30661"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0583",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-07-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Juniper Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper Networks",
"vendor_advisories": [
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52988",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Privilege-escalation-via-CLI-command-request-system-logout-CVE-2025-52988"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52963",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-A-low-privileged-user-can-disable-an-interface-CVE-2025-52963"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52958",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-When-route-validation-is-enabled-BGP-connection-establishment-failure-causes-RPD-crash-CVE-2025-52958"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52985",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-Evolved-When-a-control-plane-firewall-filter-refers-to-a-prefix-list-with-more-then-10-entries-it-s-not-matching-CVE-2025-52985"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52986",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-When-RIB-sharding-is-configured-each-time-a-show-command-is-executed-RPD-memory-leaks-CVE-2025-52986"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2024-3596",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Vulnerability-in-the-RADIUS-protocol-for-Subscriber-Management-Blast-RADIUS-CVE-2024-3596"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52989",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Annotate-configuration-command-can-be-used-for-privilege-escalation-CVE-2025-52989"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52981",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-SRX-Series-Sequence-of-specific-PIM-packets-causes-a-flowd-crash-CVE-2025-52981"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52983",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-After-removing-ssh-public-key-authentication-root-can-still-log-in-CVE-2025-52983"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52946",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-With-traceoptions-enabled-receipt-of-malformed-AS-PATH-causes-RPD-crash-CVE-2025-52946"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52954",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-Evolved-A-low-privileged-user-can-execute-CLI-commands-and-modify-the-configuration-compromise-the-system-CVE-2025-52954"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52953",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-An-unauthenticated-adjacent-attacker-sending-a-valid-BGP-UPDATE-packet-forces-a-BGP-session-reset-CVE-2025-52953"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52947",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-ACX-Series-When-hot-standby-mode-is-configured-for-an-L2-circuit-interface-flap-causes-the-FEB-to-crash"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52949",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-an-EVPN-environment-receipt-of-a-specifically-malformed-BGP-update-causes-RPD-crash-CVE-2025-52949"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks 2025-07-Security-Bulletin-Juniper-Apstra-Multiple-Vulnerabilities-resolved-in-Intel-microcode-package",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Juniper-Apstra-Multiple-Vulnerabilities-resolved-in-Intel-microcode-package"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-26466",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-CTPView-OpenSSH-vulnerability-CVE-2025-26466-resolved-in-9-3R2-release"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52955",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-When-jflow-sflow-is-enabled-receipt-of-specific-route-updates-causes-rpd-crash-CVE-2025-52955"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52952",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-MX-Series-with-MPC-BUILTIN-MPC-1-through-MPC-9-Receipt-and-processing-of-a-malformed-packet-causes-one-or-more-FPCs-to-crash-CVE-2025-52952"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-30661",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-Low-privileged-user-can-cause-script-to-run-as-root-leading-to-privilege-escalation-CVE-2025-30661"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52951",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-IPv6-firewall-filter-fails-to-match-payload-protocol-CVE-2025-52951"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52984",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-When-a-static-route-points-to-an-unreachable-next-hop-and-a-gNMI-query-for-this-route-is-processed-RPD-crashes-CVE-2025-52984"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52948",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-Specific-unknown-traffic-pattern-causes-FPC-and-system-to-crash-when-packet-capturing-is-enabled-CVE-2025-52948"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52964",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Junos-OS-and-Junos-OS-Evolved-Receipt-of-a-specific-BGP-UPDATE-causes-an-rpd-crash-on-devices-with-BGP-multipath-configured-CVE-2025-52964"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52982",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-MX-Series-When-specific-SIP-packets-are-processed-the-MS-MPC-will-crash-CVE-2025-52982"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52950",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Juniper-Security-Director-Insufficient-authorization-for-multiple-endpoints-in-web-interface-CVE-2025-52950"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52980",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-SRX300-Series-Upon-receiving-a-specific-valid-BGP-UPDATE-message-rpd-will-crash-CVE-2025-52980"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-6549",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-SRX-Series-J-Web-can-be-exposed-on-additional-interfaces-CVE-2025-6549"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks 2025-07-Security-Bulletin-Junos-OS-Evolved-Multiple-vulnerabilities-resolved-for-Insecure-Implementation-of-Tunneling-Protocols-GRE-IPIP-4in6-6in4-VU-199397",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-Evolved-Multiple-vulnerabilities-resolved-for-Insecure-Implementation-of-Tunneling-Protocols-GRE-IPIP-4in6-6in4-VU-199397"
}
]
}
FKIE_CVE-2025-52984
Vulnerability from fkie_nvd - Published: 2025-07-11 16:15 - Updated: 2026-01-23 17:05
Severity ?
Summary
A NULL Pointer Dereference vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause impact to the availability of the device.
When static route points to a reject next hop and a gNMI query is processed for that static route, rpd crashes and restarts.
This issue affects:
Junos OS: * all versions before 21.2R3-S9,
* 21.4 versions before 21.4R3-S10,
* 22.2 versions before 22.2R3-S6,
* 22.4 versions before 22.4R3-S6,
* 23.2 versions before 23.2R2-S3,
* 23.4 versions before 23.4R2-S4,
* 24.2 versions before 24.2R1-S2, 24.2R2;
Junos OS Evolved:
* all versions before 22.4R3-S7-EVO,
* 23.2-EVO
versions before 23.2R2-S3-EVO,
* 23.4-EVO versions before 23.4R2-S4-EVO,
* 24.2-EVO versions before 24.2R2-EVO.
References
| URL | Tags | ||
|---|---|---|---|
| sirt@juniper.net | https://supportportal.juniper.net/JSA100090 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| juniper | junos | * | |
| juniper | junos | 21.2 | |
| juniper | junos | 21.2 | |
| juniper | junos | 21.2 | |
| juniper | junos | 21.2 | |
| juniper | junos | 21.2 | |
| juniper | junos | 21.2 | |
| juniper | junos | 21.2 | |
| juniper | junos | 21.2 | |
| juniper | junos | 21.2 | |
| juniper | junos | 21.2 | |
| juniper | junos | 21.2 | |
| juniper | junos | 21.2 | |
| juniper | junos | 21.2 | |
| juniper | junos | 21.2 | |
| juniper | junos | 21.2 | |
| juniper | junos | 21.2 | |
| juniper | junos | 21.4 | |
| juniper | junos | 21.4 | |
| juniper | junos | 21.4 | |
| juniper | junos | 21.4 | |
| juniper | junos | 21.4 | |
| juniper | junos | 21.4 | |
| juniper | junos | 21.4 | |
| juniper | junos | 21.4 | |
| juniper | junos | 21.4 | |
| juniper | junos | 21.4 | |
| juniper | junos | 21.4 | |
| juniper | junos | 21.4 | |
| juniper | junos | 21.4 | |
| juniper | junos | 21.4 | |
| juniper | junos | 21.4 | |
| juniper | junos | 21.4 | |
| juniper | junos | 21.4 | |
| juniper | junos | 21.4 | |
| juniper | junos | 22.2 | |
| juniper | junos | 22.2 | |
| juniper | junos | 22.2 | |
| juniper | junos | 22.2 | |
| juniper | junos | 22.2 | |
| juniper | junos | 22.2 | |
| juniper | junos | 22.2 | |
| juniper | junos | 22.2 | |
| juniper | junos | 22.2 | |
| juniper | junos | 22.2 | |
| juniper | junos | 22.2 | |
| juniper | junos | 22.2 | |
| juniper | junos | 22.2 | |
| juniper | junos | 22.4 | |
| juniper | junos | 22.4 | |
| juniper | junos | 22.4 | |
| juniper | junos | 22.4 | |
| juniper | junos | 22.4 | |
| juniper | junos | 22.4 | |
| juniper | junos | 22.4 | |
| juniper | junos | 22.4 | |
| juniper | junos | 22.4 | |
| juniper | junos | 22.4 | |
| juniper | junos | 22.4 | |
| juniper | junos | 22.4 | |
| juniper | junos | 22.4 | |
| juniper | junos | 23.2 | |
| juniper | junos | 23.2 | |
| juniper | junos | 23.2 | |
| juniper | junos | 23.2 | |
| juniper | junos | 23.2 | |
| juniper | junos | 23.2 | |
| juniper | junos | 23.2 | |
| juniper | junos | 23.4 | |
| juniper | junos | 23.4 | |
| juniper | junos | 23.4 | |
| juniper | junos | 23.4 | |
| juniper | junos | 23.4 | |
| juniper | junos | 23.4 | |
| juniper | junos | 23.4 | |
| juniper | junos | 23.4 | |
| juniper | junos | 24.2 | |
| juniper | junos | 24.2 | |
| juniper | junos | 24.2 | |
| juniper | junos | 24.2 | |
| juniper | junos_os_evolved | * | |
| juniper | junos_os_evolved | 22.4 | |
| juniper | junos_os_evolved | 22.4 | |
| juniper | junos_os_evolved | 22.4 | |
| juniper | junos_os_evolved | 22.4 | |
| juniper | junos_os_evolved | 22.4 | |
| juniper | junos_os_evolved | 22.4 | |
| juniper | junos_os_evolved | 22.4 | |
| juniper | junos_os_evolved | 22.4 | |
| juniper | junos_os_evolved | 22.4 | |
| juniper | junos_os_evolved | 22.4 | |
| juniper | junos_os_evolved | 22.4 | |
| juniper | junos_os_evolved | 22.4 | |
| juniper | junos_os_evolved | 22.4 | |
| juniper | junos_os_evolved | 22.4 | |
| juniper | junos_os_evolved | 23.2 | |
| juniper | junos_os_evolved | 23.2 | |
| juniper | junos_os_evolved | 23.2 | |
| juniper | junos_os_evolved | 23.2 | |
| juniper | junos_os_evolved | 23.2 | |
| juniper | junos_os_evolved | 23.2 | |
| juniper | junos_os_evolved | 23.2 | |
| juniper | junos_os_evolved | 23.4 | |
| juniper | junos_os_evolved | 23.4 | |
| juniper | junos_os_evolved | 23.4 | |
| juniper | junos_os_evolved | 23.4 | |
| juniper | junos_os_evolved | 23.4 | |
| juniper | junos_os_evolved | 23.4 | |
| juniper | junos_os_evolved | 23.4 | |
| juniper | junos_os_evolved | 23.4 | |
| juniper | junos_os_evolved | 24.2 | |
| juniper | junos_os_evolved | 24.2 | |
| juniper | junos_os_evolved | 24.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "331C0F12-D9B9-483B-9EF0-28E48ED8346D",
"versionEndExcluding": "21.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*",
"matchCriteriaId": "216E7DDE-453D-481F-92E2-9F8466CDDA3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "A52AF794-B36B-43A6-82E9-628658624B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "3998DC76-F72F-4452-9150-652140B113EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "36ED4552-2420-45F9-B6E4-6DA2B2B12870",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "C28A14E7-7EA0-4757-9764-E39A27CFDFA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "4A43752D-A4AF-4B4E-B95B-192E42883A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "42986538-E9D0-4C2E-B1C4-A763A4EE451B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "DE22CA01-EA7E-4EE5-B59F-EE100688C1DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "E596ABD9-6ECD-48DC-B770-87B7E62EA345",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "71745D02-D226-44DC-91AD-678C85F5E6FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "39E44B09-7310-428C-8144-AE9DB0484D1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "53938295-8999-4316-9DED-88E24D037852",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "2307BF56-640F-49A8-B060-6ACB0F653A61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s6:*:*:*:*:*:*",
"matchCriteriaId": "737DDF96-7B1D-44E2-AD0F-E2F50858B2A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s7:*:*:*:*:*:*",
"matchCriteriaId": "35E0BB39-18AE-4FAD-A528-FDFF6222DDE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s8:*:*:*:*:*:*",
"matchCriteriaId": "5DCAA120-20A2-43D8-87D3-716225CE233F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*",
"matchCriteriaId": "79ED3CE8-CC57-43AB-9A26-BBC87816062D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "9962B01C-C57C-4359-9532-676AB81CE8B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "62178549-B679-4902-BFDB-2993803B7FCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "9AD697DF-9738-4276-94ED-7B9380CD09F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "09FF5818-0803-4646-A386-D7C645EE58A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "2229FA59-EB24-49A2-85CE-F529A8DE6BA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "0CB280D8-C5D8-4B51-A879-496ACCDE4538",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "5F3F54F1-75B3-400D-A735-2C27C8CEBE79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s10:*:*:*:*:*:*",
"matchCriteriaId": "521DE11A-805C-4727-AE9F-52272D515BC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "476A49E7-37E9-40F9-BF2D-9BBFFAA1DFFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "0A5B196A-2AF1-4AE5-9148-A75A572807BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "3B457616-2D91-4913-9A7D-038BBF8F1F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "C470FB4E-A927-4AF3-ACB0-AD1E264218B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s6:*:*:*:*:*:*",
"matchCriteriaId": "44E98BC3-1D43-481A-AB09-FFA502C36AAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s7:*:*:*:*:*:*",
"matchCriteriaId": "1A0DA88F-6C61-4FEA-ABF3-99F7DD43DB0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s8:*:*:*:*:*:*",
"matchCriteriaId": "25B4FC60-140D-49EF-8011-A5888D8493B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s9:*:*:*:*:*:*",
"matchCriteriaId": "4CB6507D-FFEF-44B4-B27B-0FA8B4A3B3D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*",
"matchCriteriaId": "06156CD6-09D3-4A05-9C5E-BC64A70640F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "E949B21B-AD62-4022-9088-06313277479E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "8D862E6F-0D01-4B25-8340-888C30F75A2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "2F28F73E-8563-41B9-A313-BBAAD5B57A67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "E37D4694-C80B-475E-AB5B-BB431F59C5E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "5EC0D2D2-4922-4675-8A2C-57A08D7BE334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "9EC91F9D-DEDA-46B4-A39F-59A2CDB86C2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "591AA3E6-62A2-4A1A-A04C-E808F71D8B6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "786F993E-32CB-492A-A7CC-A7E4F48EA8B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "60CEA89D-BAC4-41CD-A1D1-AA5EDDEBD54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "BC449CC7-B2D6-41CB-8D6C-81DE89E79520",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "05E47861-3311-45E2-A722-8CD7FFDC2DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.2:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "748EAB0A-6B22-4098-8735-CC76BEAA9BB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:-:*:*:*:*:*:*",
"matchCriteriaId": "1379EF30-AF04-4F98-8328-52A631F24737",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "28E42A41-7965-456B-B0AF-9D3229CE4D4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "CB1A77D6-D3AD-481B-979C-8F778530B175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "3A064B6B-A99B-4D8D-A62D-B00C7870BC30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "40813417-A938-4F74-A419-8C5188A35486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "7FC1BA1A-DF0E-4B15-86BA-24C60E546732",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "EBB967BF-3495-476D-839A-9DBFCBE69F91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "7E5688D6-DCA4-4550-9CD1-A3D792252129",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "8494546C-00EA-49B6-B6FA-FDE42CA5B1FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "8BB98579-FA33-4E41-A162-A46E9709FBD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "08E2562F-FB18-4347-8497-7D61B8157EBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "494D1D96-1DA2-4B0A-9536-1B5A4FDFCA09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "60A1E37B-1990-44D9-87FE-300678243BE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.2:-:*:*:*:*:*:*",
"matchCriteriaId": "1A78CC80-E8B1-4CDA-BB35-A61833657FA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "4B3B2FE1-C228-46BE-AC76-70C2687050AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "F1B16FF0-900F-4AEE-B670-A537139F6909",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "B227E831-30FF-4BE1-B8B2-31829A5610A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "1ADA814B-EF98-45B1-AF7A-0C89688F7CA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "A6FB32DF-D062-4FB9-8777-452978BEC7B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "B3B6C811-5C10-4486-849D-5559B592350A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.4:-:*:*:*:*:*:*",
"matchCriteriaId": "78481ABC-3620-410D-BC78-334657E0BB75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "BE8A5BA3-87BD-473A-B229-2AAB2C797005",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "8B74AC3E-8FC9-400A-A176-4F7F21F10756",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "CB2D1FCE-8019-4CE1-BA45-D62F91AF7B51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "175CCB13-76C0-44A4-A71D-41E22B92EB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "166BFDB3-1945-4949-BC2B-E18442FF2E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "5923610F-878C-48CA-8B5D-9C609E4DD4DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:23.4:r2-s3:*:*:*:*:*:*",
"matchCriteriaId": "A7C207E3-0252-4192-8E8C-E2ED2831B4F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:24.2:-:*:*:*:*:*:*",
"matchCriteriaId": "89524D6D-0B22-4952-AD8E-8072C5A05D5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:24.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "AD69A194-1B03-44EA-8092-79BD10C6F729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:24.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "8463ADB4-B8A7-4D63-97A9-232ED713A21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:24.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "266B520A-482A-43F7-90F8-B9D64D30034F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A9925263-E7B7-49AA-8271-AF320F355B80",
"versionEndExcluding": "22.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:-:*:*:*:*:*:*",
"matchCriteriaId": "0A33C425-921F-4795-B834-608C8F1597E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "93887799-F62C-4A4A-BCF5-004D0B4D4154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "62C473D2-2612-4480-82D8-8A24D0687BBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "7FB4C5CA-A709-4B13-A9E0-372098A72AD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "04CE952D-E3C1-4B34-9E65-EC52BFE887AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "8AE9D1A7-4721-4E1D-B965-FDC38126B1DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "A8643AA3-29EF-48A7-B033-CB60988E214B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "9800BA03-E6BF-4212-B2E7-69C0FD27D294",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "ACCA655D-C542-44F1-B183-4C864CFF2D4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "6D499B19-A91A-4B76-B1CB-6A07A4CB212B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "B6B2830C-26EE-446E-B0C3-B5E43AD897B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "1C7367E6-B491-4A1F-B9D7-BC86A15A0773",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "72A89D1E-9EA4-4959-9F54-84F1F99A4ADB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s6:*:*:*:*:*:*",
"matchCriteriaId": "01980CDF-A5CE-480D-BCED-BD5E29E4DE5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:-:*:*:*:*:*:*",
"matchCriteriaId": "6DEAA7FD-385F-4221-907E-65ABC16BE4BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "DDEC008A-3137-48D1-8ABC-6DB0EFC40E50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "558D234D-BC50-415F-86D6-8E19D6C3ACE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "33F4EEEE-77E9-4973-A770-99E7BA2F05F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "A4BB6910-B994-45FD-8153-5EC00EE842E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "D657944B-2066-4F2C-BC92-EDF4DE1C165C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "75A58924-6348-44CF-AB39-1FCE17FE81AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:-:*:*:*:*:*:*",
"matchCriteriaId": "9D7F0D73-85EE-4A07-B51B-6BF52ECBA75E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "FE777A1F-9CD9-426E-AF1C-FBE01EB9A4A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "7147BA60-30A5-4CED-9AAF-F6BEA0528B89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "6E5CE59B-14B2-4F4C-81B5-0430EC954956",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "FB82B22F-9005-4EF0-A1E3-4261757783D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "0224D3F1-8B86-432C-8F5B-B4B7B69ADF31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "EB2FE5FE-0ADE-406E-A23D-FDCC104B2496",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s3:*:*:*:*:*:*",
"matchCriteriaId": "2E58987A-D7B7-4FFF-9969-E8FD76AE2BE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:24.2:-:*:*:*:*:*:*",
"matchCriteriaId": "0DD89AAD-C615-42AF-B8AF-E6067862F0F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:24.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "28AFF11D-E418-4A76-B557-F60622602537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:24.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "0A86A69D-2B90-4B3B-A6EC-88358284787D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A NULL Pointer Dereference vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause impact to the availability of the device.\n\nWhen static route points to a\u00a0reject\u00a0next hop and a gNMI query is processed for that static route,\u00a0rpd crashes and restarts.\n\nThis issue affects:\n\nJunos OS:\u00a0 * all versions before 21.2R3-S9,\n * 21.4 versions before 21.4R3-S10,\u00a0\n * 22.2 versions before 22.2R3-S6,\n * 22.4 versions before 22.4R3-S6,\n * 23.2 versions before 23.2R2-S3,\n * 23.4 versions before 23.4R2-S4,\n * 24.2 versions before 24.2R1-S2, 24.2R2;\n\n\nJunos OS Evolved:\n\n\n\n * all versions before 22.4R3-S7-EVO,\n * 23.2-EVO \n\n versions before 23.2R2-S3-EVO,\n * 23.4-EVO versions before 23.4R2-S4-EVO,\n * 24.2-EVO versions before 24.2R2-EVO."
},
{
"lang": "es",
"value": "Una vulnerabilidad de desreferencia de puntero nulo en el daemon de protocolo de enrutamiento (rpd) de Juniper Networks Junos OS y Junos OS Evolved permite que un atacante no autenticado basado en la red afecte la disponibilidad del dispositivo. Cuando una ruta est\u00e1tica apunta a un siguiente salto rechazado y se procesa una consulta gNMI para dicha ruta est\u00e1tica, rpd se bloquea y se reinicia. Este problema afecta a: Junos OS: * todas las versiones anteriores a 21.2R3-S9, * versiones 21.4 anteriores a 21.4R3-S10, * versiones 22.2 anteriores a 22.2R3-S6, * versiones 22.4 anteriores a 22.4R3-S6, * versiones 23.2 anteriores a 23.2R2-S3, * versiones 23.4 anteriores a 23.4R2-S4, * versiones 24.2 anteriores a 24.2R1-S2, 24.2R2; Junos OS Evolved: * todas las versiones anteriores a 22.4R3-S7-EVO, * versiones 23.2-EVO anteriores a 23.2R2-S3-EVO, * versiones 23.4-EVO anteriores a 23.4R2-S4-EVO, * versiones 24.2-EVO anteriores a 24.2R2-EVO."
}
],
"id": "CVE-2025-52984",
"lastModified": "2026-01-23T17:05:16.023",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "sirt@juniper.net",
"type": "Secondary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "YES",
"Recovery": "AUTOMATIC",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:X/RE:M/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "MODERATE"
},
"source": "sirt@juniper.net",
"type": "Secondary"
}
]
},
"published": "2025-07-11T16:15:25.697",
"references": [
{
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
],
"url": "https://supportportal.juniper.net/JSA100090"
}
],
"sourceIdentifier": "sirt@juniper.net",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "sirt@juniper.net",
"type": "Secondary"
}
]
}
GHSA-CF83-H37V-RJPM
Vulnerability from github – Published: 2025-07-11 18:30 – Updated: 2025-07-11 18:30
VLAI?
Details
A NULL Pointer Dereference vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause impact to the availability of the device.
When static route points to a reject next hop and a gNMI query is processed for that static route, rpd crashes and restarts.
This issue affects:
Junos OS: * all versions before 21.2R3-S9, * 21.4 versions before 21.4R3-S10, * 22.2 versions before 22.2R3-S6, * 22.4 versions before 22.4R3-S6, * 23.2 versions before 23.2R2-S3, * 23.4 versions before 23.4R2-S4, * 24.2 versions before 24.2R1-S2, 24.2R2;
Junos OS Evolved:
- all versions before 22.4R3-S7-EVO,
- 23.2-EVO
versions before 23.2R2-S3-EVO, * 23.4-EVO versions before 23.4R2-S4-EVO, * 24.2-EVO versions before 24.2R2-EVO.
Severity ?
{
"affected": [],
"aliases": [
"CVE-2025-52984"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-07-11T16:15:25Z",
"severity": "HIGH"
},
"details": "A NULL Pointer Dereference vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause impact to the availability of the device.\n\nWhen static route points to a\u00a0reject\u00a0next hop and a gNMI query is processed for that static route,\u00a0rpd crashes and restarts.\n\nThis issue affects:\n\nJunos OS:\u00a0 * all versions before 21.2R3-S9,\n * 21.4 versions before 21.4R3-S10,\u00a0\n * 22.2 versions before 22.2R3-S6,\n * 22.4 versions before 22.4R3-S6,\n * 23.2 versions before 23.2R2-S3,\n * 23.4 versions before 23.4R2-S4,\n * 24.2 versions before 24.2R1-S2, 24.2R2;\n\n\nJunos OS Evolved:\n\n\n\n * all versions before 22.4R3-S7-EVO,\n * 23.2-EVO \n\n versions before 23.2R2-S3-EVO,\n * 23.4-EVO versions before 23.4R2-S4-EVO,\n * 24.2-EVO versions before 24.2R2-EVO.",
"id": "GHSA-cf83-h37v-rjpm",
"modified": "2025-07-11T18:30:33Z",
"published": "2025-07-11T18:30:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52984"
},
{
"type": "WEB",
"url": "https://supportportal.juniper.net/JSA100090"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:X/RE:M/U:X",
"type": "CVSS_V4"
}
]
}
WID-SEC-W-2025-1519
Vulnerability from csaf_certbund - Published: 2025-07-09 22:00 - Updated: 2025-10-08 22:00Summary
Juniper JUNOS: Mehrere Schwachstellen ermöglichen Privilegieneskalation
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: JUNOS ist das "Juniper Network Operating System", das in Juniper Appliances verwendet wird.
Die Juniper MX-Serie ist eine Produktfamilie von Routern.
SRX Series Services Gateways ist ein Next-Generation Anti-Threat Firewall von Juniper.
Juniper Security Director ermöglicht die Verwaltung und Kontrolle von Sicherheitsrichtlinien für lokale Infrastrukturen über eine zentrale, webbasierte Benutzeroberfläche.
Angriff: Ein entfernter Angreifer kann mehrere Schwachstellen in Juniper JUNOS, Juniper MX Series, Juniper SRX Series und Juniper Security Director ausnutzen, um Daten zu manipulieren oder offenzulegen, Sicherheitsmaßnahmen zu umgehen, Code auszuführen, einen Denial of Service zu verursachen oder seine Privilegien zu erweitern.
Betroffene Betriebssysteme: - Juniper Appliance
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper JUNOS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:evolved
|
Evolved | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper Security Director
Juniper
|
cpe:/a:juniper:security_director:-
|
— | |
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper Junos Space <24.1R4
Juniper / Junos Space
|
<24.1R4 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper JUNOS
Juniper / JUNOS
|
cpe:/o:juniper:junos:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper JUNOS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:evolved
|
Evolved | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper Security Director
Juniper
|
cpe:/a:juniper:security_director:-
|
— | |
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper Junos Space <24.1R4
Juniper / Junos Space
|
<24.1R4 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper JUNOS
Juniper / JUNOS
|
cpe:/o:juniper:junos:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper JUNOS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:evolved
|
Evolved | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper Security Director
Juniper
|
cpe:/a:juniper:security_director:-
|
— | |
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper Junos Space <24.1R4
Juniper / Junos Space
|
<24.1R4 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper JUNOS
Juniper / JUNOS
|
cpe:/o:juniper:junos:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper JUNOS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:evolved
|
Evolved | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper Security Director
Juniper
|
cpe:/a:juniper:security_director:-
|
— | |
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper Junos Space <24.1R4
Juniper / Junos Space
|
<24.1R4 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper JUNOS
Juniper / JUNOS
|
cpe:/o:juniper:junos:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper JUNOS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:evolved
|
Evolved | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper Security Director
Juniper
|
cpe:/a:juniper:security_director:-
|
— | |
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper Junos Space <24.1R4
Juniper / Junos Space
|
<24.1R4 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper JUNOS
Juniper / JUNOS
|
cpe:/o:juniper:junos:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper JUNOS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:evolved
|
Evolved | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper Security Director
Juniper
|
cpe:/a:juniper:security_director:-
|
— | |
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper Junos Space <24.1R4
Juniper / Junos Space
|
<24.1R4 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper JUNOS
Juniper / JUNOS
|
cpe:/o:juniper:junos:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper JUNOS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:evolved
|
Evolved | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper Security Director
Juniper
|
cpe:/a:juniper:security_director:-
|
— | |
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper Junos Space <24.1R4
Juniper / Junos Space
|
<24.1R4 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper JUNOS
Juniper / JUNOS
|
cpe:/o:juniper:junos:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper JUNOS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:evolved
|
Evolved | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper Security Director
Juniper
|
cpe:/a:juniper:security_director:-
|
— | |
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper Junos Space <24.1R4
Juniper / Junos Space
|
<24.1R4 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper JUNOS
Juniper / JUNOS
|
cpe:/o:juniper:junos:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper JUNOS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:evolved
|
Evolved | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper Security Director
Juniper
|
cpe:/a:juniper:security_director:-
|
— | |
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper Junos Space <24.1R4
Juniper / Junos Space
|
<24.1R4 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper JUNOS
Juniper / JUNOS
|
cpe:/o:juniper:junos:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper JUNOS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:evolved
|
Evolved | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper Security Director
Juniper
|
cpe:/a:juniper:security_director:-
|
— | |
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper Junos Space <24.1R4
Juniper / Junos Space
|
<24.1R4 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper JUNOS
Juniper / JUNOS
|
cpe:/o:juniper:junos:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper JUNOS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:evolved
|
Evolved | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper Security Director
Juniper
|
cpe:/a:juniper:security_director:-
|
— | |
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper Junos Space <24.1R4
Juniper / Junos Space
|
<24.1R4 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper JUNOS
Juniper / JUNOS
|
cpe:/o:juniper:junos:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper JUNOS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:evolved
|
Evolved | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper Security Director
Juniper
|
cpe:/a:juniper:security_director:-
|
— | |
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper Junos Space <24.1R4
Juniper / Junos Space
|
<24.1R4 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper JUNOS
Juniper / JUNOS
|
cpe:/o:juniper:junos:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper JUNOS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:evolved
|
Evolved | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper Security Director
Juniper
|
cpe:/a:juniper:security_director:-
|
— | |
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper Junos Space <24.1R4
Juniper / Junos Space
|
<24.1R4 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper JUNOS
Juniper / JUNOS
|
cpe:/o:juniper:junos:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper JUNOS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:evolved
|
Evolved | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper Security Director
Juniper
|
cpe:/a:juniper:security_director:-
|
— | |
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper Junos Space <24.1R4
Juniper / Junos Space
|
<24.1R4 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper JUNOS
Juniper / JUNOS
|
cpe:/o:juniper:junos:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper JUNOS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:evolved
|
Evolved | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper Security Director
Juniper
|
cpe:/a:juniper:security_director:-
|
— | |
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper Junos Space <24.1R4
Juniper / Junos Space
|
<24.1R4 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper JUNOS
Juniper / JUNOS
|
cpe:/o:juniper:junos:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper JUNOS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:evolved
|
Evolved | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper Security Director
Juniper
|
cpe:/a:juniper:security_director:-
|
— | |
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper Junos Space <24.1R4
Juniper / Junos Space
|
<24.1R4 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper JUNOS
Juniper / JUNOS
|
cpe:/o:juniper:junos:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper JUNOS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:evolved
|
Evolved | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper Security Director
Juniper
|
cpe:/a:juniper:security_director:-
|
— | |
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper Junos Space <24.1R4
Juniper / Junos Space
|
<24.1R4 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper JUNOS
Juniper / JUNOS
|
cpe:/o:juniper:junos:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper JUNOS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:evolved
|
Evolved | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper Security Director
Juniper
|
cpe:/a:juniper:security_director:-
|
— | |
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper Junos Space <24.1R4
Juniper / Junos Space
|
<24.1R4 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper JUNOS
Juniper / JUNOS
|
cpe:/o:juniper:junos:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper JUNOS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:evolved
|
Evolved | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper Security Director
Juniper
|
cpe:/a:juniper:security_director:-
|
— | |
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper Junos Space <24.1R4
Juniper / Junos Space
|
<24.1R4 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper JUNOS
Juniper / JUNOS
|
cpe:/o:juniper:junos:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper JUNOS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:evolved
|
Evolved | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper Security Director
Juniper
|
cpe:/a:juniper:security_director:-
|
— | |
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper Junos Space <24.1R4
Juniper / Junos Space
|
<24.1R4 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper JUNOS
Juniper / JUNOS
|
cpe:/o:juniper:junos:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper JUNOS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:evolved
|
Evolved | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper Security Director
Juniper
|
cpe:/a:juniper:security_director:-
|
— | |
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper Junos Space <24.1R4
Juniper / Junos Space
|
<24.1R4 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper JUNOS
Juniper / JUNOS
|
cpe:/o:juniper:junos:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper JUNOS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:evolved
|
Evolved | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper Security Director
Juniper
|
cpe:/a:juniper:security_director:-
|
— | |
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper Junos Space <24.1R4
Juniper / Junos Space
|
<24.1R4 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper JUNOS
Juniper / JUNOS
|
cpe:/o:juniper:junos:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper JUNOS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:evolved
|
Evolved | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper Security Director
Juniper
|
cpe:/a:juniper:security_director:-
|
— | |
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper Junos Space <24.1R4
Juniper / Junos Space
|
<24.1R4 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper JUNOS
Juniper / JUNOS
|
cpe:/o:juniper:junos:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper JUNOS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:evolved
|
Evolved | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper Security Director
Juniper
|
cpe:/a:juniper:security_director:-
|
— | |
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper Junos Space <24.1R4
Juniper / Junos Space
|
<24.1R4 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper JUNOS
Juniper / JUNOS
|
cpe:/o:juniper:junos:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper JUNOS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:evolved
|
Evolved | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper Security Director
Juniper
|
cpe:/a:juniper:security_director:-
|
— | |
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper Junos Space <24.1R4
Juniper / Junos Space
|
<24.1R4 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper JUNOS
Juniper / JUNOS
|
cpe:/o:juniper:junos:-
|
— |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Juniper JUNOS Evolved
Juniper / JUNOS
|
cpe:/o:juniper:junos:evolved
|
Evolved | |
|
Juniper SRX Series
Juniper
|
cpe:/h:juniper:srx_service_gateways:-
|
— | |
|
Juniper Security Director
Juniper
|
cpe:/a:juniper:security_director:-
|
— | |
|
Juniper MX Series
Juniper
|
cpe:/h:juniper:mx:-
|
— | |
|
Juniper Junos Space <24.1R4
Juniper / Junos Space
|
<24.1R4 | ||
|
Juniper Junos Space Security Director <24.1R4
Juniper / Junos Space
|
Security Director <24.1R4 | ||
|
Juniper JUNOS
Juniper / JUNOS
|
cpe:/o:juniper:junos:-
|
— |
References
34 references
| URL | Category |
|---|---|
| https://wid.cert-bund.de/.well-known/csaf/white/2… | self |
| https://wid.cert-bund.de/portal/wid/securityadvis… | self |
| https://supportportal.juniper.net/s/global-search… | external |
| https://supportportal.juniper.net/s/article/2025-… | external |
| https://supportportal.juniper.net/s/article/2025-… | external |
| https://supportportal.juniper.net/s/article/2025-… | external |
| https://supportportal.juniper.net/s/article/2025-… | external |
| https://supportportal.juniper.net/s/article/2025-… | external |
| https://supportportal.juniper.net/s/article/2025-… | external |
| https://supportportal.juniper.net/s/article/2025-… | external |
| https://supportportal.juniper.net/s/article/2025-… | external |
| https://supportportal.juniper.net/s/article/2025-… | external |
| https://supportportal.juniper.net/s/article/2025-… | external |
| https://supportportal.juniper.net/s/article/2025-… | external |
| https://supportportal.juniper.net/s/article/2025-… | external |
| https://supportportal.juniper.net/s/article/2025-… | external |
| https://supportportal.juniper.net/s/article/2025-… | external |
| https://supportportal.juniper.net/s/article/2025-… | external |
| https://supportportal.juniper.net/s/article/2025-… | external |
| https://supportportal.juniper.net/s/article/2025-… | external |
| https://supportportal.juniper.net/s/article/2025-… | external |
| https://supportportal.juniper.net/s/article/2025-… | external |
| https://supportportal.juniper.net/s/article/2025-… | external |
| https://supportportal.juniper.net/s/article/2025-… | external |
| https://supportportal.juniper.net/s/article/2025-… | external |
| https://supportportal.juniper.net/s/article/2025-… | external |
| https://supportportal.juniper.net/s/article/2025-… | external |
| https://supportportal.juniper.net/s/article/2025-… | external |
| https://supportportal.juniper.net/s/article/2025-… | external |
| https://supportportal.juniper.net/s/article/2025-… | external |
| https://supportportal.juniper.net/s/article/2025-… | external |
| https://supportportal.juniper.net/s/article/2025-… | external |
| https://supportportal.juniper.net/s/article/2025-… | external |
| https://supportportal.juniper.net/s/article/2025-… | external |
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "JUNOS ist das \"Juniper Network Operating System\", das in Juniper Appliances verwendet wird.\r\nDie Juniper MX-Serie ist eine Produktfamilie von Routern.\r\nSRX Series Services Gateways ist ein Next-Generation Anti-Threat Firewall von Juniper.\r\nJuniper Security Director erm\u00f6glicht die Verwaltung und Kontrolle von Sicherheitsrichtlinien f\u00fcr lokale Infrastrukturen \u00fcber eine zentrale, webbasierte Benutzeroberfl\u00e4che.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter Angreifer kann mehrere Schwachstellen in Juniper JUNOS, Juniper MX Series, Juniper SRX Series und Juniper Security Director ausnutzen, um Daten zu manipulieren oder offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, Code auszuf\u00fchren, einen Denial of Service zu verursachen oder seine Privilegien zu erweitern.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Juniper Appliance",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-1519 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1519.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-1519 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1519"
},
{
"category": "external",
"summary": "Juniper Security Advisories vom 2025-07-09",
"url": "https://supportportal.juniper.net/s/global-search/%40uri?language=en_US#sortCriteria=date%20descending\u0026f-sf_primarysourcename=Knowledge\u0026f-sf_articletype=Security%20Advisories\u0026numberOfResults=30"
},
{
"category": "external",
"summary": "Juniper Security Bulletin CVE-2024-3596 vom 2025-07-09",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Vulnerability-in-the-RADIUS-protocol-for-Subscriber-Management-Blast-RADIUS-CVE-2024-3596"
},
{
"category": "external",
"summary": "Juniper Security Bulletin CVE-2025-26466-resolved-in-9-3R2-release vom 2025-07-09",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-CTPView-OpenSSH-vulnerability-CVE-2025-26466-resolved-in-9-3R2-release"
},
{
"category": "external",
"summary": "Juniper Security Bulletin CVE-2025-30661 vom 2025-07-09",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-Low-privileged-user-can-cause-script-to-run-as-root-leading-to-privilege-escalation-CVE-2025-30661"
},
{
"category": "external",
"summary": "Juniper Security Bulletin CVE-2025-52946 vom 2025-07-09",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-With-traceoptions-enabled-receipt-of-malformed-AS-PATH-causes-RPD-crash-CVE-2025-52946"
},
{
"category": "external",
"summary": "Juniper Security Bulletin CVE-2025-52947 vom 2025-07-09",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-ACX-Series-When-hot-standby-mode-is-configured-for-an-L2-circuit-interface-flap-causes-the-FEB-to-crash"
},
{
"category": "external",
"summary": "Juniper Security Bulletin CVE-2025-52948 vom 2025-07-09",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-Specific-unknown-traffic-pattern-causes-FPC-and-system-to-crash-when-packet-capturing-is-enabled-CVE-2025-52948"
},
{
"category": "external",
"summary": "Juniper Security Bulletin CVE-2025-52949 vom 2025-07-09",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-an-EVPN-environment-receipt-of-a-specifically-malformed-BGP-update-causes-RPD-crash-CVE-2025-52949"
},
{
"category": "external",
"summary": "Juniper Security Bulletin CVE-2025-52950 vom 2025-07-09",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Juniper-Security-Director-Insufficient-authorization-for-multiple-endpoints-in-web-interface-CVE-2025-52950"
},
{
"category": "external",
"summary": "Juniper Security Bulletin CVE-2025-52951 vom 2025-07-09",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-IPv6-firewall-filter-fails-to-match-payload-protocol-CVE-2025-52951"
},
{
"category": "external",
"summary": "Juniper Security Bulletin CVE-2025-52952 vom 2025-07-09",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-MX-Series-with-MPC-BUILTIN-MPC-1-through-MPC-9-Receipt-and-processing-of-a-malformed-packet-causes-one-or-more-FPCs-to-crash-CVE-2025-52952"
},
{
"category": "external",
"summary": "Juniper Security Bulletin CVE-2025-52953 vom 2025-07-09",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-An-unauthenticated-adjacent-attacker-sending-a-valid-BGP-UPDATE-packet-forces-a-BGP-session-reset-CVE-2025-52953"
},
{
"category": "external",
"summary": "Juniper Security Bulletin CVE-2025-52954 vom 2025-07-09",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-Evolved-A-low-privileged-user-can-execute-CLI-commands-and-modify-the-configuration-compromise-the-system-CVE-2025-52954"
},
{
"category": "external",
"summary": "Juniper Security Bulletin CVE-2025-52955 vom 2025-07-09",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-When-jflow-sflow-is-enabled-receipt-of-specific-route-updates-causes-rpd-crash-CVE-2025-52955"
},
{
"category": "external",
"summary": "Juniper Security Bulletin CVE-2025-52958 vom 2025-07-09",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-When-route-validation-is-enabled-BGP-connection-establishment-failure-causes-RPD-crash-CVE-2025-52958"
},
{
"category": "external",
"summary": "Juniper Security Bulletin CVE-2025-52963 vom 2025-07-09",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-A-low-privileged-user-can-disable-an-interface-CVE-2025-52963"
},
{
"category": "external",
"summary": "Juniper Security Bulletin CVE-2025-52964 vom 2025-07-09",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Junos-OS-and-Junos-OS-Evolved-Receipt-of-a-specific-BGP-UPDATE-causes-an-rpd-crash-on-devices-with-BGP-multipath-configured-CVE-2025-52964"
},
{
"category": "external",
"summary": "Juniper Security Bulletin CVE-2025-52980 vom 2025-07-09",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-SRX300-Series-Upon-receiving-a-specific-valid-BGP-UPDATE-message-rpd-will-crash-CVE-2025-52980"
},
{
"category": "external",
"summary": "Juniper Security Bulletin CVE-2025-52981 vom 2025-07-09",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-SRX-Series-Sequence-of-specific-PIM-packets-causes-a-flowd-crash-CVE-2025-52981"
},
{
"category": "external",
"summary": "Juniper Security Bulletin CVE-2025-52982 vom 2025-07-09",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-MX-Series-When-specific-SIP-packets-are-processed-the-MS-MPC-will-crash-CVE-2025-52982"
},
{
"category": "external",
"summary": "Juniper Security Bulletin CVE-2025-52983 vom 2025-07-09",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-After-removing-ssh-public-key-authentication-root-can-still-log-in-CVE-2025-52983"
},
{
"category": "external",
"summary": "Juniper Security Bulletin CVE-2025-52984 vom 2025-07-09",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-When-a-static-route-points-to-an-unreachable-next-hop-and-a-gNMI-query-for-this-route-is-processed-RPD-crashes-CVE-2025-52984"
},
{
"category": "external",
"summary": "Juniper Security Bulletin CVE-2025-52985 vom 2025-07-09",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-Evolved-When-a-control-plane-firewall-filter-refers-to-a-prefix-list-with-more-then-10-entries-it-s-not-matching-CVE-2025-52985"
},
{
"category": "external",
"summary": "Juniper Security Bulletin CVE-2025-52986 vom 2025-07-09",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-When-RIB-sharding-is-configured-each-time-a-show-command-is-executed-RPD-memory-leaks-CVE-2025-52986"
},
{
"category": "external",
"summary": "Juniper Security Bulletin CVE-2025-52988 vom 2025-07-09",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Privilege-escalation-via-CLI-command-request-system-logout-CVE-2025-52988"
},
{
"category": "external",
"summary": "Juniper Security Bulletin CVE-2025-52989 vom 2025-07-09",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Annotate-configuration-command-can-be-used-for-privilege-escalation-CVE-2025-52989"
},
{
"category": "external",
"summary": "Juniper Security Bulletin CVE-2025-6549 vom 2025-07-09",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-SRX-Series-J-Web-can-be-exposed-on-additional-interfaces-CVE-2025-6549"
},
{
"category": "external",
"summary": "Juniper Security Bulletin VU#199397 vom 2025-07-09",
"url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-Evolved-Multiple-vulnerabilities-resolved-for-Insecure-Implementation-of-Tunneling-Protocols-GRE-IPIP-4in6-6in4-VU-199397"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA103141 vom 2024-10-08",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-24-1R4-release"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA103139 vom 2024-10-08",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Security-Director-Multiple-vulnerabilities-resolved-in-24-1R4"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA103138 vom 2024-10-08",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Security-Director-Multiple-vulnerabilities-resolved-in-24-1R4-by-upgrading-Log4j-Java-library-to-2-23-1-and-ElasticSearch-to-6-8-17"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA103140 vom 2024-10-08",
"url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Multiple-XSS-vulnerabilities-resolved-in-24-1R4-release"
}
],
"source_lang": "en-US",
"title": "Juniper JUNOS: Mehrere Schwachstellen erm\u00f6glichen Privilegieneskalation",
"tracking": {
"current_release_date": "2025-10-08T22:00:00.000+00:00",
"generator": {
"date": "2025-10-09T07:29:59.775+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-1519",
"initial_release_date": "2025-07-09T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-07-09T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-07-13T22:00:00.000+00:00",
"number": "2",
"summary": "Referenz(en) aufgenommen: EUVD-2025-21162, EUVD-2025-21161, EUVD-2025-21160, EUVD-2025-21158, EUVD-2025-21157, EUVD-2025-21165, EUVD-2025-21167, EUVD-2025-21156, EUVD-2025-21155, EUVD-2025-21166, EUVD-2025-21163"
},
{
"date": "2025-10-08T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Juniper aufgenommen"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Juniper JUNOS",
"product": {
"name": "Juniper JUNOS",
"product_id": "T032362",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:-"
}
}
},
{
"category": "product_version",
"name": "Evolved",
"product": {
"name": "Juniper JUNOS Evolved",
"product_id": "T042696",
"product_identification_helper": {
"cpe": "cpe:/o:juniper:junos:evolved"
}
}
}
],
"category": "product_name",
"name": "JUNOS"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Security Director \u003c24.1R4",
"product": {
"name": "Juniper Junos Space Security Director \u003c24.1R4",
"product_id": "T047484"
}
},
{
"category": "product_version",
"name": "Security Director 24.1R4",
"product": {
"name": "Juniper Junos Space Security Director 24.1R4",
"product_id": "T047484-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:juniper:junos_space:24.1r4::security_director"
}
}
},
{
"category": "product_version_range",
"name": "\u003c24.1R4",
"product": {
"name": "Juniper Junos Space \u003c24.1R4",
"product_id": "T047485"
}
},
{
"category": "product_version",
"name": "24.1R4",
"product": {
"name": "Juniper Junos Space 24.1R4",
"product_id": "T047485-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:juniper:junos_space:24.1r4"
}
}
}
],
"category": "product_name",
"name": "Junos Space"
},
{
"category": "product_name",
"name": "Juniper MX Series",
"product": {
"name": "Juniper MX Series",
"product_id": "918766",
"product_identification_helper": {
"cpe": "cpe:/h:juniper:mx:-"
}
}
},
{
"category": "product_name",
"name": "Juniper SRX Series",
"product": {
"name": "Juniper SRX Series",
"product_id": "T045305",
"product_identification_helper": {
"cpe": "cpe:/h:juniper:srx_service_gateways:-"
}
}
},
{
"category": "product_name",
"name": "Juniper Security Director",
"product": {
"name": "Juniper Security Director",
"product_id": "T045307",
"product_identification_helper": {
"cpe": "cpe:/a:juniper:security_director:-"
}
}
}
],
"category": "vendor",
"name": "Juniper"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-3596",
"product_status": {
"known_affected": [
"T042696",
"T045305",
"T045307",
"918766",
"T047485",
"T047484",
"T032362"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2024-3596"
},
{
"cve": "CVE-2025-26466",
"product_status": {
"known_affected": [
"T042696",
"T045305",
"T045307",
"918766",
"T047485",
"T047484",
"T032362"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-26466"
},
{
"cve": "CVE-2025-30661",
"product_status": {
"known_affected": [
"T042696",
"T045305",
"T045307",
"918766",
"T047485",
"T047484",
"T032362"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-30661"
},
{
"cve": "CVE-2025-52946",
"product_status": {
"known_affected": [
"T042696",
"T045305",
"T045307",
"918766",
"T047485",
"T047484",
"T032362"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-52946"
},
{
"cve": "CVE-2025-52947",
"product_status": {
"known_affected": [
"T042696",
"T045305",
"T045307",
"918766",
"T047485",
"T047484",
"T032362"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-52947"
},
{
"cve": "CVE-2025-52948",
"product_status": {
"known_affected": [
"T042696",
"T045305",
"T045307",
"918766",
"T047485",
"T047484",
"T032362"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-52948"
},
{
"cve": "CVE-2025-52949",
"product_status": {
"known_affected": [
"T042696",
"T045305",
"T045307",
"918766",
"T047485",
"T047484",
"T032362"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-52949"
},
{
"cve": "CVE-2025-52950",
"product_status": {
"known_affected": [
"T042696",
"T045305",
"T045307",
"918766",
"T047485",
"T047484",
"T032362"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-52950"
},
{
"cve": "CVE-2025-52951",
"product_status": {
"known_affected": [
"T042696",
"T045305",
"T045307",
"918766",
"T047485",
"T047484",
"T032362"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-52951"
},
{
"cve": "CVE-2025-52952",
"product_status": {
"known_affected": [
"T042696",
"T045305",
"T045307",
"918766",
"T047485",
"T047484",
"T032362"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-52952"
},
{
"cve": "CVE-2025-52953",
"product_status": {
"known_affected": [
"T042696",
"T045305",
"T045307",
"918766",
"T047485",
"T047484",
"T032362"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-52953"
},
{
"cve": "CVE-2025-52954",
"product_status": {
"known_affected": [
"T042696",
"T045305",
"T045307",
"918766",
"T047485",
"T047484",
"T032362"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-52954"
},
{
"cve": "CVE-2025-52955",
"product_status": {
"known_affected": [
"T042696",
"T045305",
"T045307",
"918766",
"T047485",
"T047484",
"T032362"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-52955"
},
{
"cve": "CVE-2025-52958",
"product_status": {
"known_affected": [
"T042696",
"T045305",
"T045307",
"918766",
"T047485",
"T047484",
"T032362"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-52958"
},
{
"cve": "CVE-2025-52963",
"product_status": {
"known_affected": [
"T042696",
"T045305",
"T045307",
"918766",
"T047485",
"T047484",
"T032362"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-52963"
},
{
"cve": "CVE-2025-52964",
"product_status": {
"known_affected": [
"T042696",
"T045305",
"T045307",
"918766",
"T047485",
"T047484",
"T032362"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-52964"
},
{
"cve": "CVE-2025-52980",
"product_status": {
"known_affected": [
"T042696",
"T045305",
"T045307",
"918766",
"T047485",
"T047484",
"T032362"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-52980"
},
{
"cve": "CVE-2025-52981",
"product_status": {
"known_affected": [
"T042696",
"T045305",
"T045307",
"918766",
"T047485",
"T047484",
"T032362"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-52981"
},
{
"cve": "CVE-2025-52982",
"product_status": {
"known_affected": [
"T042696",
"T045305",
"T045307",
"918766",
"T047485",
"T047484",
"T032362"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-52982"
},
{
"cve": "CVE-2025-52983",
"product_status": {
"known_affected": [
"T042696",
"T045305",
"T045307",
"918766",
"T047485",
"T047484",
"T032362"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-52983"
},
{
"cve": "CVE-2025-52984",
"product_status": {
"known_affected": [
"T042696",
"T045305",
"T045307",
"918766",
"T047485",
"T047484",
"T032362"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-52984"
},
{
"cve": "CVE-2025-52985",
"product_status": {
"known_affected": [
"T042696",
"T045305",
"T045307",
"918766",
"T047485",
"T047484",
"T032362"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-52985"
},
{
"cve": "CVE-2025-52986",
"product_status": {
"known_affected": [
"T042696",
"T045305",
"T045307",
"918766",
"T047485",
"T047484",
"T032362"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-52986"
},
{
"cve": "CVE-2025-52988",
"product_status": {
"known_affected": [
"T042696",
"T045305",
"T045307",
"918766",
"T047485",
"T047484",
"T032362"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-52988"
},
{
"cve": "CVE-2025-52989",
"product_status": {
"known_affected": [
"T042696",
"T045305",
"T045307",
"918766",
"T047485",
"T047484",
"T032362"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-52989"
},
{
"cve": "CVE-2025-6549",
"product_status": {
"known_affected": [
"T042696",
"T045305",
"T045307",
"918766",
"T047485",
"T047484",
"T032362"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-6549"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…