cvelistv5 - cve-2025-52958

CVE-2025-52958 (GCVE-0-2025-52958)

Vulnerability from cvelistv5

Published

2025-07-11 14:43

Modified

2025-07-11 14:55

Severity ?

5.3 (Medium) - CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
6.0 (Medium) - CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/R:A/RE:M/U:Green

CWE

CWE-617 - Reachable Assertion

Summary

A Reachable Assertion vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS).On all Junos OS and Junos OS Evolved devices, when route validation is enabled, a rare condition during BGP initial session establishment can lead to an rpd crash and restart. This occurs specifically when the connection request fails during error-handling scenario. Continued session establishment failures leads to a sustained DoS condition. This issue affects Junos OS: * All versions before 22.2R3-S6, * from 22.4 before 22.4R3-S6, * from 23.2 before 23.2R2-S3, * from 23.4 before 23.4R2-S4, * from 24.2 before 24.2R2; Junos OS Evolved: * All versions before 22.2R3-S6-EVO, * from 22.4 before 22.4R3-S6-EVO, * from 23.2 before 23.2R2-S3-EVO, * from 23.4 before 23.4R2-S4-EVO, * from 24.2 before 24.2R2-EVO.

References

URL

Tags

sirt@juniper.net

https://supportportal.juniper.net/JSA100066

Impacted products

Vendor

Product

Version

Juniper Networks

Junos OS

Version: 0   ≤
Version: 22.4   ≤
Version: 23.2   ≤
Version: 23.4   ≤
Version: 24.2   ≤

Juniper Networks

Junos OS Evolved

Version: 0   ≤
Version: 22.4   ≤
Version: 23.2   ≤
Version: 23.4   ≤
Version: 24.2   ≤

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-52958",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-11T14:55:42.909359Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-11T14:55:56.096Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "22.2R3-S6",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "22.4R3-S6",
              "status": "affected",
              "version": "22.4",
              "versionType": "semver"
            },
            {
              "lessThan": "23.2R2-S3",
              "status": "affected",
              "version": "23.2",
              "versionType": "semver"
            },
            {
              "lessThan": "23.4R2-S4",
              "status": "affected",
              "version": "23.4",
              "versionType": "semver"
            },
            {
              "lessThan": "24.2R2",
              "status": "affected",
              "version": "24.2",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Junos OS Evolved",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "22.2R3-S6-EVO",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "22.4R3-S6-EVO",
              "status": "affected",
              "version": "22.4",
              "versionType": "semver"
            },
            {
              "lessThan": "23.2R2-S3-EVO",
              "status": "affected",
              "version": "23.2",
              "versionType": "semver"
            },
            {
              "lessThan": "23.4R2-S4-EVO",
              "status": "affected",
              "version": "23.4",
              "versionType": "semver"
            },
            {
              "lessThan": "24.2R2-EVO",
              "status": "affected",
              "version": "24.2",
              "versionType": "semver"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThe following minimal configuration is required:\u003c/p\u003e \u003ctt\u003e[protocols bgp]\u003cbr\u003e\u003c/tt\u003e\u003ctt\u003e[routing-options validation]\u003c/tt\u003e"
            }
          ],
          "value": "The following minimal configuration is required:\n\n [protocols bgp]\n[routing-options validation]"
        }
      ],
      "datePublic": "2025-07-09T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA Reachable Assertion vulnerability in the routing protocol daemon (rpd) of Juniper\u0026nbsp;\u003c/span\u003eNetworks Junos OS and Junos OS Evolved allows an adjacent,\u0026nbsp;unauthenticated\u0026nbsp;attacker to cause a Denial of Service (DoS).\u003cp\u003eOn all Junos OS and Junos OS Evolved devices, when route validation is enabled, a rare condition during BGP initial session establishment can lead to an rpd crash and restart. This occurs specifically when the connection request fails during error-handling scenario.\u003c/p\u003e\u003cp\u003eContinued session establishment failures leads to a sustained DoS condition.\u0026nbsp;\u003c/p\u003e\u003cp\u003eThis issue affects Junos OS:\u003c/p\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cul\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAll versions before 22.2R3-S6, \u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003efrom 22.4 before 22.4R3-S6, \u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003efrom 23.2 before 23.2R2-S3, \u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003efrom 23.4 before 23.4R2-S4, \u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003efrom 24.2 before 24.2R2; \u003c/span\u003e\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003eJunos OS Evolved: \u003cbr\u003e\u003cul\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAll versions before 22.2R3-S6-EVO, \u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003efrom 22.4 before\u0026nbsp;22.4R3-S6-EVO,\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003efrom 23.2 before\u0026nbsp;23.2R2-S3-EVO,\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003efrom 23.4 before 23.4R2-S4-EVO, \u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003efrom 24.2 before 24.2R2-EVO.\u003c/span\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/span\u003e"
            }
          ],
          "value": "A Reachable Assertion vulnerability in the routing protocol daemon (rpd) of Juniper\u00a0Networks Junos OS and Junos OS Evolved allows an adjacent,\u00a0unauthenticated\u00a0attacker to cause a Denial of Service (DoS).On all Junos OS and Junos OS Evolved devices, when route validation is enabled, a rare condition during BGP initial session establishment can lead to an rpd crash and restart. This occurs specifically when the connection request fails during error-handling scenario.\n\nContinued session establishment failures leads to a sustained DoS condition.\u00a0\n\nThis issue affects Junos OS:\n\n  *  All versions before 22.2R3-S6, \n  *  from 22.4 before 22.4R3-S6, \n  *  from 23.2 before 23.2R2-S3, \n  *  from 23.4 before 23.4R2-S4, \n  *  from 24.2 before 24.2R2; \n\n\n\nJunos OS Evolved: \n  *  All versions before 22.2R3-S6-EVO, \n  *  from 22.4 before\u00a022.4R3-S6-EVO,\n  *  from 23.2 before\u00a023.2R2-S3-EVO,\n  *  from 23.4 before 23.4R2-S4-EVO, \n  *  from 24.2 before 24.2R2-EVO."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
            }
          ],
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "AUTOMATIC",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "HIGH",
            "attackRequirements": "PRESENT",
            "attackVector": "ADJACENT",
            "baseScore": 6,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "providerUrgency": "GREEN",
            "subAvailabilityImpact": "LOW",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/R:A/RE:M/U:Green",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-617",
              "description": "CWE-617 Reachable Assertion",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-11T14:43:38.431Z",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://supportportal.juniper.net/JSA100066"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The following software releases have been updated to resolve this specific issue: \u003cbr\u003e\u003cbr\u003eJunos OS Evolved: 22.2R3-S6-EVO, \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e22.4R3-S6-EVO,\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e23.2R2-S3-EVO,\u0026nbsp;\u003c/span\u003e\u003c/span\u003e23.4R2-S4-EVO, 24.2R2-EVO, 24.4R1-EVO, and all subsequent releases.\u003cbr\u003e\u003cbr\u003eJunos OS: 22.2R3-S6, 22.4R3-S6, 23.2R2-S3, 23.4R2-S4, 24.2R2, 24.4R1, and all subsequent releases."
            }
          ],
          "value": "The following software releases have been updated to resolve this specific issue: \n\nJunos OS Evolved: 22.2R3-S6-EVO, 22.4R3-S6-EVO,\u00a023.2R2-S3-EVO,\u00a023.4R2-S4-EVO, 24.2R2-EVO, 24.4R1-EVO, and all subsequent releases.\n\nJunos OS: 22.2R3-S6, 22.4R3-S6, 23.2R2-S3, 23.4R2-S4, 24.2R2, 24.4R1, and all subsequent releases."
        }
      ],
      "source": {
        "advisory": "JSA100066",
        "defect": [
          "1851205"
        ],
        "discovery": "USER"
      },
      "title": "Junos OS and Junos OS Evolved: When route validation is enabled, BGP connection establishment failure causes RPD crash",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "There are no known workarounds for this issue."
            }
          ],
          "value": "There are no known workarounds for this issue."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2025-52958",
    "datePublished": "2025-07-11T14:43:38.431Z",
    "dateReserved": "2025-06-23T13:17:37.424Z",
    "dateUpdated": "2025-07-11T14:55:56.096Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-52958\",\"sourceIdentifier\":\"sirt@juniper.net\",\"published\":\"2025-07-11T15:15:26.627\",\"lastModified\":\"2025-07-15T13:14:49.980\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A Reachable Assertion vulnerability in the routing protocol daemon (rpd) of Juniper\u00a0Networks Junos OS and Junos OS Evolved allows an adjacent,\u00a0unauthenticated\u00a0attacker to cause a Denial of Service (DoS).On all Junos OS and Junos OS Evolved devices, when route validation is enabled, a rare condition during BGP initial session establishment can lead to an rpd crash and restart. This occurs specifically when the connection request fails during error-handling scenario.\\n\\nContinued session establishment failures leads to a sustained DoS condition.\u00a0\\n\\nThis issue affects Junos OS:\\n\\n  *  All versions before 22.2R3-S6, \\n  *  from 22.4 before 22.4R3-S6, \\n  *  from 23.2 before 23.2R2-S3, \\n  *  from 23.4 before 23.4R2-S4, \\n  *  from 24.2 before 24.2R2; \\n\\n\\n\\nJunos OS Evolved: \\n  *  All versions before 22.2R3-S6-EVO, \\n  *  from 22.4 before\u00a022.4R3-S6-EVO,\\n  *  from 23.2 before\u00a023.2R2-S3-EVO,\\n  *  from 23.4 before 23.4R2-S4-EVO, \\n  *  from 24.2 before 24.2R2-EVO.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de aserci\u00f3n alcanzable en el daemon de protocolo de enrutamiento (rpd) de Juniper Networks Junos OS y Junos OS Evolved permite que un atacante adyacente no autenticado provoque una denegaci\u00f3n de servicio (DoS). En todos los dispositivos Junos OS y Junos OS Evolved, cuando la validaci\u00f3n de ruta est\u00e1 habilitada, una condici\u00f3n poco com\u00fan durante el establecimiento de la sesi\u00f3n inicial de BGP puede provocar un bloqueo y reinicio del rpd. Esto ocurre espec\u00edficamente cuando la solicitud de conexi\u00f3n falla durante un escenario de manejo de errores. Los fallos continuos en el establecimiento de la sesi\u00f3n conducen a una condici\u00f3n de DoS sostenida. Este problema afecta a Junos OS: * Todas las versiones anteriores a 22.2R3-S6, * desde 22.4 hasta 22.4R3-S6, * desde 23.2 hasta 23.2R2-S3, * desde 23.4 hasta 23.4R2-S4, * desde 24.2 hasta 24.2R2; Junos OS Evolved: * Todas las versiones anteriores a 22.2R3-S6-EVO, * desde 22.4 hasta 22.4R3-S6-EVO, * desde 23.2 hasta 23.2R2-S3-EVO, * desde 23.4 hasta 23.4R2-S4-EVO, * desde 24.2 hasta 24.2R2-EVO.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:A/V:X/RE:M/U:Green\",\"baseScore\":6.0,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"ADJACENT\",\"attackComplexity\":\"HIGH\",\"attackRequirements\":\"PRESENT\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"NONE\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"LOW\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"AUTOMATIC\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"MODERATE\",\"providerUrgency\":\"GREEN\"}}],\"cvssMetricV31\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.6,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-617\"}]}],\"references\":[{\"url\":\"https://supportportal.juniper.net/JSA100066\",\"source\":\"sirt@juniper.net\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-52958\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-07-11T14:55:42.909359Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-07-11T14:55:47.158Z\"}}], \"cna\": {\"title\": \"Junos OS and Junos OS Evolved: When route validation is enabled, BGP connection establishment failure causes RPD crash\", \"source\": {\"defect\": [\"1851205\"], \"advisory\": \"JSA100066\", \"discovery\": \"USER\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.3, \"attackVector\": \"ADJACENT_NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}, {\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"AUTOMATIC\", \"baseScore\": 6, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"ADJACENT\", \"baseSeverity\": \"MEDIUM\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/R:A/RE:M/U:Green\", \"providerUrgency\": \"GREEN\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"attackRequirements\": \"PRESENT\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"NONE\", \"subAvailabilityImpact\": \"LOW\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"NONE\", \"vulnerabilityResponseEffort\": \"MODERATE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Juniper Networks\", \"product\": \"Junos OS\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"22.2R3-S6\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"22.4\", \"lessThan\": \"22.4R3-S6\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"23.2\", \"lessThan\": \"23.2R2-S3\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"23.4\", \"lessThan\": \"23.4R2-S4\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"24.2\", \"lessThan\": \"24.2R2\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Juniper Networks\", \"product\": \"Junos OS Evolved\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"22.2R3-S6-EVO\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"22.4\", \"lessThan\": \"22.4R3-S6-EVO\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"23.2\", \"lessThan\": \"23.2R2-S3-EVO\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"23.4\", \"lessThan\": \"23.4R2-S4-EVO\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"24.2\", \"lessThan\": \"24.2R2-EVO\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\", \"base64\": false}]}], \"solutions\": [{\"lang\": \"en\", \"value\": \"The following software releases have been updated to resolve this specific issue: \\n\\nJunos OS Evolved: 22.2R3-S6-EVO, 22.4R3-S6-EVO,\\u00a023.2R2-S3-EVO,\\u00a023.4R2-S4-EVO, 24.2R2-EVO, 24.4R1-EVO, and all subsequent releases.\\n\\nJunos OS: 22.2R3-S6, 22.4R3-S6, 23.2R2-S3, 23.4R2-S4, 24.2R2, 24.4R1, and all subsequent releases.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"The following software releases have been updated to resolve this specific issue: \u003cbr\u003e\u003cbr\u003eJunos OS Evolved: 22.2R3-S6-EVO, \u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003e22.4R3-S6-EVO,\u0026nbsp;\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003e23.2R2-S3-EVO,\u0026nbsp;\u003c/span\u003e\u003c/span\u003e23.4R2-S4-EVO, 24.2R2-EVO, 24.4R1-EVO, and all subsequent releases.\u003cbr\u003e\u003cbr\u003eJunos OS: 22.2R3-S6, 22.4R3-S6, 23.2R2-S3, 23.4R2-S4, 24.2R2, 24.4R1, and all subsequent releases.\", \"base64\": false}]}], \"datePublic\": \"2025-07-09T16:00:00.000Z\", \"references\": [{\"url\": \"https://supportportal.juniper.net/JSA100066\", \"tags\": [\"vendor-advisory\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"There are no known workarounds for this issue.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"There are no known workarounds for this issue.\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A Reachable Assertion vulnerability in the routing protocol daemon (rpd) of Juniper\\u00a0Networks Junos OS and Junos OS Evolved allows an adjacent,\\u00a0unauthenticated\\u00a0attacker to cause a Denial of Service (DoS).On all Junos OS and Junos OS Evolved devices, when route validation is enabled, a rare condition during BGP initial session establishment can lead to an rpd crash and restart. This occurs specifically when the connection request fails during error-handling scenario.\\n\\nContinued session establishment failures leads to a sustained DoS condition.\\u00a0\\n\\nThis issue affects Junos OS:\\n\\n  *  All versions before 22.2R3-S6, \\n  *  from 22.4 before 22.4R3-S6, \\n  *  from 23.2 before 23.2R2-S3, \\n  *  from 23.4 before 23.4R2-S4, \\n  *  from 24.2 before 24.2R2; \\n\\n\\n\\nJunos OS Evolved: \\n  *  All versions before 22.2R3-S6-EVO, \\n  *  from 22.4 before\\u00a022.4R3-S6-EVO,\\n  *  from 23.2 before\\u00a023.2R2-S3-EVO,\\n  *  from 23.4 before 23.4R2-S4-EVO, \\n  *  from 24.2 before 24.2R2-EVO.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eA Reachable Assertion vulnerability in the routing protocol daemon (rpd) of Juniper\u0026nbsp;\u003c/span\u003eNetworks Junos OS and Junos OS Evolved allows an adjacent,\u0026nbsp;unauthenticated\u0026nbsp;attacker to cause a Denial of Service (DoS).\u003cp\u003eOn all Junos OS and Junos OS Evolved devices, when route validation is enabled, a rare condition during BGP initial session establishment can lead to an rpd crash and restart. This occurs specifically when the connection request fails during error-handling scenario.\u003c/p\u003e\u003cp\u003eContinued session establishment failures leads to a sustained DoS condition.\u0026nbsp;\u003c/p\u003e\u003cp\u003eThis issue affects Junos OS:\u003c/p\u003e\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003e\u003cul\u003e\u003cli\u003e\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eAll versions before 22.2R3-S6, \u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003efrom 22.4 before 22.4R3-S6, \u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003efrom 23.2 before 23.2R2-S3, \u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003efrom 23.4 before 23.4R2-S4, \u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003efrom 24.2 before 24.2R2; \u003c/span\u003e\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003eJunos OS Evolved: \u003cbr\u003e\u003cul\u003e\u003cli\u003e\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eAll versions before 22.2R3-S6-EVO, \u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003efrom 22.4 before\u0026nbsp;22.4R3-S6-EVO,\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003efrom 23.2 before\u0026nbsp;23.2R2-S3-EVO,\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003efrom 23.4 before 23.4R2-S4-EVO, \u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003efrom 24.2 before 24.2R2-EVO.\u003c/span\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/span\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-617\", \"description\": \"CWE-617 Reachable Assertion\"}]}], \"configurations\": [{\"lang\": \"en\", \"value\": \"The following minimal configuration is required:\\n\\n [protocols bgp]\\n[routing-options validation]\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eThe following minimal configuration is required:\u003c/p\u003e \u003ctt\u003e[protocols bgp]\u003cbr\u003e\u003c/tt\u003e\u003ctt\u003e[routing-options validation]\u003c/tt\u003e\", \"base64\": false}]}], \"providerMetadata\": {\"orgId\": \"8cbe9d5a-a066-4c94-8978-4b15efeae968\", \"shortName\": \"juniper\", \"dateUpdated\": \"2025-07-11T14:43:38.431Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-52958\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-07-11T14:55:56.096Z\", \"dateReserved\": \"2025-06-23T13:17:37.424Z\", \"assignerOrgId\": \"8cbe9d5a-a066-4c94-8978-4b15efeae968\", \"datePublished\": \"2025-07-11T14:43:38.431Z\", \"assignerShortName\": \"juniper\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

fkie_cve-2025-52958

Vulnerability from fkie_nvd

Published

2025-07-11 15:15

Modified

2025-07-15 13:14

Severity ?

5.3 (Medium) - CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

	URL	Tags
	sirt@juniper.net	https://supportportal.juniper.net/JSA100066

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A Reachable Assertion vulnerability in the routing protocol daemon (rpd) of Juniper\u00a0Networks Junos OS and Junos OS Evolved allows an adjacent,\u00a0unauthenticated\u00a0attacker to cause a Denial of Service (DoS).On all Junos OS and Junos OS Evolved devices, when route validation is enabled, a rare condition during BGP initial session establishment can lead to an rpd crash and restart. This occurs specifically when the connection request fails during error-handling scenario.\n\nContinued session establishment failures leads to a sustained DoS condition.\u00a0\n\nThis issue affects Junos OS:\n\n  *  All versions before 22.2R3-S6, \n  *  from 22.4 before 22.4R3-S6, \n  *  from 23.2 before 23.2R2-S3, \n  *  from 23.4 before 23.4R2-S4, \n  *  from 24.2 before 24.2R2; \n\n\n\nJunos OS Evolved: \n  *  All versions before 22.2R3-S6-EVO, \n  *  from 22.4 before\u00a022.4R3-S6-EVO,\n  *  from 23.2 before\u00a023.2R2-S3-EVO,\n  *  from 23.4 before 23.4R2-S4-EVO, \n  *  from 24.2 before 24.2R2-EVO."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de aserci\u00f3n alcanzable en el daemon de protocolo de enrutamiento (rpd) de Juniper Networks Junos OS y Junos OS Evolved permite que un atacante adyacente no autenticado provoque una denegaci\u00f3n de servicio (DoS). En todos los dispositivos Junos OS y Junos OS Evolved, cuando la validaci\u00f3n de ruta est\u00e1 habilitada, una condici\u00f3n poco com\u00fan durante el establecimiento de la sesi\u00f3n inicial de BGP puede provocar un bloqueo y reinicio del rpd. Esto ocurre espec\u00edficamente cuando la solicitud de conexi\u00f3n falla durante un escenario de manejo de errores. Los fallos continuos en el establecimiento de la sesi\u00f3n conducen a una condici\u00f3n de DoS sostenida. Este problema afecta a Junos OS: * Todas las versiones anteriores a 22.2R3-S6, * desde 22.4 hasta 22.4R3-S6, * desde 23.2 hasta 23.2R2-S3, * desde 23.4 hasta 23.4R2-S4, * desde 24.2 hasta 24.2R2; Junos OS Evolved: * Todas las versiones anteriores a 22.2R3-S6-EVO, * desde 22.4 hasta 22.4R3-S6-EVO, * desde 23.2 hasta 23.2R2-S3-EVO, * desde 23.4 hasta 23.4R2-S4-EVO, * desde 24.2 hasta 24.2R2-EVO."
    }
  ],
  "id": "CVE-2025-52958",
  "lastModified": "2025-07-15T13:14:49.980",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 3.6,
        "source": "sirt@juniper.net",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "AUTOMATIC",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "HIGH",
          "attackRequirements": "PRESENT",
          "attackVector": "ADJACENT",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 6.0,
          "baseSeverity": "MEDIUM",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "NONE",
          "providerUrgency": "GREEN",
          "subAvailabilityImpact": "LOW",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:A/V:X/RE:M/U:Green",
          "version": "4.0",
          "vulnAvailabilityImpact": "HIGH",
          "vulnConfidentialityImpact": "NONE",
          "vulnIntegrityImpact": "NONE",
          "vulnerabilityResponseEffort": "MODERATE"
        },
        "source": "sirt@juniper.net",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-07-11T15:15:26.627",
  "references": [
    {
      "source": "sirt@juniper.net",
      "url": "https://supportportal.juniper.net/JSA100066"
    }
  ],
  "sourceIdentifier": "sirt@juniper.net",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-617"
        }
      ],
      "source": "sirt@juniper.net",
      "type": "Primary"
    }
  ]
}

ghsa-5694-q557-w4rg

Vulnerability from github

Published

2025-07-11 15:31

Modified

2025-07-11 15:31

Severity ?

5.3 (Medium) - CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
6.0 (Medium) - CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/R:A/RE:M/U:Green

Details

Continued session establishment failures leads to a sustained DoS condition.

This issue affects Junos OS:

All versions before 22.2R3-S6,
from 22.4 before 22.4R3-S6,
from 23.2 before 23.2R2-S3,
from 23.4 before 23.4R2-S4,
from 24.2 before 24.2R2;

Junos OS Evolved: * All versions before 22.2R3-S6-EVO, * from 22.4 before 22.4R3-S6-EVO, * from 23.2 before 23.2R2-S3-EVO, * from 23.4 before 23.4R2-S4-EVO, * from 24.2 before 24.2R2-EVO.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-52958"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-617"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-11T15:15:26Z",
    "severity": "MODERATE"
  },
  "details": "A Reachable Assertion vulnerability in the routing protocol daemon (rpd) of Juniper\u00a0Networks Junos OS and Junos OS Evolved allows an adjacent,\u00a0unauthenticated\u00a0attacker to cause a Denial of Service (DoS).On all Junos OS and Junos OS Evolved devices, when route validation is enabled, a rare condition during BGP initial session establishment can lead to an rpd crash and restart. This occurs specifically when the connection request fails during error-handling scenario.\n\nContinued session establishment failures leads to a sustained DoS condition.\u00a0\n\nThis issue affects Junos OS:\n\n  *  All versions before 22.2R3-S6, \n  *  from 22.4 before 22.4R3-S6, \n  *  from 23.2 before 23.2R2-S3, \n  *  from 23.4 before 23.4R2-S4, \n  *  from 24.2 before 24.2R2; \n\n\n\nJunos OS Evolved: \n  *  All versions before 22.2R3-S6-EVO, \n  *  from 22.4 before\u00a022.4R3-S6-EVO,\n  *  from 23.2 before\u00a023.2R2-S3-EVO,\n  *  from 23.4 before 23.4R2-S4-EVO, \n  *  from 24.2 before 24.2R2-EVO.",
  "id": "GHSA-5694-q557-w4rg",
  "modified": "2025-07-11T15:31:39Z",
  "published": "2025-07-11T15:31:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52958"
    },
    {
      "type": "WEB",
      "url": "https://supportportal.juniper.net/JSA100066"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:A/V:X/RE:M/U:Green",
      "type": "CVSS_V4"
    }
  ]
}

CERTFR-2025-AVI-0583

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits Juniper Networks. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une élévation de privilèges et un déni de service à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Juniper Networks	Apstra	Apstra versions antérieures à 6.0.0
Juniper Networks	Security Director	Security Director versions antérieures à 24.4.1-1703
Juniper Networks	CTPView	CTPview versions antérieures à 9.3R2
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions antérieures à 21.4R3-S7-EVO, 22.2R3-S6-EVO, 22.2R3-S7-EVO, 22.3R3-S3-EVO, 22.4R3-S5-EVO, 22.4R3-S6-EVO, 22.4R3-S7-EVO, 23.2R2-EVO, 23.2R2-S1-EVO, 23.2R2-S3-EVO, 23.2R2-S4-EVO, 23.4R1-S2-EVO, 23.4R2-EVO, 23.4R2-S4-EVO, 23.4R2-S5-EVO, 24.2R1-EVO, 24.2R2-EVO, 24.2R2-S1-EVO, 24.4R1-EVO, 24.4R1-S2-EVO, 24.4R1-S3-EVO, 24.4R2-EVO, 25.1R1-EVO et 25.2R1-EVO
Juniper Networks	Junos OS	Junos OS versions antérieures à 21.2R3-S9, 21.4R3-S10, 21.4R3-S11, 21.4R3-S7, 21.4R3-S8, 21.4R3-S9, 22.2R3-S1, 22.2R3-S4, 22.2R3-S5, 22.2R3-S6, 22.2R3-S7, 22.3R3-S3, 22.4R2, 22.4R3-S2, 22.4R3-S5, 22.4R3-S6, 22.4R3-S7, 23.2R1, 23.2R2, 23.2R2-S1, 23.2R2-S3, 23.2R2-S4, 23.4R1-S2, 23.4R2, 23.4R2-S3, 23.4R2-S4, 23.4R2-S5, 24.2R1, 24.2R1-S1, 24.2R1-S2, 24.2R2, 24.2R2-S1, 24.4R1, 24.4R1-S2, 24.4R1-S3, 24.4R2 et 25.2R1

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper Networks CVE-2025-52988	2025-07-09	vendor-advisory
Bulletin de sécurité Juniper Networks CVE-2025-52963	2025-07-09	vendor-advisory
Bulletin de sécurité Juniper Networks CVE-2025-52958	2025-07-09	vendor-advisory
Bulletin de sécurité Juniper Networks CVE-2025-52985	2025-07-09	vendor-advisory
Bulletin de sécurité Juniper Networks CVE-2025-52986	2025-07-09	vendor-advisory
Bulletin de sécurité Juniper Networks CVE-2024-3596	2025-07-09	vendor-advisory
Bulletin de sécurité Juniper Networks CVE-2025-52989	2025-07-09	vendor-advisory
Bulletin de sécurité Juniper Networks CVE-2025-52981	2025-07-09	vendor-advisory
Bulletin de sécurité Juniper Networks CVE-2025-52983	2025-07-09	vendor-advisory
Bulletin de sécurité Juniper Networks CVE-2025-52946	2025-07-09	vendor-advisory
Bulletin de sécurité Juniper Networks CVE-2025-52954	2025-07-09	vendor-advisory
Bulletin de sécurité Juniper Networks CVE-2025-52953	2025-07-09	vendor-advisory
Bulletin de sécurité Juniper Networks CVE-2025-52947	2025-07-09	vendor-advisory
Bulletin de sécurité Juniper Networks CVE-2025-52949	2025-07-09	vendor-advisory
Bulletin de sécurité Juniper Networks 2025-07-Security-Bulletin-Juniper-Apstra-Multiple-Vulnerabilities-resolved-in-Intel-microcode-package	2025-07-09	vendor-advisory
Bulletin de sécurité Juniper Networks CVE-2025-26466	2025-07-09	vendor-advisory
Bulletin de sécurité Juniper Networks CVE-2025-52955	2025-07-09	vendor-advisory
Bulletin de sécurité Juniper Networks CVE-2025-52952	2025-07-09	vendor-advisory
Bulletin de sécurité Juniper Networks CVE-2025-30661	2025-07-09	vendor-advisory
Bulletin de sécurité Juniper Networks CVE-2025-52951	2025-07-09	vendor-advisory
Bulletin de sécurité Juniper Networks CVE-2025-52984	2025-07-09	vendor-advisory
Bulletin de sécurité Juniper Networks CVE-2025-52948	2025-07-09	vendor-advisory
Bulletin de sécurité Juniper Networks CVE-2025-52964	2025-07-09	vendor-advisory
Bulletin de sécurité Juniper Networks CVE-2025-52982	2025-07-09	vendor-advisory
Bulletin de sécurité Juniper Networks CVE-2025-52950	2025-07-09	vendor-advisory
Bulletin de sécurité Juniper Networks CVE-2025-52980	2025-07-09	vendor-advisory
Bulletin de sécurité Juniper Networks CVE-2025-6549	2025-07-09	vendor-advisory
Bulletin de sécurité Juniper Networks 2025-07-Security-Bulletin-Junos-OS-Evolved-Multiple-vulnerabilities-resolved-for-Insecure-Implementation-of-Tunneling-Protocols-GRE-IPIP-4in6-6in4-VU-199397	2025-07-09	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Apstra versions ant\u00e9rieures \u00e0 6.0.0",
      "product": {
        "name": "Apstra",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Security Director versions ant\u00e9rieures \u00e0 24.4.1-1703",
      "product": {
        "name": "Security Director",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "CTPview versions ant\u00e9rieures \u00e0 9.3R2",
      "product": {
        "name": "CTPView",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 21.4R3-S7-EVO, 22.2R3-S6-EVO, 22.2R3-S7-EVO, 22.3R3-S3-EVO, 22.4R3-S5-EVO, 22.4R3-S6-EVO, 22.4R3-S7-EVO, 23.2R2-EVO, 23.2R2-S1-EVO, 23.2R2-S3-EVO, 23.2R2-S4-EVO, 23.4R1-S2-EVO, 23.4R2-EVO, 23.4R2-S4-EVO, 23.4R2-S5-EVO, 24.2R1-EVO, 24.2R2-EVO, 24.2R2-S1-EVO, 24.4R1-EVO, 24.4R1-S2-EVO, 24.4R1-S3-EVO, 24.4R2-EVO, 25.1R1-EVO et 25.2R1-EVO",
      "product": {
        "name": "Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions ant\u00e9rieures \u00e0 21.2R3-S9, 21.4R3-S10, 21.4R3-S11, 21.4R3-S7, 21.4R3-S8, 21.4R3-S9, 22.2R3-S1, 22.2R3-S4, 22.2R3-S5, 22.2R3-S6, 22.2R3-S7, 22.3R3-S3, 22.4R2, 22.4R3-S2, 22.4R3-S5, 22.4R3-S6, 22.4R3-S7, 23.2R1, 23.2R2, 23.2R2-S1, 23.2R2-S3, 23.2R2-S4, 23.4R1-S2, 23.4R2, 23.4R2-S3, 23.4R2-S4, 23.4R2-S5, 24.2R1, 24.2R1-S1, 24.2R1-S2, 24.2R2, 24.2R2-S1, 24.4R1, 24.4R1-S2, 24.4R1-S3, 24.4R2 et 25.2R1",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-52984",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52984"
    },
    {
      "name": "CVE-2020-10136",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10136"
    },
    {
      "name": "CVE-2024-23918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-23918"
    },
    {
      "name": "CVE-2024-21820",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21820"
    },
    {
      "name": "CVE-2025-52950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52950"
    },
    {
      "name": "CVE-2025-52983",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52983"
    },
    {
      "name": "CVE-2025-52952",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52952"
    },
    {
      "name": "CVE-2025-52963",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52963"
    },
    {
      "name": "CVE-2024-3596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
    },
    {
      "name": "CVE-2025-26466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-26466"
    },
    {
      "name": "CVE-2024-23984",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-23984"
    },
    {
      "name": "CVE-2025-52986",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52986"
    },
    {
      "name": "CVE-2025-52988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52988"
    },
    {
      "name": "CVE-2025-52949",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52949"
    },
    {
      "name": "CVE-2025-6549",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6549"
    },
    {
      "name": "CVE-2025-52954",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52954"
    },
    {
      "name": "CVE-2024-7595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7595"
    },
    {
      "name": "CVE-2025-52947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52947"
    },
    {
      "name": "CVE-2025-52958",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52958"
    },
    {
      "name": "CVE-2025-52964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52964"
    },
    {
      "name": "CVE-2025-52946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52946"
    },
    {
      "name": "CVE-2024-21853",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21853"
    },
    {
      "name": "CVE-2025-52951",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52951"
    },
    {
      "name": "CVE-2025-23019",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23019"
    },
    {
      "name": "CVE-2025-52955",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52955"
    },
    {
      "name": "CVE-2025-23018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23018"
    },
    {
      "name": "CVE-2025-52948",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52948"
    },
    {
      "name": "CVE-2025-52981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52981"
    },
    {
      "name": "CVE-2024-24968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24968"
    },
    {
      "name": "CVE-2025-52953",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52953"
    },
    {
      "name": "CVE-2025-52985",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52985"
    },
    {
      "name": "CVE-2025-52989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52989"
    },
    {
      "name": "CVE-2025-52980",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52980"
    },
    {
      "name": "CVE-2025-52982",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52982"
    },
    {
      "name": "CVE-2025-30661",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30661"
    }
  ],
  "initial_release_date": "2025-07-10T00:00:00",
  "last_revision_date": "2025-07-10T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0583",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-07-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Juniper Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper Networks",
  "vendor_advisories": [
    {
      "published_at": "2025-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52988",
      "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Privilege-escalation-via-CLI-command-request-system-logout-CVE-2025-52988"
    },
    {
      "published_at": "2025-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52963",
      "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-A-low-privileged-user-can-disable-an-interface-CVE-2025-52963"
    },
    {
      "published_at": "2025-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52958",
      "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-When-route-validation-is-enabled-BGP-connection-establishment-failure-causes-RPD-crash-CVE-2025-52958"
    },
    {
      "published_at": "2025-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52985",
      "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-Evolved-When-a-control-plane-firewall-filter-refers-to-a-prefix-list-with-more-then-10-entries-it-s-not-matching-CVE-2025-52985"
    },
    {
      "published_at": "2025-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52986",
      "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-When-RIB-sharding-is-configured-each-time-a-show-command-is-executed-RPD-memory-leaks-CVE-2025-52986"
    },
    {
      "published_at": "2025-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2024-3596",
      "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Vulnerability-in-the-RADIUS-protocol-for-Subscriber-Management-Blast-RADIUS-CVE-2024-3596"
    },
    {
      "published_at": "2025-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52989",
      "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Annotate-configuration-command-can-be-used-for-privilege-escalation-CVE-2025-52989"
    },
    {
      "published_at": "2025-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52981",
      "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-SRX-Series-Sequence-of-specific-PIM-packets-causes-a-flowd-crash-CVE-2025-52981"
    },
    {
      "published_at": "2025-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52983",
      "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-After-removing-ssh-public-key-authentication-root-can-still-log-in-CVE-2025-52983"
    },
    {
      "published_at": "2025-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52946",
      "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-With-traceoptions-enabled-receipt-of-malformed-AS-PATH-causes-RPD-crash-CVE-2025-52946"
    },
    {
      "published_at": "2025-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52954",
      "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-Evolved-A-low-privileged-user-can-execute-CLI-commands-and-modify-the-configuration-compromise-the-system-CVE-2025-52954"
    },
    {
      "published_at": "2025-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52953",
      "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-An-unauthenticated-adjacent-attacker-sending-a-valid-BGP-UPDATE-packet-forces-a-BGP-session-reset-CVE-2025-52953"
    },
    {
      "published_at": "2025-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52947",
      "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-ACX-Series-When-hot-standby-mode-is-configured-for-an-L2-circuit-interface-flap-causes-the-FEB-to-crash"
    },
    {
      "published_at": "2025-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52949",
      "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-an-EVPN-environment-receipt-of-a-specifically-malformed-BGP-update-causes-RPD-crash-CVE-2025-52949"
    },
    {
      "published_at": "2025-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks 2025-07-Security-Bulletin-Juniper-Apstra-Multiple-Vulnerabilities-resolved-in-Intel-microcode-package",
      "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Juniper-Apstra-Multiple-Vulnerabilities-resolved-in-Intel-microcode-package"
    },
    {
      "published_at": "2025-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-26466",
      "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-CTPView-OpenSSH-vulnerability-CVE-2025-26466-resolved-in-9-3R2-release"
    },
    {
      "published_at": "2025-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52955",
      "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-When-jflow-sflow-is-enabled-receipt-of-specific-route-updates-causes-rpd-crash-CVE-2025-52955"
    },
    {
      "published_at": "2025-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52952",
      "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-MX-Series-with-MPC-BUILTIN-MPC-1-through-MPC-9-Receipt-and-processing-of-a-malformed-packet-causes-one-or-more-FPCs-to-crash-CVE-2025-52952"
    },
    {
      "published_at": "2025-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-30661",
      "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-Low-privileged-user-can-cause-script-to-run-as-root-leading-to-privilege-escalation-CVE-2025-30661"
    },
    {
      "published_at": "2025-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52951",
      "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-IPv6-firewall-filter-fails-to-match-payload-protocol-CVE-2025-52951"
    },
    {
      "published_at": "2025-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52984",
      "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-When-a-static-route-points-to-an-unreachable-next-hop-and-a-gNMI-query-for-this-route-is-processed-RPD-crashes-CVE-2025-52984"
    },
    {
      "published_at": "2025-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52948",
      "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-Specific-unknown-traffic-pattern-causes-FPC-and-system-to-crash-when-packet-capturing-is-enabled-CVE-2025-52948"
    },
    {
      "published_at": "2025-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52964",
      "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Junos-OS-and-Junos-OS-Evolved-Receipt-of-a-specific-BGP-UPDATE-causes-an-rpd-crash-on-devices-with-BGP-multipath-configured-CVE-2025-52964"
    },
    {
      "published_at": "2025-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52982",
      "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-MX-Series-When-specific-SIP-packets-are-processed-the-MS-MPC-will-crash-CVE-2025-52982"
    },
    {
      "published_at": "2025-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52950",
      "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Juniper-Security-Director-Insufficient-authorization-for-multiple-endpoints-in-web-interface-CVE-2025-52950"
    },
    {
      "published_at": "2025-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-52980",
      "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-SRX300-Series-Upon-receiving-a-specific-valid-BGP-UPDATE-message-rpd-will-crash-CVE-2025-52980"
    },
    {
      "published_at": "2025-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks CVE-2025-6549",
      "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-SRX-Series-J-Web-can-be-exposed-on-additional-interfaces-CVE-2025-6549"
    },
    {
      "published_at": "2025-07-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks 2025-07-Security-Bulletin-Junos-OS-Evolved-Multiple-vulnerabilities-resolved-for-Insecure-Implementation-of-Tunneling-Protocols-GRE-IPIP-4in6-6in4-VU-199397",
      "url": "https://supportportal.juniper.net/s/article/2025-07-Security-Bulletin-Junos-OS-Evolved-Multiple-vulnerabilities-resolved-for-Insecure-Implementation-of-Tunneling-Protocols-GRE-IPIP-4in6-6in4-VU-199397"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2025-52958 (GCVE-0-2025-52958)

Vulnerability from cvelistv5

fkie_cve-2025-52958

Vulnerability from fkie_nvd

ghsa-5694-q557-w4rg

Vulnerability from github

CERTFR-2025-AVI-0583

Vulnerability from certfr_avis

Solutions

Tags

Sightings

Nomenclature