cvelistv5 - cve-2025-60004

CVE-2025-60004 (GCVE-0-2025-60004)

Vulnerability from cvelistv5

Published

2025-10-09 16:18

Modified

2025-10-09 19:46

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
8.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/RE:M

CWE

CWE-754 - Improper Check for Unusual or Exceptional Conditions

Summary

An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial-Of-Service (DoS). When an affected system receives a specific BGP EVPN update message over an established BGP session, this causes an rpd crash and restart. A BGP EVPN configuration is not necessary to be vulnerable. If peers are not configured to send BGP EVPN updates to a vulnerable device, then this issue can't occur. This issue affects iBGP and eBGP, over IPv4 and IPv6. This issue affects: Junos OS: * 23.4 versions from 23.4R2-S3 before 23.4R2-S5, * 24.2 versions from 24.2R2 before 24.2R2-S1, * 24.4 versions before 24.4R1-S3, 24.4R2; Junos OS Evolved: * 23.4-EVO versions from 23.4R2-S2-EVO before 23.4R2-S5-EVO, * 24.2-EVO versions from 24.2R2-EVO before 24.2R2-S1-EVO, * 24.4-EVO versions before 24.4R1-S3-EVO, 24.4R2-EVO.

References

URL

CERTFR-2025-AVI-0855

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits Juniper Networks. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Juniper Networks	Junos OS	Junos OS versions 24.4 antérieures à 24.4R2
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions antérieures à 22.4R3-S8-EVO
Juniper Networks	Junos OS	Junos OS versions 23.4 antérieures à 23.4R2-S5
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions 23.2-EVO antérieures à 23.2R2-S4-EVO
Juniper Networks	Junos OS	Junos OS versions antérieures à 22.4R3-S8
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions 24.2-EVO antérieures à 24.2R2-S2-EVO
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions 24.4-EVO antérieures à 24.4R2-EVO
Juniper Networks	Junos Space	Junos Space versions antérieures à 24.1R4
Juniper Networks	Security Director	Security Director Policy Enforcer versions antérieures à 23.1R1 Hotpatch v3
Juniper Networks	Junos Space	Junos Space Security Director versions antérieures à 24.1R4
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions 23.4-EVO antérieures à 23.4R2-S5-EVO
Juniper Networks	Junos OS	Junos OS versions 23.2 antérieures à 23.2R2-S4
Juniper Networks	Junos OS	Junos OS versions 24.2 antérieures à 24.2R2-S1

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper Networks JSA103140	2025-10-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA103141	2025-10-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA103163	2025-10-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA103168	2025-10-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA103171	2025-10-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA103167	2025-10-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA103156	2025-10-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA103437	2025-10-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA103172	2025-10-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA103157	2025-10-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA103170	2025-10-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA103139	2025-10-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA103151	2025-10-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA103153	2025-10-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA103147	2025-10-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA103144	2025-10-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA103143	2025-10-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA103146	2025-10-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA103138	2025-10-08	vendor-advisory
Bulletin de sécurité Juniper Networks JSA103165	2025-10-08	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Junos OS versions 24.4 ant\u00e9rieures \u00e0 24.4R2",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions  ant\u00e9rieures \u00e0 22.4R3-S8-EVO",
      "product": {
        "name": "Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 23.4 ant\u00e9rieures \u00e0 23.4R2-S5",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 23.2-EVO ant\u00e9rieures \u00e0 23.2R2-S4-EVO",
      "product": {
        "name": "Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions ant\u00e9rieures \u00e0 22.4R3-S8",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 24.2-EVO ant\u00e9rieures \u00e0 24.2R2-S2-EVO",
      "product": {
        "name": "Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 24.4-EVO ant\u00e9rieures \u00e0 24.4R2-EVO",
      "product": {
        "name": "Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos Space versions ant\u00e9rieures \u00e0 24.1R4",
      "product": {
        "name": "Junos Space",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Security Director Policy Enforcer versions ant\u00e9rieures \u00e0 23.1R1 Hotpatch v3",
      "product": {
        "name": "Security Director",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos Space Security Director versions ant\u00e9rieures \u00e0 24.1R4",
      "product": {
        "name": "Junos Space",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS Evolved versions 23.4-EVO ant\u00e9rieures \u00e0 23.4R2-S5-EVO",
      "product": {
        "name": "Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 23.2 ant\u00e9rieures \u00e0 23.2R2-S4",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions 24.2 ant\u00e9rieures \u00e0 24.2R2-S1",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-24795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24795"
    },
    {
      "name": "CVE-2024-36903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36903"
    },
    {
      "name": "CVE-2023-44431",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44431"
    },
    {
      "name": "CVE-2021-47606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-47606"
    },
    {
      "name": "CVE-2025-59993",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59993"
    },
    {
      "name": "CVE-2025-59997",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59997"
    },
    {
      "name": "CVE-2023-7104",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
    },
    {
      "name": "CVE-2025-59995",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59995"
    },
    {
      "name": "CVE-2024-21235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
    },
    {
      "name": "CVE-2023-28466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28466"
    },
    {
      "name": "CVE-2024-36921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36921"
    },
    {
      "name": "CVE-2025-59986",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59986"
    },
    {
      "name": "CVE-2025-60009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-60009"
    },
    {
      "name": "CVE-2025-59989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59989"
    },
    {
      "name": "CVE-2024-26897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26897"
    },
    {
      "name": "CVE-2023-46103",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46103"
    },
    {
      "name": "CVE-2024-27052",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27052"
    },
    {
      "name": "CVE-2023-2235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2235"
    },
    {
      "name": "CVE-2025-59999",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59999"
    },
    {
      "name": "CVE-2025-59994",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59994"
    },
    {
      "name": "CVE-2024-4076",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-4076"
    },
    {
      "name": "CVE-2025-59967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59967"
    },
    {
      "name": "CVE-2022-24805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24805"
    },
    {
      "name": "CVE-2024-12797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
    },
    {
      "name": "CVE-2023-3390",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3390"
    },
    {
      "name": "CVE-2024-37356",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-37356"
    },
    {
      "name": "CVE-2024-47538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47538"
    },
    {
      "name": "CVE-2023-4004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4004"
    },
    {
      "name": "CVE-2024-21823",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21823"
    },
    {
      "name": "CVE-2025-59991",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59991"
    },
    {
      "name": "CVE-2024-5564",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-5564"
    },
    {
      "name": "CVE-2024-26600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26600"
    },
    {
      "name": "CVE-2023-28746",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28746"
    },
    {
      "name": "CVE-2023-52864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52864"
    },
    {
      "name": "CVE-2025-26600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-26600"
    },
    {
      "name": "CVE-2024-3596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
    },
    {
      "name": "CVE-2024-27280",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27280"
    },
    {
      "name": "CVE-2024-36929",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36929"
    },
    {
      "name": "CVE-2023-35788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-35788"
    },
    {
      "name": "CVE-2025-59982",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59982"
    },
    {
      "name": "CVE-2024-1975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-1975"
    },
    {
      "name": "CVE-2023-43785",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-43785"
    },
    {
      "name": "CVE-2024-30205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30205"
    },
    {
      "name": "CVE-2018-17247",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-17247"
    },
    {
      "name": "CVE-2025-60004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-60004"
    },
    {
      "name": "CVE-2023-51594",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-51594"
    },
    {
      "name": "CVE-2024-22025",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22025"
    },
    {
      "name": "CVE-2023-50229",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-50229"
    },
    {
      "name": "CVE-2025-59974",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59974"
    },
    {
      "name": "CVE-2025-26598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-26598"
    },
    {
      "name": "CVE-2018-3824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3824"
    },
    {
      "name": "CVE-2024-40928",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40928"
    },
    {
      "name": "CVE-2024-43398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-43398"
    },
    {
      "name": "CVE-2024-8508",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8508"
    },
    {
      "name": "CVE-2024-36020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36020"
    },
    {
      "name": "CVE-2021-45105",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
    },
    {
      "name": "CVE-2025-59981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59981"
    },
    {
      "name": "CVE-2023-31248",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31248"
    },
    {
      "name": "CVE-2024-1737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-1737"
    },
    {
      "name": "CVE-2023-25193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25193"
    },
    {
      "name": "CVE-2021-4104",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4104"
    },
    {
      "name": "CVE-2024-30203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30203"
    },
    {
      "name": "CVE-2023-3090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3090"
    },
    {
      "name": "CVE-2024-35937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35937"
    },
    {
      "name": "CVE-2025-59968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59968"
    },
    {
      "name": "CVE-2023-51592",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-51592"
    },
    {
      "name": "CVE-2025-59990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59990"
    },
    {
      "name": "CVE-2021-22146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22146"
    },
    {
      "name": "CVE-2025-59978",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59978"
    },
    {
      "name": "CVE-2024-25629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25629"
    },
    {
      "name": "CVE-2024-36017",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36017"
    },
    {
      "name": "CVE-2024-24806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24806"
    },
    {
      "name": "CVE-2024-27434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27434"
    },
    {
      "name": "CVE-2023-47038",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-47038"
    },
    {
      "name": "CVE-2024-35852",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35852"
    },
    {
      "name": "CVE-2024-38558",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38558"
    },
    {
      "name": "CVE-2025-59992",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59992"
    },
    {
      "name": "CVE-2024-35845",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35845"
    },
    {
      "name": "CVE-2021-41072",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41072"
    },
    {
      "name": "CVE-2025-60000",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-60000"
    },
    {
      "name": "CVE-2022-24807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24807"
    },
    {
      "name": "CVE-2024-47607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47607"
    },
    {
      "name": "CVE-2024-27065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27065"
    },
    {
      "name": "CVE-2024-36005",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36005"
    },
    {
      "name": "CVE-2023-45866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45866"
    },
    {
      "name": "CVE-2023-27349",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27349"
    },
    {
      "name": "CVE-2023-0464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
    },
    {
      "name": "CVE-2015-5377",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5377"
    },
    {
      "name": "CVE-2023-48161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-48161"
    },
    {
      "name": "CVE-2022-24810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24810"
    },
    {
      "name": "CVE-2024-33621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33621"
    },
    {
      "name": "CVE-2024-27983",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27983"
    },
    {
      "name": "CVE-2025-60001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-60001"
    },
    {
      "name": "CVE-2024-5742",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-5742"
    },
    {
      "name": "CVE-2023-50230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-50230"
    },
    {
      "name": "CVE-2025-52960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52960"
    },
    {
      "name": "CVE-2024-36922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36922"
    },
    {
      "name": "CVE-2025-59996",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59996"
    },
    {
      "name": "CVE-2024-39487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39487"
    },
    {
      "name": "CVE-2024-27982",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27982"
    },
    {
      "name": "CVE-2023-38575",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38575"
    },
    {
      "name": "CVE-2024-35911",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35911"
    },
    {
      "name": "CVE-2025-59957",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59957"
    },
    {
      "name": "CVE-2025-59958",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59958"
    },
    {
      "name": "CVE-2021-41043",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41043"
    },
    {
      "name": "CVE-2018-17244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-17244"
    },
    {
      "name": "CVE-2019-12900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
    },
    {
      "name": "CVE-2024-39908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39908"
    },
    {
      "name": "CVE-2025-26597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-26597"
    },
    {
      "name": "CVE-2024-36971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36971"
    },
    {
      "name": "CVE-2023-2603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2603"
    },
    {
      "name": "CVE-2024-41946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41946"
    },
    {
      "name": "CVE-2023-3776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3776"
    },
    {
      "name": "CVE-2024-42934",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-42934"
    },
    {
      "name": "CVE-2023-51580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-51580"
    },
    {
      "name": "CVE-2024-35848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35848"
    },
    {
      "name": "CVE-2024-27417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27417"
    },
    {
      "name": "CVE-2023-21102",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21102"
    },
    {
      "name": "CVE-2024-27281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27281"
    },
    {
      "name": "CVE-2025-59983",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59983"
    },
    {
      "name": "CVE-2024-36941",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36941"
    },
    {
      "name": "CVE-2024-2236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2236"
    },
    {
      "name": "CVE-2024-38428",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38428"
    },
    {
      "name": "CVE-2024-35969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35969"
    },
    {
      "name": "CVE-2021-45046",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
    },
    {
      "name": "CVE-2025-60006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-60006"
    },
    {
      "name": "CVE-2024-36489",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36489"
    },
    {
      "name": "CVE-2015-1427",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1427"
    },
    {
      "name": "CVE-2024-38575",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38575"
    },
    {
      "name": "CVE-2024-35899",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35899"
    },
    {
      "name": "CVE-2024-35823",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35823"
    },
    {
      "name": "CVE-2024-40954",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40954"
    },
    {
      "name": "CVE-2024-9632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9632"
    },
    {
      "name": "CVE-2023-38408",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38408"
    },
    {
      "name": "CVE-2025-26595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-26595"
    },
    {
      "name": "CVE-2024-26868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26868"
    },
    {
      "name": "CVE-2023-43787",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-43787"
    },
    {
      "name": "CVE-2023-43786",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-43786"
    },
    {
      "name": "CVE-2024-8235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8235"
    },
    {
      "name": "CVE-2023-4147",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4147"
    },
    {
      "name": "CVE-2025-59977",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59977"
    },
    {
      "name": "CVE-2023-6004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6004"
    },
    {
      "name": "CVE-2023-3610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3610"
    },
    {
      "name": "CVE-2025-26596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-26596"
    },
    {
      "name": "CVE-2024-4603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
    },
    {
      "name": "CVE-2022-48622",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48622"
    },
    {
      "name": "CVE-2021-42550",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42550"
    },
    {
      "name": "CVE-2021-44228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
    },
    {
      "name": "CVE-2024-26828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26828"
    },
    {
      "name": "CVE-2025-59998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59998"
    },
    {
      "name": "CVE-2024-26808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26808"
    },
    {
      "name": "CVE-2024-30204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30204"
    },
    {
      "name": "CVE-2025-60002",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-60002"
    },
    {
      "name": "CVE-2023-35001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-35001"
    },
    {
      "name": "CVE-2024-27282",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27282"
    },
    {
      "name": "CVE-2018-3831",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3831"
    },
    {
      "name": "CVE-2023-43490",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-43490"
    },
    {
      "name": "CVE-2025-59976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59976"
    },
    {
      "name": "CVE-2025-59980",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59980"
    },
    {
      "name": "CVE-2025-26599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-26599"
    },
    {
      "name": "CVE-2024-47615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47615"
    },
    {
      "name": "CVE-2018-3823",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3823"
    },
    {
      "name": "CVE-2023-22655",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-22655"
    },
    {
      "name": "CVE-2024-6126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6126"
    },
    {
      "name": "CVE-2023-4911",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4911"
    },
    {
      "name": "CVE-2023-39368",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39368"
    },
    {
      "name": "CVE-2021-44832",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44832"
    },
    {
      "name": "CVE-2024-26853",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26853"
    },
    {
      "name": "CVE-2025-59975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59975"
    },
    {
      "name": "CVE-2025-0624",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0624"
    },
    {
      "name": "CVE-2025-59987",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59987"
    },
    {
      "name": "CVE-2024-40958",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40958"
    },
    {
      "name": "CVE-2018-3826",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3826"
    },
    {
      "name": "CVE-2025-26601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-26601"
    },
    {
      "name": "CVE-2024-52337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-52337"
    },
    {
      "name": "CVE-2025-59985",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59985"
    },
    {
      "name": "CVE-2025-11198",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11198"
    },
    {
      "name": "CVE-2022-24806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24806"
    },
    {
      "name": "CVE-2023-32233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32233"
    },
    {
      "name": "CVE-2024-35789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35789"
    },
    {
      "name": "CVE-2024-26327",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26327"
    },
    {
      "name": "CVE-2015-3253",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3253"
    },
    {
      "name": "CVE-2025-59964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59964"
    },
    {
      "name": "CVE-2025-59988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59988"
    },
    {
      "name": "CVE-2024-21210",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21210"
    },
    {
      "name": "CVE-2024-2511",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
    },
    {
      "name": "CVE-2024-34397",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34397"
    },
    {
      "name": "CVE-2023-45733",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45733"
    },
    {
      "name": "CVE-2021-40153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-40153"
    },
    {
      "name": "CVE-2024-6655",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6655"
    },
    {
      "name": "CVE-2024-41123",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41123"
    },
    {
      "name": "CVE-2024-27049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27049"
    },
    {
      "name": "CVE-2025-59984",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59984"
    },
    {
      "name": "CVE-2025-52961",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52961"
    },
    {
      "name": "CVE-2023-51589",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-51589"
    },
    {
      "name": "CVE-2024-21217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
    },
    {
      "name": "CVE-2024-28182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28182"
    },
    {
      "name": "CVE-2021-3903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3903"
    },
    {
      "name": "CVE-2024-35800",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35800"
    },
    {
      "name": "CVE-2023-2124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2124"
    },
    {
      "name": "CVE-2023-51596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-51596"
    },
    {
      "name": "CVE-2025-60010",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-60010"
    },
    {
      "name": "CVE-2023-51764",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-51764"
    },
    {
      "name": "CVE-2025-26594",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-26594"
    },
    {
      "name": "CVE-2024-6409",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6409"
    },
    {
      "name": "CVE-2024-49761",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49761"
    },
    {
      "name": "CVE-2022-24808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24808"
    },
    {
      "name": "CVE-2025-59962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59962"
    },
    {
      "name": "CVE-2024-21208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21208"
    },
    {
      "name": "CVE-2020-11023",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
    },
    {
      "name": "CVE-2024-40961",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40961"
    }
  ],
  "initial_release_date": "2025-10-09T00:00:00",
  "last_revision_date": "2025-10-09T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0855",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-10-09T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Juniper Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper Networks",
  "vendor_advisories": [
    {
      "published_at": "2025-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103140",
      "url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Multiple-XSS-vulnerabilities-resolved-in-24-1R4-release"
    },
    {
      "published_at": "2025-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103141",
      "url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-24-1R4-release"
    },
    {
      "published_at": "2025-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103163",
      "url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-Evolved-Multiple-OS-command-injection-vulnerabilities-fixed-CVE-2025-60006"
    },
    {
      "published_at": "2025-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103168",
      "url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Device-allows-login-for-user-with-expired-password-CVE-2025-60010"
    },
    {
      "published_at": "2025-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103171",
      "url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Reflected-client-side-HTTP-parameter-pollution-vulnerability-in-web-interface-CVE-2025-59977"
    },
    {
      "published_at": "2025-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103167",
      "url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-When-a-user-with-the-name-ftp-or-anonymous-is-configured-unauthenticated-filesystem-access-is-allowed-CVE-2025-59980"
    },
    {
      "published_at": "2025-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103156",
      "url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-Evolved-ACX7024-ACX7024X-ACX7100-32C-ACX7100-48L-ACX7348-ACX7509-When-specific-valid-multicast-traffic-is-received-on-the-L3-interface-a-vulnerable-device-evo-pfemand-crashes-and-restarts-CVE-2025-59967"
    },
    {
      "published_at": "2025-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103437",
      "url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Security-Director-Policy-Enforcer-An-unrestricted-API-allows-a-network-based-unauthenticated-attacker-to-deploy-malicious-vSRX-images-to-VMWare-NSX-Server-CVE-2025-11198"
    },
    {
      "published_at": "2025-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103172",
      "url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Flooding-device-with-inbound-API-calls-leads-to-WebUI-and-CLI-management-access-DoS-CVE-2025-59975"
    },
    {
      "published_at": "2025-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103157",
      "url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Juniper-Security-Director-Insufficient-authorization-for-sensitive-resources-in-web-interface-CVE-2025-59968"
    },
    {
      "published_at": "2025-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103170",
      "url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Arbitrary-file-download-vulnerability-in-web-interface-CVE-2025-59976"
    },
    {
      "published_at": "2025-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103139",
      "url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Security-Director-Multiple-vulnerabilities-resolved-in-24-1R4"
    },
    {
      "published_at": "2025-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103151",
      "url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-With-BGP-sharding-enabled-change-in-indirect-next-hop-can-cause-RPD-crash-CVE-2025-59962"
    },
    {
      "published_at": "2025-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103153",
      "url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-SRX4700-When-forwarding-options-sampling-is-enabled-any-traffic-destined-to-the-RE-will-cause-the-forwarding-line-card-to-crash-and-restart-CVE-2025-59964"
    },
    {
      "published_at": "2025-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103147",
      "url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-Evolved-PTX-Series-When-firewall-filter-rejects-traffic-these-packets-are-erroneously-sent-to-the-RE-CVE-2025-59958"
    },
    {
      "published_at": "2025-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103144",
      "url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-Evolved-PTX-Series-except-PTX10003-An-unauthenticated-adjacent-attacker-sending-specific-valid-traffic-can-cause-a-memory-leak-in-cfmman-leading-to-FPC-crash-and-restart-CVE-2025-52961"
    },
    {
      "published_at": "2025-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103143",
      "url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-SRX-Series-and-MX-Series-Receipt-of-specific-SIP-packets-in-a-high-utilization-situation-causes-a-flowd-crash-CVE-2025-52960"
    },
    {
      "published_at": "2025-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103146",
      "url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-EX4600-Series-and-QFX5000-Series-An-attacker-with-physical-access-can-open-a-persistent-backdoor-CVE-2025-59957"
    },
    {
      "published_at": "2025-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103138",
      "url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Security-Director-Multiple-vulnerabilities-resolved-in-24-1R4-by-upgrading-Log4j-Java-library-to-2-23-1-and-ElasticSearch-to-6-8-17"
    },
    {
      "published_at": "2025-10-08",
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA103165",
      "url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Specific-BGP-EVPN-update-message-causes-rpd-crash-CVE-2025-60004"
    }
  ]
}

ncsc-2025-0305

Vulnerability from csaf_ncscnl

Published

2025-10-13 07:17

Modified

2025-10-13 07:17

Summary

Kwetsbaarheden verholpen in Juniper Networks Junos OS

Notes

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.

Feiten

Juniper heeft kwetsbaarheden verholpen in Junos OS (Specifiek voor EX4600, QFX5000 Series switches en SRX4700 apparaten).

Interpretaties

De kwetsbaarheden in Junos OS omvatten verschillende ernstige problemen, waaronder de mogelijkheid voor ongeauthenticeerde aanvallers om Denial of Service (DoS) te veroorzaken door het versturen van speciaal vervaardigde pakketten, het manipuleren van URL-parameters, en het omzeilen van authenticatieprocessen. Dit kan leiden tot systeemcrashes, ongeautoriseerde toegang tot gevoelige gegevens, en verstoring van netwerkdiensten. De impact van deze kwetsbaarheden kan aanzienlijk zijn, vooral voor organisaties die afhankelijk zijn van Junos OS voor hun netwerkbeheer.

Oplossingen

Juniper heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans

medium

Schade

high

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CWE-262

Not Using Password Aging

CWE-305

Authentication Bypass by Primary Weakness

CWE-306

Missing Authentication for Critical Function

CWE-346

Origin Validation Error

CWE-400

Uncontrolled Resource Consumption

CWE-476

NULL Pointer Dereference

CWE-552

Files or Directories Accessible to External Parties

CWE-754

Improper Check for Unusual or Exceptional Conditions

CWE-824

Access of Uninitialized Pointer

CWE-908

Use of Uninitialized Resource

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Juniper heeft kwetsbaarheden verholpen in Junos OS (Specifiek voor EX4600, QFX5000 Series switches en SRX4700 apparaten).",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "De kwetsbaarheden in Junos OS omvatten verschillende ernstige problemen, waaronder de mogelijkheid voor ongeauthenticeerde aanvallers om Denial of Service (DoS) te veroorzaken door het versturen van speciaal vervaardigde pakketten, het manipuleren van URL-parameters, en het omzeilen van authenticatieprocessen. Dit kan leiden tot systeemcrashes, ongeautoriseerde toegang tot gevoelige gegevens, en verstoring van netwerkdiensten. De impact van deze kwetsbaarheden kan aanzienlijk zijn, vooral voor organisaties die afhankelijk zijn van Junos OS voor hun netwerkbeheer.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Juniper heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
        "title": "CWE-78"
      },
      {
        "category": "general",
        "text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
        "title": "CWE-120"
      },
      {
        "category": "general",
        "text": "Not Using Password Aging",
        "title": "CWE-262"
      },
      {
        "category": "general",
        "text": "Authentication Bypass by Primary Weakness",
        "title": "CWE-305"
      },
      {
        "category": "general",
        "text": "Missing Authentication for Critical Function",
        "title": "CWE-306"
      },
      {
        "category": "general",
        "text": "Origin Validation Error",
        "title": "CWE-346"
      },
      {
        "category": "general",
        "text": "Uncontrolled Resource Consumption",
        "title": "CWE-400"
      },
      {
        "category": "general",
        "text": "NULL Pointer Dereference",
        "title": "CWE-476"
      },
      {
        "category": "general",
        "text": "Files or Directories Accessible to External Parties",
        "title": "CWE-552"
      },
      {
        "category": "general",
        "text": "Improper Check for Unusual or Exceptional Conditions",
        "title": "CWE-754"
      },
      {
        "category": "general",
        "text": "Access of Uninitialized Pointer",
        "title": "CWE-824"
      },
      {
        "category": "general",
        "text": "Use of Uninitialized Resource",
        "title": "CWE-908"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Juniper-Security-Director-Insufficient-authorization-for-sensitive-resources-in-web-interface-CVE-2025-59968"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Device-allows-login-for-user-with-expired-password-CVE-2025-60010"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Specific-BGP-EVPN-update-message-causes-rpd-crash-CVE-2025-60004"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-With-BGP-sharding-enabled-change-in-indirect-next-hop-can-cause-RPD-crash-CVE-2025-59962"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-Evolved-ACX7024-ACX7024X-ACX7100-32C-ACX7100-48L-ACX7348-ACX7509-When-specific-valid-multicast-traffic-is-received-on-the-L3-interface-a-vulnerable-device-evo-pfemand-crashes-and-restarts-CVE-2025-59967"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-Evolved-Multiple-OS-command-injection-vulnerabilities-fixed-CVE-2025-60006"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-Evolved-PTX-Series-except-PTX10003-An-unauthenticated-adjacent-attacker-sending-specific-valid-traffic-can-cause-a-memory-leak-in-cfmman-leading-to-FPC-crash-and-restart-CVE-2025-52961"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-Evolved-PTX-Series-When-firewall-filter-rejects-traffic-these-packets-are-erroneously-sent-to-the-RE-CVE-2025-59958"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-EX4600-Series-and-QFX5000-Series-An-attacker-with-physical-access-can-open-a-persistent-backdoor-CVE-2025-59957"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-SRX-Series-and-MX-Series-Receipt-of-specific-SIP-packets-in-a-high-utilization-situation-causes-a-flowd-crash-CVE-2025-52960"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-SRX4700-When-forwarding-options-sampling-is-enabled-any-traffic-destined-to-the-RE-will-cause-the-forwarding-line-card-to-crash-and-restart-CVE-2025-59964"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-OS-When-a-user-with-the-name-ftp-or-anonymous-is-configured-unauthenticated-filesystem-access-is-allowed-CVE-2025-59980"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Arbitrary-file-download-vulnerability-in-web-interface-CVE-2025-59976"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Flooding-device-with-inbound-API-calls-leads-to-WebUI-and-CLI-management-access-DoS-CVE-2025-59975"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Reflected-client-side-HTTP-parameter-pollution-vulnerability-in-web-interface-CVE-2025-59977"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Security-Director-Policy-Enforcer-An-unrestricted-API-allows-a-network-based-unauthenticated-attacker-to-deploy-malicious-vSRX-images-to-VMWare-NSX-Server-CVE-2025-11198"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Juniper Networks Junos OS",
    "tracking": {
      "current_release_date": "2025-10-13T07:17:00.445318Z",
      "generator": {
        "date": "2025-08-04T16:30:00Z",
        "engine": {
          "name": "V.A.",
          "version": "1.3"
        }
      },
      "id": "NCSC-2025-0305",
      "initial_release_date": "2025-10-13T07:17:00.445318Z",
      "revision_history": [
        {
          "date": "2025-10-13T07:17:00.445318Z",
          "number": "1.0.0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-1"
                }
              }
            ],
            "category": "product_name",
            "name": "Junos OS"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-2"
                }
              }
            ],
            "category": "product_name",
            "name": "Junos OS Evolved"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-3"
                }
              }
            ],
            "category": "product_name",
            "name": "Junos Space"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-4"
                }
              }
            ],
            "category": "product_name",
            "name": "Junos Space Security Director"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-5"
                }
              }
            ],
            "category": "product_name",
            "name": "SRX Series"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-6"
                }
              }
            ],
            "category": "product_name",
            "name": "Security Director"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-7"
                }
              }
            ],
            "category": "product_name",
            "name": "Security Director Policy Enforcer"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-8"
                }
              }
            ],
            "category": "product_name",
            "name": "vSRX Series"
          }
        ],
        "category": "vendor",
        "name": "Juniper Networks"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-11198",
      "cwe": {
        "id": "CWE-306",
        "name": "Missing Authentication for Critical Function"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Authentication for Critical Function",
          "title": "CWE-306"
        },
        {
          "category": "description",
          "text": "A vulnerability in Juniper Networks Security Director Policy Enforcer allows unauthenticated attackers to replace legitimate vSRX images with malicious ones during deployment initiated by a trusted user, affecting all versions prior to 23.1R1 Hotpatch v3.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H/AU:Y/R:U/V:C/RE:M/U:Red",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-11198 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-11198.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8"
          ]
        }
      ],
      "title": "CVE-2025-11198"
    },
    {
      "cve": "CVE-2025-59968",
      "notes": [
        {
          "category": "description",
          "text": "A Missing Authorization vulnerability in Juniper Networks\u0027 Junos Space Security Director allows unauthenticated attackers to read or modify metadata, potentially compromising security on managed SRX Series devices prior to version 24.1R3 Patch V4.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:C/RE:M/U:Green",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-59968 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59968.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8"
          ]
        }
      ],
      "title": "CVE-2025-59968"
    },
    {
      "cve": "CVE-2025-59975",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "description",
          "text": "A vulnerability in Juniper Networks Junos Space\u0027s HTTP daemon allows unauthenticated attackers to flood the device with API calls, causing resource exhaustion and requiring a manual reboot for recovery.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:C/RE:M/U:X",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-59975 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59975.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8"
          ]
        }
      ],
      "title": "CVE-2025-59975"
    },
    {
      "cve": "CVE-2025-59976",
      "cwe": {
        "id": "CWE-552",
        "name": "Files or Directories Accessible to External Parties"
      },
      "notes": [
        {
          "category": "other",
          "text": "Files or Directories Accessible to External Parties",
          "title": "CWE-552"
        },
        {
          "category": "description",
          "text": "Juniper Networks Junos Space has an arbitrary file download vulnerability affecting all versions prior to 24.1R3, allowing authenticated attackers to exploit crafted GET methods to access sensitive files on the file system.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/AU:Y/RE:M",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-59976 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59976.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8"
          ]
        }
      ],
      "title": "CVE-2025-59976"
    },
    {
      "cve": "CVE-2025-59977",
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in Juniper Networks Junos Space allows attackers to exploit URL parameters in the web interface, potentially resulting in unauthorized information disclosure through client-side HTTP parameter pollution.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-59977 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59977.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8"
          ]
        }
      ],
      "title": "CVE-2025-59977"
    },
    {
      "cve": "CVE-2025-52960",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
          "title": "CWE-120"
        },
        {
          "category": "description",
          "text": "A vulnerability in Juniper Networks Junos OS\u0027s SIP ALG allows unauthenticated attackers to trigger Denial of Service by sending specific SIP packets during high memory usage, resulting in system crashes.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:X/RE:M/U:X",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-52960 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-52960.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8"
          ]
        }
      ],
      "title": "CVE-2025-52960"
    },
    {
      "cve": "CVE-2025-59957",
      "cwe": {
        "id": "CWE-346",
        "name": "Origin Validation Error"
      },
      "notes": [
        {
          "category": "other",
          "text": "Origin Validation Error",
          "title": "CWE-346"
        },
        {
          "category": "description",
          "text": "An Origin Validation Error in Juniper Networks Junos OS on EX4600 and QFX5000 Series allows physical access attackers to create a backdoor for system control, especially if the root password is absent.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:X/RE:H/U:X",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-59957 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59957.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8"
          ]
        }
      ],
      "title": "CVE-2025-59957"
    },
    {
      "cve": "CVE-2025-59964",
      "cwe": {
        "id": "CWE-908",
        "name": "Use of Uninitialized Resource"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use of Uninitialized Resource",
          "title": "CWE-908"
        },
        {
          "category": "description",
          "text": "A vulnerability in Juniper Networks Junos OS on SRX4700 devices allows unauthenticated attackers to cause Denial of Service by sending traffic to the Routing Engine, resulting in crashes and service disruption.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/AU:Y/R:A/V:C/RE:M/U:Green",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-59964 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59964.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8"
          ]
        }
      ],
      "title": "CVE-2025-59964"
    },
    {
      "cve": "CVE-2025-59980",
      "cwe": {
        "id": "CWE-305",
        "name": "Authentication Bypass by Primary Weakness"
      },
      "notes": [
        {
          "category": "other",
          "text": "Authentication Bypass by Primary Weakness",
          "title": "CWE-305"
        },
        {
          "category": "description",
          "text": "An authentication bypass vulnerability in Juniper Networks Junos OS FTP server allows unauthenticated attackers to access files with limited read-write permissions if configured for \u0027ftp\u0027 or \u0027anonymous\u0027 users, affecting multiple versions prior to specific updates.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/AU:Y/RE:M",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-59980 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59980.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8"
          ]
        }
      ],
      "title": "CVE-2025-59980"
    },
    {
      "cve": "CVE-2025-52961",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "description",
          "text": "A vulnerability in Juniper Networks\u0027 Junos OS Evolved allows unauthenticated adjacent attackers to trigger a Denial-of-Service by sending specific traffic, impacting CPU usage and memory in certain PTX models.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:C/RE:M/U:Green",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-52961 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-52961.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8"
          ]
        }
      ],
      "title": "CVE-2025-52961"
    },
    {
      "cve": "CVE-2025-59958",
      "cwe": {
        "id": "CWE-754",
        "name": "Improper Check for Unusual or Exceptional Conditions"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Check for Unusual or Exceptional Conditions",
          "title": "CWE-754"
        },
        {
          "category": "description",
          "text": "A vulnerability in Juniper Networks\u0027 Junos OS Evolved on PTX Series allows unauthenticated attackers to impact confidentiality and availability by improperly processing packets through the Routing Engine with specific firewall filters configured.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:M/U:X",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-59958 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59958.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8"
          ]
        }
      ],
      "title": "CVE-2025-59958"
    },
    {
      "cve": "CVE-2025-59967",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        },
        {
          "category": "description",
          "text": "A NULL Pointer Dereference vulnerability in Juniper Networks\u0027 Junos OS Evolved affects specific ACX devices, enabling unauthenticated adjacent attackers to crash the evo-pfemand process via targeted multicast traffic, resulting in a Denial-of-Service (DoS).",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:C/RE:M/U:Green",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-59967 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59967.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8"
          ]
        }
      ],
      "title": "CVE-2025-59967"
    },
    {
      "cve": "CVE-2025-60006",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
          "title": "CWE-78"
        },
        {
          "category": "description",
          "text": "A vulnerability in Juniper Networks\u0027 Junos OS Evolved allows OS command injection through the CLI, affecting versions 24.2 before 24.2R2-S2-EVO and 24.4 before 24.4R2-EVO, leading to potential privilege escalation.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/AU:Y/RE:M",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-60006 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-60006.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8"
          ]
        }
      ],
      "title": "CVE-2025-60006"
    },
    {
      "cve": "CVE-2025-59962",
      "cwe": {
        "id": "CWE-824",
        "name": "Access of Uninitialized Pointer"
      },
      "notes": [
        {
          "category": "other",
          "text": "Access of Uninitialized Pointer",
          "title": "CWE-824"
        },
        {
          "category": "description",
          "text": "An Access of Uninitialized Pointer vulnerability in Juniper Networks\u0027 Junos OS can lead to a Denial of Service (DoS) by crashing the routing protocol daemon when BGP sharding is enabled.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:C/RE:M/U:X",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-59962 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59962.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8"
          ]
        }
      ],
      "title": "CVE-2025-59962"
    },
    {
      "cve": "CVE-2025-60004",
      "cwe": {
        "id": "CWE-754",
        "name": "Improper Check for Unusual or Exceptional Conditions"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Check for Unusual or Exceptional Conditions",
          "title": "CWE-754"
        },
        {
          "category": "description",
          "text": "A vulnerability in Juniper Networks\u0027 Junos OS allows unauthenticated attackers to trigger a Denial-Of-Service by sending specific BGP EVPN update messages, causing the routing protocol daemon to crash and restart.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/RE:M",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-60004 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-60004.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8"
          ]
        }
      ],
      "title": "CVE-2025-60004"
    },
    {
      "cve": "CVE-2025-60010",
      "cwe": {
        "id": "CWE-262",
        "name": "Not Using Password Aging"
      },
      "notes": [
        {
          "category": "other",
          "text": "Not Using Password Aging",
          "title": "CWE-262"
        },
        {
          "category": "description",
          "text": "A vulnerability in Juniper Networks\u0027 RADIUS client allows authenticated attackers to log in with expired passwords, circumventing the password change policy on affected Junos OS versions.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/RE:M",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-60010 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-60010.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8"
          ]
        }
      ],
      "title": "CVE-2025-60010"
    }
  ]
}

fkie_cve-2025-60004

Vulnerability from fkie_nvd

Published

2025-10-09 17:16

Modified

2025-10-14 19:37

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

	URL	Tags
	sirt@juniper.net	https://supportportal.juniper.net/JSA103165

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial-Of-Service (DoS).\n\nWhen an affected system receives a specific BGP EVPN update message over an established BGP session, this causes an rpd crash and restart.\n\nA BGP EVPN configuration is not necessary to be vulnerable. If peers are not configured to send BGP EVPN updates to a vulnerable device, then this issue can\u0027t occur.\n\nThis issue affects iBGP and eBGP, over IPv4 and IPv6.\n\n\nThis issue affects:\nJunos OS:\n  *  23.4 versions from \n\n23.4R2-S3 before\u00a023.4R2-S5,\n  *  24.2 versions from \n\n24.2R2 \n\nbefore 24.2R2-S1,\n  *  24.4 versions before 24.4R1-S3, 24.4R2;\n\n\n\nJunos OS Evolved:\n  *  23.4-EVO versions from 23.4R2-S2-EVO before 23.4R2-S5-EVO,\n  *  24.2-EVO versions from 24.2R2-EVO before 24.2R2-S1-EVO,\n  *  24.4-EVO versions before 24.4R1-S3-EVO, 24.4R2-EVO."
    }
  ],
  "id": "CVE-2025-60004",
  "lastModified": "2025-10-14T19:37:28.107",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "sirt@juniper.net",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "YES",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "NETWORK",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 8.7,
          "baseSeverity": "HIGH",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "NONE",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "LOW",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:X/RE:M/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "HIGH",
          "vulnConfidentialityImpact": "NONE",
          "vulnIntegrityImpact": "NONE",
          "vulnerabilityResponseEffort": "MODERATE"
        },
        "source": "sirt@juniper.net",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-10-09T17:16:03.673",
  "references": [
    {
      "source": "sirt@juniper.net",
      "url": "https://supportportal.juniper.net/JSA103165"
    }
  ],
  "sourceIdentifier": "sirt@juniper.net",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-754"
        }
      ],
      "source": "sirt@juniper.net",
      "type": "Primary"
    }
  ]
}

ghsa-4gp9-mf5j-g6fq

Vulnerability from github

Published

2025-10-09 18:30

Modified

2025-10-09 18:30

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
8.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/RE:M

Details

When an affected system receives a specific BGP EVPN update message over an established BGP session, this causes an rpd crash and restart.

A BGP EVPN configuration is not necessary to be vulnerable. If peers are not configured to send BGP EVPN updates to a vulnerable device, then this issue can't occur.

This issue affects iBGP and eBGP, over IPv4 and IPv6.

This issue affects: Junos OS: * 23.4 versions from

23.4R2-S3 before 23.4R2-S5, * 24.2 versions from

24.2R2

before 24.2R2-S1, * 24.4 versions before 24.4R1-S3, 24.4R2;

Junos OS Evolved: * 23.4-EVO versions from 23.4R2-S2-EVO before 23.4R2-S5-EVO, * 24.2-EVO versions from 24.2R2-EVO before 24.2R2-S1-EVO, * 24.4-EVO versions before 24.4R1-S3-EVO, 24.4R2-EVO.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-60004"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-754"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-09T17:16:03Z",
    "severity": "HIGH"
  },
  "details": "An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial-Of-Service (DoS).\n\nWhen an affected system receives a specific BGP EVPN update message over an established BGP session, this causes an rpd crash and restart.\n\nA BGP EVPN configuration is not necessary to be vulnerable. If peers are not configured to send BGP EVPN updates to a vulnerable device, then this issue can\u0027t occur.\n\nThis issue affects iBGP and eBGP, over IPv4 and IPv6.\n\n\nThis issue affects:\nJunos OS:\n  *  23.4 versions from \n\n23.4R2-S3 before\u00a023.4R2-S5,\n  *  24.2 versions from \n\n24.2R2 \n\nbefore 24.2R2-S1,\n  *  24.4 versions before 24.4R1-S3, 24.4R2;\n\n\n\nJunos OS Evolved:\n  *  23.4-EVO versions from 23.4R2-S2-EVO before 23.4R2-S5-EVO,\n  *  24.2-EVO versions from 24.2R2-EVO before 24.2R2-S1-EVO,\n  *  24.4-EVO versions before 24.4R1-S3-EVO, 24.4R2-EVO.",
  "id": "GHSA-4gp9-mf5j-g6fq",
  "modified": "2025-10-09T18:30:37Z",
  "published": "2025-10-09T18:30:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-60004"
    },
    {
      "type": "WEB",
      "url": "https://supportportal.juniper.net/JSA103165"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:X/RE:M/U:X",
      "type": "CVSS_V4"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2025-60004 (GCVE-0-2025-60004)

Vulnerability from cvelistv5

CERTFR-2025-AVI-0855

Vulnerability from certfr_avis

Solutions

ncsc-2025-0305

Vulnerability from csaf_ncscnl

fkie_cve-2025-60004

Vulnerability from fkie_nvd

ghsa-4gp9-mf5j-g6fq

Vulnerability from github

Tags

Sightings

Nomenclature