Juniper
CVE-2025-21589
CRITICAL
Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router may allows a network-based attacker to bypass authentication and take administrative control of the device.
This issue affects Session Smart Router:
- from 5.6.7 before 5.6.17,
- from 6.0 before 6.0.8 (affected from 6.0.8),
- from 6.1 before 6.1.12-lts,
- from 6.2 before 6.2.8-lts,
- from 6.3 before 6.3.3-r2;
This issue affects Session Smart Conductor:
- from 5.6.7 before 5.6.17,
- from 6.0 before 6.0.8 (affected from 6.0.8),
- from 6.1 before 6.1.12-lts,
- from 6.2 before 6.2.8-lts,
- from 6.3 before 6.3.3-r2;
This issue affects WAN Assurance Managed Routers:
- from 5.6.7 before 5.6.17,
- from 6.0 before 6.0.8 (affected from 6.0.8),
- from 6.1 before 6.1.12-lts,
- from 6.2 before 6.2.8-lts,
- from 6.3 before 6.3.3-r2.
AnalysisAI
Authentication bypass in Juniper Networks Session Smart Router and Conductor allows network-based attackers to gain administrative control without credentials. The vulnerability affects multiple versions of the routing platform used in enterprise SD-WAN deployments.
Technical ContextAI
CWE-288 vulnerability in Session Smart Router versions 5.6.7-6.3 and Session Smart Conductor. The alternate authentication channel bypasses the normal credential check for administrative access.
Affected ProductsAI
Juniper Session Smart Router 5.6.7-6.3 Juniper Session Smart Conductor
RemediationAI
Update to patched versions (5.6.17, 6.1.12-lts, 6.2.8-lts, 6.3.3-r2). Restrict management access to out-of-band networks.
Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0r12 before 6.3.0r12b, 6.3.0r13 before 6.3.0r13b, 6.3.0r14 before 6.3.0r
A security vulnerability in An Improper (CVSS 6.7) that allows a local attacker with high privileges. Risk factors: acti
A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series and SRX Series all
jsdm/ajax/port.php in J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1 before 12.1R5, 12.2 before 12.2R3,
An authentication bypass vulnerability in Juniper Networks Junos Space Network Management Platform may allow a remote un
Certain Secure Access SA Series SSL VPN products (originally developed by Juniper Networks but now sold and supported by
Juniper Junos 11.4 before R11, 12.1 before R9, 12.1X44 before D30, 12.1X45 before D20, 12.1X46 before D15, 12.1X47 befor
NFX Series devices using Juniper Networks Junos OS are susceptible to a local command execution vulnerability thereby al
NFX Series devices using Juniper Networks Junos OS are susceptible to a local code execution vulnerability thereby allow
Insufficient validation of environment variables in the telnet client supplied in Junos OS can lead to stack-based buffe
An Out-of-Bounds Write vulnerability in the H.323 ALG of Juniper Networks Junos OS allows an unauthenticated, network-ba
On QFX10000 Series devices using Juniper Networks Junos OS when configured as transit IP/MPLS penultimate hop popping (P
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today