Skip to main content

Juniper CVE-2025-21589

CRITICAL
Authentication Bypass Using an Alternate Path or Channel (CWE-288)
2026-01-27 sirt@juniper.net
9.3
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
9.3 CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

3
CVSS changed
Apr 15, 2026 - 15:22 NVD
9.8 (CRITICAL) 9.3 (CRITICAL)
Analysis Generated
Mar 12, 2026 - 21:55 vuln.today
CVE Published
Jan 27, 2026 - 21:15 nvd
CRITICAL 9.8

DescriptionCVE.org

An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router may allows a network-based attacker to bypass authentication and take administrative control of the device.

This issue affects Session Smart Router:

  • from 5.6.7 before 5.6.17,
  • from 6.0 before 6.0.8 (affected from 6.0.8),
  • from 6.1 before 6.1.12-lts,
  • from 6.2 before 6.2.8-lts,
  • from 6.3 before 6.3.3-r2;

This issue affects Session Smart Conductor:

  • from 5.6.7 before 5.6.17,
  • from 6.0 before 6.0.8 (affected from 6.0.8),
  • from 6.1 before 6.1.12-lts,
  • from 6.2 before 6.2.8-lts,
  • from 6.3 before 6.3.3-r2;

This issue affects WAN Assurance Managed Routers:

  • from 5.6.7 before 5.6.17,
  • from 6.0 before 6.0.8 (affected from 6.0.8),
  • from 6.1 before 6.1.12-lts,
  • from 6.2 before 6.2.8-lts,
  • from 6.3 before 6.3.3-r2.

AnalysisAI

Authentication bypass in Juniper Networks Session Smart Router and Conductor allows network-based attackers to gain administrative control without credentials. The vulnerability affects multiple versions of the routing platform used in enterprise SD-WAN deployments.

Technical ContextAI

CWE-288 vulnerability in Session Smart Router versions 5.6.7-6.3 and Session Smart Conductor. The alternate authentication channel bypasses the normal credential check for administrative access.

Affected ProductsAI

Juniper Session Smart Router 5.6.7-6.3 Juniper Session Smart Conductor

RemediationAI

Update to patched versions (5.6.17, 6.1.12-lts, 6.2.8-lts, 6.3.3-r2). Restrict management access to out-of-band networks.

CVE-2015-7755 CRITICAL POC
9.8 Dec 19

Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0r12 before 6.3.0r12b, 6.3.0r13 before 6.3.0r13b, 6.3.0r14 before 6.3.0r

CVE-2025-21590 MEDIUM
6.7 Mar 12

A security vulnerability in An Improper (CVSS 6.7) that allows a local attacker with high privileges. Risk factors: acti

CVE-2023-36845 CRITICAL POC
9.8 Aug 17

A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series and SRX Series all

CVE-2013-6618 CRITICAL POC
9.0 Nov 05

jsdm/ajax/port.php in J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1 before 12.1R5, 12.2 before 12.2R3,

CVE-2017-10622 CRITICAL
9.8 Oct 13

An authentication bypass vulnerability in Juniper Networks Junos Space Network Management Platform may allow a remote un

CVE-2018-20193 HIGH POC
8.8 Dec 21

Certain Secure Access SA Series SSL VPN products (originally developed by Juniper Networks but now sold and supported by

CVE-2014-6380 HIGH POC
7.8 Oct 14

Juniper Junos 11.4 before R11, 12.1 before R9, 12.1X44 before D30, 12.1X45 before D20, 12.1X46 before D15, 12.1X47 befor

CVE-2021-0253 HIGH POC
7.8 Apr 22

NFX Series devices using Juniper Networks Junos OS are susceptible to a local command execution vulnerability thereby al

CVE-2021-0252 HIGH POC
7.8 Apr 22

NFX Series devices using Juniper Networks Junos OS are susceptible to a local code execution vulnerability thereby allow

CVE-2019-0053 HIGH POC
7.8 Jul 11

Insufficient validation of environment variables in the telnet client supplied in Junos OS can lead to stack-based buffe

CVE-2023-22415 HIGH POC
7.5 Jan 13

An Out-of-Bounds Write vulnerability in the H.323 ALG of Juniper Networks Junos OS allows an unauthenticated, network-ba

CVE-2022-22223 HIGH POC
7.5 Oct 18

On QFX10000 Series devices using Juniper Networks Junos OS when configured as transit IP/MPLS penultimate hop popping (P

Share

CVE-2025-21589 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy