Skip to main content

Junos CVE-2025-30655

MEDIUM
Improper Check for Unusual or Exceptional Conditions (CWE-754)
2025-04-09 sirt@juniper.net
Denial Of Service Juniper Junos Junos Os Evolved
6.8
CVSS 4.0
Share

CVSS VectorNVD

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

2
Analysis Generated
Mar 28, 2026 - 18:36 vuln.today
CVE Published
Apr 09, 2025 - 20:15 nvd
MEDIUM 6.8

DescriptionNVD

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker to cause a Denial-of-Service (DoS).

When a specific "show bgp neighbor" CLI command is run, the rpd cpu utilization rises and eventually causes a crash and restart. Repeated use of this command will cause a sustained DoS condition.

The device is only affected if BGP RIB sharding and update-threading is enabled. This issue affects Junos OS:

  • All versions before 21.2R3-S9,
  • from 21.4 before 21.4R3-S8,
  • from 22.2 before 22.2R3-S6,
  • from 22.4 before 22.4R3-S2,
  • from 23.2 before 23.2R2-S3,
  • from 23.4 before 23.4R2.

and Junos OS Evolved:

  • All versions before 21.2R3-S9-EVO,
  • from 21.4-EVO before 21.4R3-S8-EVO,
  • from 22.2-EVO before 22.2R3-S6-EVO,
  • from 22.4-EVO before 22.4R3-S2-EVO,
  • from 23.2-EVO before 23.2R2-S3-EVO,
  • from 23.4-EVO before 23.4R2-EVO.

AnalysisAI

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker to. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-754. An Improper Check for Unusual or Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker to cause a Denial-of-Service (DoS). When a specific "show bgp neighbor" CLI command is run, the rpd cpu utilization rises and eventually causes a crash and restart. Repeated use of this command will cause a sustained DoS condition. The device is only affected if BGP RIB sharding and update-threading is enabled.2R3-S9, * from 21.4 before 21.4R3-S8, * from 22.2 before 22.2R3-S6, * from 22.4 before 22.4R3-S2, * from 23.2 before 23.2R2-S3, * from 23.4 before 23.4R2. and Junos OS Evolved: * All versions before 21.2R3-S9-EVO, * from 21.4-EVO before 21.4R3-S8-EVO, * from 22.2-EVO before 22.2R3-S6-EVO, * from 22.4-EVO before 22.4R3-S2-EVO, * from 23.2-EVO before 23.2R2-S3-EVO, * from 23.4-EVO before 23.4R2-EVO. Affected products include: Juniper Junos, Juniper Junos Os Evolved. Version information: before 21.2.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

More from same product – last 7 days

CVE-2026-48687 CRITICAL
9.8 May 26

OS command injection in FastNetMon Community Edition (through 1.2.9) lets attacker-controlled input reach an unescaped e

Share

CVE-2025-30655 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy