Skip to main content

Junos CVE-2025-52963

| EUVDEUVD-2025-21151 MEDIUM
Improper Access Control (CWE-284)
2025-07-11 sirt@juniper.net
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

4
Patch available
Apr 16, 2026 - 05:29 EUVD
23.4R2-S5,24.4R1-S3,21.2R3-S9
EUVD ID Assigned
Mar 16, 2026 - 08:18 euvd
EUVD-2025-21151
Analysis Generated
Mar 16, 2026 - 08:18 vuln.today
CVE Published
Jul 11, 2025 - 15:15 nvd
MEDIUM 5.5

DescriptionCVE.org

An Improper Access Control vulnerability in the User Interface (UI) of Juniper Networks Junos OS allows a local, low-privileged attacker to bring down an interface, leading to a Denial-of-Service.

Users with "view" permissions can run a specific request interface command which allows the user to shut down the interface. This issue affects Junos OS:

  • All versions before 21.2R3-S9,
  • from 21.4 before 21.4R3-S11,
  • from 22.2 before 22.2R3-S7,
  • from 22.4 before 22.4R3-S7,
  • from 23.2 before 23.2R2-S4,
  • from 23.4 before 23.4R2-S5,
  • from 24.2 before 24.2R2-S1,
  • from 24.4 before 24.4R1-S3, 24.4R2.

Analysis

An Improper Access Control vulnerability in the User Interface (UI) of Juniper Networks Junos OS allows a local, low-privileged attacker to bring down an interface, leading to a Denial-of-Service.

Users with "view" permissions can run a specific request interface command which allows the user to shut down the interface. This issue affects Junos OS:

  • All versions before 21.2R3-S9,
  • from 21.4 before 21.4R3-S11,
  • from 22.2 before 22.2R3-S7,
  • from 22.4 before 22.4R3-S7,
  • from 23.2 before 23.2R2-S4,
  • from 23.4 before 23.4R2-S5,
  • from 24.2 before 24.2R2-S1,
  • from 24.4 before 24.4R1-S3, 24.4R2.

Technical ContextAI

This vulnerability is classified as Improper Access Control (CWE-284).

RemediationAI

Monitor vendor advisories for patches. Apply mitigations such as network segmentation, access restrictions, and monitoring.

More in Junos

View all
CVE-2016-1285 MEDIUM
6.8 Mar 09

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fe

CVE-2016-1286 HIGH
8.6 Mar 09

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (

CVE-2023-36845 CRITICAL POC
9.8 Aug 17

A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series and SRX Series all

CVE-2013-6618 CRITICAL POC
9.0 Nov 05

jsdm/ajax/port.php in J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1 before 12.1R5, 12.2 before 12.2R3,

CVE-2014-6380 HIGH POC
7.8 Oct 14

Juniper Junos 11.4 before R11, 12.1 before R9, 12.1X44 before D30, 12.1X45 before D20, 12.1X46 before D15, 12.1X47 befor

CVE-2021-0253 HIGH POC
7.8 Apr 22

NFX Series devices using Juniper Networks Junos OS are susceptible to a local command execution vulnerability thereby al

CVE-2021-0252 HIGH POC
7.8 Apr 22

NFX Series devices using Juniper Networks Junos OS are susceptible to a local code execution vulnerability thereby allow

CVE-2019-0053 HIGH POC
7.8 Jul 11

Insufficient validation of environment variables in the telnet client supplied in Junos OS can lead to stack-based buffe

CVE-2023-22415 HIGH POC
7.5 Jan 13

An Out-of-Bounds Write vulnerability in the H.323 ALG of Juniper Networks Junos OS allows an unauthenticated, network-ba

CVE-2022-22223 HIGH POC
7.5 Oct 18

On QFX10000 Series devices using Juniper Networks Junos OS when configured as transit IP/MPLS penultimate hop popping (P

CVE-2022-22209 HIGH POC
7.5 Jul 20

A Missing Release of Memory after Effective Lifetime vulnerability in the kernel of Juniper Networks Junos OS allows an

CVE-2022-22188 HIGH POC
7.5 Apr 14

An Uncontrolled Memory Allocation vulnerability leading to a Heap-based Buffer Overflow in the packet forwarding engine

Share

CVE-2025-52963 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy