Skip to main content

CWE-446

UI Discrepancy for Security Feature

2 CVEs Avg CVSS 6.2 MITRE
0
CRITICAL
1
HIGH
1
MEDIUM
0
LOW
0
POC
0
KEV

Monthly

CVE-2025-52983 HIGH PATCH This Week

CVE-2025-52983 is a critical authentication bypass vulnerability in Juniper Networks Junos OS on VM Host Routing Engines where public keys configured for root access are not properly validated, allowing users possessing the corresponding private key to gain unauthorized root-level access even after the public key has been administratively removed from the system. This network-accessible vulnerability affects multiple Junos OS release branches and requires high privileges to configure but enables complete system compromise once exploited. While the CVSS score of 7.2 reflects significant impact, the practical risk depends on KEV designation and active exploitation status.

Juniper Authentication Bypass Privilege Escalation Junos
NVD
CVSS 3.1
7.2
EPSS
0.2%
CVE-2023-1768 MEDIUM PATCH This Month

Inappropriate error handling in Tribe29 Checkmk <= 2.1.0p25, <= 2.0.0p34, <= 2.2.0b3 (beta), and all versions of Checkmk 1.6.0 causes the symmetric encryption of agent data to fail silently and. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Checkmk
NVD
CVSS 3.1
5.3
EPSS
0.9%
EPSS 0% CVSS 7.2
HIGH PATCH This Week

CVE-2025-52983 is a critical authentication bypass vulnerability in Juniper Networks Junos OS on VM Host Routing Engines where public keys configured for root access are not properly validated, allowing users possessing the corresponding private key to gain unauthorized root-level access even after the public key has been administratively removed from the system. This network-accessible vulnerability affects multiple Junos OS release branches and requires high privileges to configure but enables complete system compromise once exploited. While the CVSS score of 7.2 reflects significant impact, the practical risk depends on KEV designation and active exploitation status.

Juniper Authentication Bypass Privilege Escalation +1
NVD
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Inappropriate error handling in Tribe29 Checkmk <= 2.1.0p25, <= 2.0.0p34, <= 2.2.0b3 (beta), and all versions of Checkmk 1.6.0 causes the symmetric encryption of agent data to fail silently and. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Checkmk
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy