VDB
CVE-2025-21589
CVE-2025-21589
PUBLISHED
Der Session Smart Router von Juniper ist eine Software-Defined Wide Area Network (SD-WAN)-Lösung, die eine tunnelfreie Architektur nutzt.
EPSS 0.04% · 12.8th percentile
Risk Scores
EPSS Score
0.04%
12.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Juniper | Juniper Session Smart Router <5.6.17 | |
| Juniper | Juniper Session Smart Router <6.1.12-lts | |
| Juniper | Juniper Session Smart Router <6.2.8-lts | |
| Juniper | Juniper Session Smart Router <6.3.3-r2 |
Timeline
- Feb 11, 2025 PoC Published
- Feb 12, 2025 CVE Published
- Feb 18, 2025 PoC Published
- Feb 18, 2025 PoC Published
- Feb 18, 2025 PoC Published
- Feb 18, 2025 PoC Published
- Feb 18, 2025 PoC Published
- Feb 18, 2025 PoC Published
- Feb 18, 2025 PoC Published
- Feb 19, 2025 PoC Published
- Feb 19, 2025 PoC Published
- Feb 19, 2025 PoC Published
References
- https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0393.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0393 advisory
- https://supportportal.juniper.net/s/article/2025-02-Out-of-Cycle-Security-Bulletin-Session-Smart-Router-Session-Smart-Conductor-WAN-Assurance-Router-API-Authentication-Bypass-Vulnerability-CVE-2025-21589 advisory