CVE-2025-21589

Summary

An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router may allows a network-based attacker to bypass authentication and take administrative control of the device.

This issue affects Session Smart Router: 

  • from 5.6.7 before 5.6.17, 

  • from 6.0 before 6.0.8 (affected from 6.0.8),

  • from 6.1 before 6.1.12-lts, 

  • from 6.2 before 6.2.8-lts, 

  • from 6.3 before 6.3.3-r2; 

This issue affects Session Smart Conductor: 

  • from 5.6.7 before 5.6.17, 

  • from 6.0 before 6.0.8 (affected from 6.0.8),

  • from 6.1 before 6.1.12-lts, 

  • from 6.2 before 6.2.8-lts, 

  • from 6.3 before 6.3.3-r2; 

This issue affects WAN Assurance Managed Routers: 

  • from 5.6.7 before 5.6.17, 

  • from 6.0 before 6.0.8 (affected from 6.0.8),

  • from 6.1 before 6.1.12-lts, 

  • from 6.2 before 6.2.8-lts, 

  • from 6.3 before 6.3.3-r2.

Affected Software

VendorProductVersion RangeStatus
Juniper NetworksSession Smart Router5.6.7 < 5.6.17affected
Juniper NetworksSession Smart Router6.0 < 6.0.8unaffected
Juniper NetworksSession Smart Router6.1 < 6.1.12-ltsaffected
Juniper NetworksSession Smart Router6.2 < 6.2.8-ltsaffected
Juniper NetworksSession Smart Router6.3 < 6.3.3-r2affected
Juniper NetworksSession Smart Conductor5.6.7 < 5.6.17affected
Juniper NetworksSession Smart Conductor6.0 < 6.0.8unaffected
Juniper NetworksSession Smart Conductor6.1 < 6.1.12-ltsaffected
Juniper NetworksSession Smart Conductor6.2 < 6.2.8-ltsaffected
Juniper NetworksSession Smart Conductor6.3 < 6.3.3-r2affected
Juniper NetworksWAN Assurance Managed Router5.6.7 < 5.6.17affected
Juniper NetworksWAN Assurance Managed Router6.0 < 6.0.8unaffected
Juniper NetworksWAN Assurance Managed Router6.1 < 6.1.12-ltsaffected
Juniper NetworksWAN Assurance Managed Router6.2 < 6.2.8-ltsaffected
Juniper NetworksWAN Assurance Managed Router6.3 < 6.3.3-r2affected

Weaknesses

  • CWE-288: CWE-288 Authentication Bypass Using an Alternate Path or Channel

Workarounds

There are no known workarounds for this issue.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References