CVE-2025-52983
7.2
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A UI Discrepancy for Security Feature
vulnerability in the UI of Juniper Networks Junos OS on VM Host systems allows a network-based, unauthenticated attacker to access the device.
On VM Host Routing Engines (RE), even if the configured public key for root has been removed, remote users which are in possession of the corresponding private key can still log in as root. This issue affects Junos OS:
- all versions before 22.2R3-S7,
- 22.4 versions before 22.4R3-S5,
- 23.2 versions before 23.2R2-S3,
- 23.4 versions before 23.4R2-S3,
- 24.2 versions before 24.2R1-S2, 24.2R2.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Juniper Networks | Junos OS | 0 < 22.2R3-S7 | affected |
| Juniper Networks | Junos OS | 22.4 < 22.4R3-S5 | affected |
| Juniper Networks | Junos OS | 23.2 < 23.2R2-S3 | affected |
| Juniper Networks | Junos OS | 23.4 < 23.4R2-S3 | affected |
| Juniper Networks | Junos OS | 24.2 < 24.2R1-S2, 24.2R2 | affected |
Weaknesses
- CWE-446: CWE-446 UI Discrepancy for Security Feature
Workarounds
To prevent this issue from being ocuring, public key authentication for root can be explicitly disabled with:
[
system root-authentication no-public-keys
]
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- https://supportportal.juniper.net/JSA100089
- https://www.juniper.net/documentation/us/en/software/junos/junos-install-upgrade/topics/topic-map/vm-host-overview.html#id-routing-engines-with-vm-host-support
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.