CVE-2025-60004

🗓️ 09 Oct 2025 16:18:27Reported by juniperType

Unauthenticated attacker can crash rpd via a specific Ethernet VPN update on an established session, causing DoS.

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2025-60004	8 Oct 202515:59	–	circl
CNNVD	Juniper Networks Junos OS和Juniper Networks Junos OS Evolved 代码问题漏洞	9 Oct 202500:00	–	cnnvd
Cvelist	CVE-2025-60004 Junos OS and Junos OS Evolved: Specific BGP EVPN update message causes rpd crash	9 Oct 202516:18	–	cvelist
EUVD	EUVD-2025-33363	9 Oct 202518:30	–	euvd
Tenable Nessus	Juniper Junos OS Vulnerability (JSA103165)	8 Oct 202500:00	–	nessus
NCSC	Vulnerabilities fixed in Juniper Networks Junos OS	13 Oct 202507:17	–	ncsc
NVD	CVE-2025-60004	9 Oct 202517:16	–	nvd
OSV	CVE-2025-60004	9 Oct 202517:16	–	osv
Positive Technologies	PT-2025-41439	9 Oct 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-60004	10 Oct 202516:20	–	redhatcve

NVD

Vulners

Node

juniper junosMatch23.4r2-s3

juniper junosMatch23.4r2-s4

juniper junosMatch24.2r2

juniper junosMatch24.4-

juniper junosMatch24.4r1

juniper junosMatch24.4r1-s2

juniper junosMatch24.4r2

juniper junos_os_evolvedMatch23.4r2-s2

juniper junos_os_evolvedMatch23.4r2-s3

juniper junos_os_evolvedMatch23.4r2-s4

juniper junos_os_evolvedMatch24.2r2

juniper junos_os_evolvedMatch24.4-

juniper junos_os_evolvedMatch24.4r1

juniper junos_os_evolvedMatch24.4r1-s2

juniper junos_os_evolvedMatch24.4r2

[
  {
    "defaultStatus": "unaffected",
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "23.4R2-S5",
        "status": "affected",
        "version": "23.4R2-S3",
        "versionType": "semver"
      },
      {
        "lessThan": "24.2R2-S1",
        "status": "affected",
        "version": "24.2R2",
        "versionType": "semver"
      },
      {
        "lessThan": "24.4R1-S3, 24.4R2",
        "status": "affected",
        "version": "24.4R1",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Junos OS Evolved",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "23.4R2-S5-EVO",
        "status": "affected",
        "version": "23.4R2-S2-EVO",
        "versionType": "semver"
      },
      {
        "lessThan": "24.2R2-S1-EVO",
        "status": "affected",
        "version": "24.2R2-EVO",
        "versionType": "semver"
      },
      {
        "lessThan": "24.4R1-S3-EVO, 24.4R2-EVO",
        "status": "affected",
        "version": "24.4R1-EVO",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
supportportal	www.supportportal.juniper.net/JSA103165

17 Jun 2026 09:49Current

6.5Medium risk

Vulners AI Score6.5

CVSS 3.17.5

CVSS 48.7

EPSS0.00385

SSVC

CWE-754