10 matches found
CVE-2025-21589 Session Smart Router, Session Smart Conductor, WAN Assurance Router: API Authentication Bypass vulnerability
An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router may allows a network-based attacker to bypass authentication and take administrative control of the device. This issue affects Session Smart Router: from 5.6.7 before 5.6.17, from...
CVE-2025-21589
CVE-2025-21589 is an API authentication bypass vulnerability in Juniper Networks Session Smart Router, Session Smart Conductor, and WAN Assurance Routers. A network-based attacker could bypass authentication and gain administrative control. Affected versions include Session Smart Router: 5.6.7–5....
CVE-2025-21589 Session Smart Router, Session Smart Conductor, WAN Assurance Router: API Authentication Bypass vulnerability
An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router may allows a network-based attacker to bypass authentication and take administrative control of the device. This issue affects Session Smart Router: from 5.6.7 before 5.6.17, from...
Several products of Juniper Networks have security vulnerabilities
Juniper Networks Session Smart Conductor is a product of the American company Juniper Networks. Juniper Networks Session Smart Conductor is a centralized management and control platform for wide-area network architectures. Juniper Networks Session Smart Router is a software-based intelligent...
Juniper Session Smart Routers Vulnerability Could Let Attackers Bypass Authentication
Juniper Networks has released security updates to address a critical security flaw impacting Session Smart Router, Session Smart Conductor, and WAN Assurance Router products that could be exploited to hijack control of susceptible devices. Tracked as CVE-2025-21589 , the vulnerability carries a...
Juniper Networks Releases Critical Security Update for Routers
Juniper Networks has released out-of-band security updates to address a critical security flaw that could lead to an authentication bypass in some of its routers. The vulnerability, tracked as CVE-2024-2973, carries a CVSS score of 10.0, indicating maximum severity. "An Authentication Bypass Usin...
CVE-2024-2973
An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router or conductor running with a redundant peer allows a network based attacker to bypass authentication and take full control of the device. Only routers or conductors that are running i...
CVE-2024-2973 Session Smart Router(SSR): On redundant router deployments API authentication can be bypassed
An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router or conductor running with a redundant peer allows a network based attacker to bypass authentication and take full control of the device. Only routers or conductors that are running i...
CVE-2024-2973
CVE-2024-2973 affects Juniper Session Smart Router (SSR), Session Smart Conductor, and WAN Assurance Router when deployed in High-Availability redundant configurations. The vulnerability is an Authentication Bypass via an alternate path or channel that lets a network-based attacker bypass authent...
PT-2024-4369 · Unknown · Session Smart Conductor +2
Name of the Vulnerable Software and Affected Versions: Session Smart Router versions prior to 5.6.15 Session Smart Router versions 6.0 through 6.1.9-lts Session Smart Router versions 6.2 through 6.2.5-sts Session Smart Conductor versions prior to 5.6.15 Session Smart Conductor versions 6.0 throug...