Lucene search
K

10 matches found

Cvelist
Cvelist
added 2026/01/27 8:32 p.m.19 views

CVE-2025-21589 Session Smart Router, Session Smart Conductor, WAN Assurance Router: API Authentication Bypass vulnerability

An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router may allows a network-based attacker to bypass authentication and take administrative control of the device. This issue affects Session Smart Router: from 5.6.7 before 5.6.17, from...

9.8CVSS0.01434EPSS
Exploits0References3
CVE
CVE
added 2026/01/27 8:32 p.m.40 views

CVE-2025-21589

CVE-2025-21589 is an API authentication bypass vulnerability in Juniper Networks Session Smart Router, Session Smart Conductor, and WAN Assurance Routers. A network-based attacker could bypass authentication and gain administrative control. Affected versions include Session Smart Router: 5.6.7–5....

9.8CVSS6.1AI score0.01434EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/01/27 8:32 p.m.4 views

CVE-2025-21589 Session Smart Router, Session Smart Conductor, WAN Assurance Router: API Authentication Bypass vulnerability

An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router may allows a network-based attacker to bypass authentication and take administrative control of the device. This issue affects Session Smart Router: from 5.6.7 before 5.6.17, from...

9.8CVSS5.9AI score0.01434EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/27 12:0 a.m.5 views

Several products of Juniper Networks have security vulnerabilities

Juniper Networks Session Smart Conductor is a product of the American company Juniper Networks. Juniper Networks Session Smart Conductor is a centralized management and control platform for wide-area network architectures. Juniper Networks Session Smart Router is a software-based intelligent...

9.8CVSS7.5AI score0.01434EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2025/02/18 12:18 p.m.22 views

Juniper Session Smart Routers Vulnerability Could Let Attackers Bypass Authentication

Juniper Networks has released security updates to address a critical security flaw impacting Session Smart Router, Session Smart Conductor, and WAN Assurance Router products that could be exploited to hijack control of susceptible devices. Tracked as CVE-2025-21589 , the vulnerability carries a...

7.8AI score0.01434EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/07/01 6:25 a.m.66 views

Juniper Networks Releases Critical Security Update for Routers

Juniper Networks has released out-of-band security updates to address a critical security flaw that could lead to an authentication bypass in some of its routers. The vulnerability, tracked as CVE-2024-2973, carries a CVSS score of 10.0, indicating maximum severity. "An Authentication Bypass Usin...

10CVSS8.4AI score0.17668EPSS
Exploits1
NVD
NVD
added 2024/06/27 9:15 p.m.68 views

CVE-2024-2973

An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router or conductor running with a redundant peer allows a network based attacker to bypass authentication and take full control of the device. Only routers or conductors that are running i...

10CVSS0.01088EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/06/27 8:17 p.m.40 views

CVE-2024-2973 Session Smart Router(SSR): On redundant router deployments API authentication can be bypassed

An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router or conductor running with a redundant peer allows a network based attacker to bypass authentication and take full control of the device. Only routers or conductors that are running i...

10CVSS7.4AI score0.01088EPSS
Exploits0References2
CVE
CVE
added 2024/06/27 8:17 p.m.109 views

CVE-2024-2973

CVE-2024-2973 affects Juniper Session Smart Router (SSR), Session Smart Conductor, and WAN Assurance Router when deployed in High-Availability redundant configurations. The vulnerability is an Authentication Bypass via an alternate path or channel that lets a network-based attacker bypass authent...

10CVSS9.8AI score0.01088EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/06/27 12:0 a.m.6 views

PT-2024-4369 · Unknown · Session Smart Conductor +2

Name of the Vulnerable Software and Affected Versions: Session Smart Router versions prior to 5.6.15 Session Smart Router versions 6.0 through 6.1.9-lts Session Smart Router versions 6.2 through 6.2.5-sts Session Smart Conductor versions prior to 5.6.15 Session Smart Conductor versions 6.0 throug...

10CVSS7.2AI score0.01088EPSS
Exploits0References12
Rows per page
Query Builder