{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-30655", "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "state": "PUBLISHED", "assignerShortName": "juniper", "dateReserved": "2025-03-24T19:34:11.322Z", "datePublished": "2025-04-09T20:01:15.300Z", "dateUpdated": "2025-04-09T20:35:13.421Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Junos OS", "vendor": "Juniper Networks", "versions": [{"lessThan": "21.2R3-S9", "status": "affected", "version": "0", "versionType": "semver"}, {"lessThan": "21.4R3-S8", "status": "affected", "version": "21.4", "versionType": "semver"}, {"lessThan": "22.2R3-S6", "status": "affected", "version": "22.2", "versionType": "semver"}, {"lessThan": "22.4R3-S2", "status": "affected", "version": "22.4", "versionType": "semver"}, {"lessThan": "23.2R2-S3", "status": "affected", "version": "23.2", "versionType": "semver"}, {"lessThan": "23.4R2", "status": "affected", "version": "23.4", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Junos OS Evolved", "vendor": "Juniper Networks", "versions": [{"lessThan": "21.2R3-S9-EVO", "status": "affected", "version": "0", "versionType": "semver"}, {"lessThan": "21.4R3-S8-EVO", "status": "affected", "version": "21.4-EVO", "versionType": "semver"}, {"lessThan": "22.2R3-S6-EVO", "status": "affected", "version": "22.2-EVO", "versionType": "semver"}, {"lessThan": "22.4R3-S2-EVO", "status": "affected", "version": "22.4-EVO", "versionType": "semver"}, {"lessThan": "23.2R2-S3-EVO", "status": "affected", "version": "23.2-EVO", "versionType": "semver"}, {"lessThan": "23.4R2-EVO", "status": "affected", "version": "23.4-EVO", "versionType": "semver"}]}], "configurations": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The following configuration is required on the device for it to be affected:<br><tt>[ system processes routing bgp rib-sharding ]<br>[ system processes routing bgp <span style=\"background-color: rgb(255, 255, 255);\">update-threading</span> ]</tt>"}], "value": "The following configuration is required on the device for it to be affected:\n[ system processes routing bgp rib-sharding ]\n[ system processes routing bgp update-threading ]"}], "datePublic": "2025-04-09T16:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An Improper Check for Unusual or Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker to cause a Denial-of-Service (DoS).<br><br>When a specific \"<span style=\"background-color: rgb(255, 255, 255);\">show bgp neighbor\"</span> <span style=\"background-color: rgb(255, 255, 255);\">CLI command&nbsp;</span>is run, the rpd cpu utilization rises and eventually causes a crash and restart. Repeated use of this command will cause a sustained DoS condition.&nbsp;<br><br>The device is only affected if BGP RIB sharding and update-threading is enabled.<br><p>This issue affects Junos OS:&nbsp;</p><p></p><ul><li>All versions before 21.2R3-S9,&nbsp;</li><li>from 21.4 before 21.4R3-S8,</li><li>from 22.2 before 22.2R3-S6,&nbsp;</li><li>from 22.4 before 22.4R3-S2,&nbsp;</li><li>from 23.2 before 23.2R2-S3,&nbsp;</li><li>from 23.4 before 23.4R2.</li></ul><p>and Junos OS Evolved:&nbsp;</p><p></p><ul><li>All versions before 21.2R3-S9-EVO,&nbsp;</li><li>from 21.4-EVO before 21.4R3-S8-EVO,&nbsp;</li><li>from 22.2-EVO before 22.2R3-S6-EVO,&nbsp;</li><li>from 22.4-EVO before 22.4R3-S2-EVO,&nbsp;</li><li>from 23.2-EVO before 23.2R2-S3-EVO,&nbsp;</li><li>from 23.4-EVO before 23.4R2-EVO.</li></ul><p></p>"}], "value": "An Improper Check for Unusual or Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker to cause a Denial-of-Service (DoS).\n\nWhen a specific \"show bgp neighbor\" CLI command\u00a0is run, the rpd cpu utilization rises and eventually causes a crash and restart. Repeated use of this command will cause a sustained DoS condition.\u00a0\n\nThe device is only affected if BGP RIB sharding and update-threading is enabled.\nThis issue affects Junos OS:\u00a0\n\n\n\n * All versions before 21.2R3-S9,\u00a0\n * from 21.4 before 21.4R3-S8,\n * from 22.2 before 22.2R3-S6,\u00a0\n * from 22.4 before 22.4R3-S2,\u00a0\n * from 23.2 before 23.2R2-S3,\u00a0\n * from 23.4 before 23.4R2.\n\n\nand Junos OS Evolved:\u00a0\n\n\n\n * All versions before 21.2R3-S9-EVO,\u00a0\n * from 21.4-EVO before 21.4R3-S8-EVO,\u00a0\n * from 22.2-EVO before 22.2R3-S6-EVO,\u00a0\n * from 22.4-EVO before 22.4R3-S2-EVO,\u00a0\n * from 23.2-EVO before 23.2R2-S3-EVO,\u00a0\n * from 23.4-EVO before 23.4R2-EVO."}], "exploits": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 6.8, "baseSeverity": "MEDIUM", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-754", "description": "CWE-754 Improper Check for Unusual or Exceptional Conditions", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper", "dateUpdated": "2025-04-09T20:01:15.300Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://supportportal.juniper.net/JSA96465"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The following software releases have been updated to resolve this specific issue: <br>Junos OS Evolved: 21.2R3-S9-EVO, 21.4R3-S8-EVO,&nbsp;22.2R3-S6-EVO, 22.4R3-S2-EVO, 23.2R2-S3-EVO, 23.4R2-EVO, 24.2R1-EVO.<br>Junos OS: 21.2R3-S9, 21.4R3-S8,&nbsp;22.2R3-S6, 22.4R3-S2, 23.2R2-S3, 23.4R2, 24.2R1, and all subsequent releases."}], "value": "The following software releases have been updated to resolve this specific issue: \nJunos OS Evolved: 21.2R3-S9-EVO, 21.4R3-S8-EVO,\u00a022.2R3-S6-EVO, 22.4R3-S2-EVO, 23.2R2-S3-EVO, 23.4R2-EVO, 24.2R1-EVO.\nJunos OS: 21.2R3-S9, 21.4R3-S8,\u00a022.2R3-S6, 22.4R3-S2, 23.2R2-S3, 23.4R2, 24.2R1, and all subsequent releases."}], "source": {"advisory": "JSA96465", "defect": ["1797777"], "discovery": "INTERNAL"}, "timeline": [{"lang": "en", "time": "2025-04-09T16:00:00.000Z", "value": "Initial Publication"}], "title": "Junos OS and Junos OS Evolved: A specific CLI command will cause an RPD crash when rib-sharding and update-threading is enabled", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "There are no known workarounds for this issue.<br>Use access lists or firewall filters to limit access to the CLI only from trusted hosts and administrators.<br>"}], "value": "There are no known workarounds for this issue.\nUse access lists or firewall filters to limit access to the CLI only from trusted hosts and administrators."}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-04-09T20:30:14.651561Z", "id": "CVE-2025-30655", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-09T20:35:13.421Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-30655", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-04-09T20:30:14.651561Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-09T20:30:21.444Z"}}], "cna": {"title": "Junos OS and Junos OS Evolved: A specific CLI command will cause an RPD crash when rib-sharding and update-threading is enabled", "source": {"defect": ["1797777"], "advisory": "JSA96465", "discovery": "INTERNAL"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.8, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Juniper Networks", "product": "Junos OS", "versions": [{"status": "affected", "version": "0", "lessThan": "21.2R3-S9", "versionType": "semver"}, {"status": "affected", "version": "21.4", "lessThan": "21.4R3-S8", "versionType": "semver"}, {"status": "affected", "version": "22.2", "lessThan": "22.2R3-S6", "versionType": "semver"}, {"status": "affected", "version": "22.4", "lessThan": "22.4R3-S2", "versionType": "semver"}, {"status": "affected", "version": "23.2", "lessThan": "23.2R2-S3", "versionType": "semver"}, {"status": "affected", "version": "23.4", "lessThan": "23.4R2", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Juniper Networks", "product": "Junos OS Evolved", "versions": [{"status": "affected", "version": "0", "lessThan": "21.2R3-S9-EVO", "versionType": "semver"}, {"status": "affected", "version": "21.4-EVO", "lessThan": "21.4R3-S8-EVO", "versionType": "semver"}, {"status": "affected", "version": "22.2-EVO", "lessThan": "22.2R3-S6-EVO", "versionType": "semver"}, {"status": "affected", "version": "22.4-EVO", "lessThan": "22.4R3-S2-EVO", "versionType": "semver"}, {"status": "affected", "version": "23.2-EVO", "lessThan": "23.2R2-S3-EVO", "versionType": "semver"}, {"status": "affected", "version": "23.4-EVO", "lessThan": "23.4R2-EVO", "versionType": "semver"}], "defaultStatus": "unaffected"}], "exploits": [{"lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.", "supportingMedia": [{"type": "text/html", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.", "base64": false}]}], "timeline": [{"lang": "en", "time": "2025-04-09T16:00:00.000Z", "value": "Initial Publication"}], "solutions": [{"lang": "en", "value": "The following software releases have been updated to resolve this specific issue: \nJunos OS Evolved: 21.2R3-S9-EVO, 21.4R3-S8-EVO,\u00a022.2R3-S6-EVO, 22.4R3-S2-EVO, 23.2R2-S3-EVO, 23.4R2-EVO, 24.2R1-EVO.\nJunos OS: 21.2R3-S9, 21.4R3-S8,\u00a022.2R3-S6, 22.4R3-S2, 23.2R2-S3, 23.4R2, 24.2R1, and all subsequent releases.", "supportingMedia": [{"type": "text/html", "value": "The following software releases have been updated to resolve this specific issue: <br>Junos OS Evolved: 21.2R3-S9-EVO, 21.4R3-S8-EVO,&nbsp;22.2R3-S6-EVO, 22.4R3-S2-EVO, 23.2R2-S3-EVO, 23.4R2-EVO, 24.2R1-EVO.<br>Junos OS: 21.2R3-S9, 21.4R3-S8,&nbsp;22.2R3-S6, 22.4R3-S2, 23.2R2-S3, 23.4R2, 24.2R1, and all subsequent releases.", "base64": false}]}], "datePublic": "2025-04-09T16:00:00.000Z", "references": [{"url": "https://supportportal.juniper.net/JSA96465", "tags": ["vendor-advisory"]}], "workarounds": [{"lang": "en", "value": "There are no known workarounds for this issue.\nUse access lists or firewall filters to limit access to the CLI only from trusted hosts and administrators.", "supportingMedia": [{"type": "text/html", "value": "There are no known workarounds for this issue.<br>Use access lists or firewall filters to limit access to the CLI only from trusted hosts and administrators.<br>", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "An Improper Check for Unusual or Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker to cause a Denial-of-Service (DoS).\n\nWhen a specific \"show bgp neighbor\" CLI command\u00a0is run, the rpd cpu utilization rises and eventually causes a crash and restart. Repeated use of this command will cause a sustained DoS condition.\u00a0\n\nThe device is only affected if BGP RIB sharding and update-threading is enabled.\nThis issue affects Junos OS:\u00a0\n\n\n\n * All versions before 21.2R3-S9,\u00a0\n * from 21.4 before 21.4R3-S8,\n * from 22.2 before 22.2R3-S6,\u00a0\n * from 22.4 before 22.4R3-S2,\u00a0\n * from 23.2 before 23.2R2-S3,\u00a0\n * from 23.4 before 23.4R2.\n\n\nand Junos OS Evolved:\u00a0\n\n\n\n * All versions before 21.2R3-S9-EVO,\u00a0\n * from 21.4-EVO before 21.4R3-S8-EVO,\u00a0\n * from 22.2-EVO before 22.2R3-S6-EVO,\u00a0\n * from 22.4-EVO before 22.4R3-S2-EVO,\u00a0\n * from 23.2-EVO before 23.2R2-S3-EVO,\u00a0\n * from 23.4-EVO before 23.4R2-EVO.", "supportingMedia": [{"type": "text/html", "value": "An Improper Check for Unusual or Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker to cause a Denial-of-Service (DoS).<br><br>When a specific \"<span style=\"background-color: rgb(255, 255, 255);\">show bgp neighbor\"</span> <span style=\"background-color: rgb(255, 255, 255);\">CLI command&nbsp;</span>is run, the rpd cpu utilization rises and eventually causes a crash and restart. Repeated use of this command will cause a sustained DoS condition.&nbsp;<br><br>The device is only affected if BGP RIB sharding and update-threading is enabled.<br><p>This issue affects Junos OS:&nbsp;</p><p></p><ul><li>All versions before 21.2R3-S9,&nbsp;</li><li>from 21.4 before 21.4R3-S8,</li><li>from 22.2 before 22.2R3-S6,&nbsp;</li><li>from 22.4 before 22.4R3-S2,&nbsp;</li><li>from 23.2 before 23.2R2-S3,&nbsp;</li><li>from 23.4 before 23.4R2.</li></ul><p>and Junos OS Evolved:&nbsp;</p><p></p><ul><li>All versions before 21.2R3-S9-EVO,&nbsp;</li><li>from 21.4-EVO before 21.4R3-S8-EVO,&nbsp;</li><li>from 22.2-EVO before 22.2R3-S6-EVO,&nbsp;</li><li>from 22.4-EVO before 22.4R3-S2-EVO,&nbsp;</li><li>from 23.2-EVO before 23.2R2-S3-EVO,&nbsp;</li><li>from 23.4-EVO before 23.4R2-EVO.</li></ul><p></p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-754", "description": "CWE-754 Improper Check for Unusual or Exceptional Conditions"}]}], "configurations": [{"lang": "en", "value": "The following configuration is required on the device for it to be affected:\n[ system processes routing bgp rib-sharding ]\n[ system processes routing bgp update-threading ]", "supportingMedia": [{"type": "text/html", "value": "The following configuration is required on the device for it to be affected:<br><tt>[ system processes routing bgp rib-sharding ]<br>[ system processes routing bgp <span style=\"background-color: rgb(255, 255, 255);\">update-threading</span> ]</tt>", "base64": false}]}], "providerMetadata": {"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper", "dateUpdated": "2025-04-09T20:01:15.300Z"}}}, "cveMetadata": {"cveId": "CVE-2025-30655", "state": "PUBLISHED", "dateUpdated": "2025-04-09T20:35:13.421Z", "dateReserved": "2025-03-24T19:34:11.322Z", "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "datePublished": "2025-04-09T20:01:15.300Z", "assignerShortName": "juniper"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An Improper Check for Unusual or Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker to cause a Denial-of-Service (DoS).\n\nWhen a specific \"show bgp neighbor\" CLI command\u00a0is run, the rpd cpu utilization rises and eventually causes a crash and restart. Repeated use of this command will cause a sustained DoS condition.\u00a0\n\nThe device is only affected if BGP RIB sharding and update-threading is enabled.\nThis issue affects Junos OS:\u00a0\n\n\n\n * All versions before 21.2R3-S9,\u00a0\n * from 21.4 before 21.4R3-S8,\n * from 22.2 before 22.2R3-S6,\u00a0\n * from 22.4 before 22.4R3-S2,\u00a0\n * from 23.2 before 23.2R2-S3,\u00a0\n * from 23.4 before 23.4R2.\n\n\nand Junos OS Evolved:\u00a0\n\n\n\n * All versions before 21.2R3-S9-EVO,\u00a0\n * from 21.4-EVO before 21.4R3-S8-EVO,\u00a0\n * from 22.2-EVO before 22.2R3-S6-EVO,\u00a0\n * from 22.4-EVO before 22.4R3-S2-EVO,\u00a0\n * from 23.2-EVO before 23.2R2-S3-EVO,\u00a0\n * from 23.4-EVO before 23.4R2-EVO."}, {"lang": "es", "value": "Una vulnerabilidad de Comprobaci\u00f3n Incorrecta de Condiciones Inusuales o Excepcionales en el Daemon del Protocolo de Enrutamiento (rpd) de Juniper Networks Junos OS y Junos OS Evolved permite a un atacante local con privilegios bajos provocar una denegaci\u00f3n de servicio (DoS). Al ejecutar el comando CLI \"show bgp neighbor\", la utilizaci\u00f3n de la CPU del rpd aumenta, lo que finalmente provoca un bloqueo y reinicio. El uso repetido de este comando provocar\u00e1 una condici\u00f3n de DoS sostenida. El dispositivo solo se ve afectado si la fragmentaci\u00f3n BGP RIB y los subprocesos de actualizaci\u00f3n est\u00e1n habilitados. Este problema afecta a Junos OS: * Todas las versiones anteriores a 21.2R3-S9, * desde 21.4 hasta 21.4R3-S8, * desde 22.2 hasta 22.2R3-S6, * desde 22.4 hasta 22.4R3-S2, * desde 23.2 hasta 23.2R2-S3, * desde 23.4 hasta 23.4R2. y Junos OS Evolved: * Todas las versiones anteriores a 21.2R3-S9-EVO, * desde 21.4-EVO hasta 21.4R3-S8-EVO, * desde 22.2-EVO hasta 22.2R3-S6-EVO, * desde 22.4-EVO hasta 22.4R3-S2-EVO, * desde 23.2-EVO hasta 23.2R2-S3-EVO, * desde 23.4-EVO hasta 23.4R2-EVO."}], "id": "CVE-2025-30655", "lastModified": "2025-04-11T15:40:10.277", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "sirt@juniper.net", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "sirt@juniper.net", "type": "Secondary"}]}, "published": "2025-04-09T20:15:29.417", "references": [{"source": "sirt@juniper.net", "url": "https://supportportal.juniper.net/JSA96465"}], "sourceIdentifier": "sirt@juniper.net", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-754"}], "source": "sirt@juniper.net", "type": "Primary"}]}

{}