{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-10T20:37:52.989","vulnerabilities":[{"cve":{"id":"CVE-2025-21601","sourceIdentifier":"sirt@juniper.net","published":"2025-04-09T20:15:26.350","lastModified":"2025-08-11T15:03:15.180","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An Improper Following of Specification by Caller vulnerability in web management (J-Web, Captive Portal, 802.1X, Juniper Secure Connect (JSC) of Juniper Networks Junos OS on SRX Series, EX Series, MX240, MX480, MX960, QFX5120 Series, allows an unauthenticated, network-based attacker, sending genuine traffic targeted to the device to cause the CPU to climb until the device becomes unresponsive. \n\nContinuous receipt of these packets will create a sustained Denial of Service (DoS) condition.\n\n\n\n\nThis issue affects Junos OS: \n\n\n\n  *  All versions before 21.4R3-S9,\n  *  from 22.2 before 22.2R3-S5,\n  *  from 22.4 before 22.4R3-S4,\n  *  from 23.2 before 23.2R2-S3,\n  *  from 23.4 before 23.4R2-S3,\n  *  from 24.2 before 24.2R1-S1, 24.2R2.\n\n\nAn indicator of compromise is to review the CPU % of the httpd process in the CLI:\ne.g.\n  show system processes extensive | match httpd  PID nobody       52    0    20M    191M select   2   0:01   80.00% httpd{httpd} <<<<< the percentage of httpd usage if high may be an indicator"},{"lang":"es","value":"Una vulnerabilidad de seguimiento incorrecto de la especificación por parte del llamador en la administración web (J-Web, Captive Portal, 802.1X, Juniper Secure Connect (JSC) de Juniper Networks Junos OS en SRX Series, EX Series, MX240, MX480, MX960, QFX5120 Series) permite que un atacante no autenticado basado en la red envíe tráfico genuino dirigido al dispositivo para hacer que la CPU aumente su capacidad hasta que el dispositivo deje de responder. La recepción continua de estos paquetes creará una condición sostenida de denegación de servicio (DoS).\n\nEste problema afecta a Junos OS:\n * Todas las versiones anteriores a 21.4R3-S9,\n * desde 22.2 hasta 22.2R3-S5,\n * desde 22.4 hasta 22.4R3-S4,\n * desde 23.2 hasta 23.2R2-S3,\n * desde 23.4 hasta 23.4R2-S3,\n * desde 24.2 Antes de 24.2R1-S1, 24.2R2.\n\nUn indicador de vulnerabilidad es revisar el porcentaje de CPU del proceso httpd en la CLI: p. ej.,\n\"show system processes extensive | match httpd PID nobody 52 0 20M 191M select 2 0:01 80.00% httpd{httpd} &lt;&lt;&lt;&lt;&lt; un indicador puede ser un elevado uso por parte de httpd\".\n"}],"metrics":{"cvssMetricV40":[{"source":"sirt@juniper.net","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:C/RE:M/U:Amber","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"LOW","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"YES","Recovery":"AUTOMATIC","valueDensity":"CONCENTRATED","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"AMBER"}}],"cvssMetricV31":[{"source":"sirt@juniper.net","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-573"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*","versionEndIncluding":"21.4","matchCriteriaId":"4F114437-8479-455F-93C6-2211A8C754A5"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*","matchCriteriaId":"4310D2D9-A8A6-48F8-9384-0A0692A1E1C3"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*","matchCriteriaId":"9962B01C-C57C-4359-9532-676AB81CE8B0"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*","matchCriteriaId":"62178549-B679-4902-BFDB-2993803B7FCE"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*","matchCriteriaId":"9AD697DF-9738-4276-94ED-7B9380CD09F5"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*","matchCriteriaId":"09FF5818-0803-4646-A386-D7C645EE58A3"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*","matchCriteriaId":"2229FA59-EB24-49A2-85CE-F529A8DE6BA7"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*","matchCriteriaId":"0CB280D8-C5D8-4B51-A879-496ACCDE4538"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*","matchCriteriaId":"5F3F54F1-75B3-400D-A735-2C27C8CEBE79"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:*","matchCriteriaId":"476A49E7-37E9-40F9-BF2D-9BBFFAA1DFFC"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:21.4:r3-s3:*:*:*:*:*:*","matchCriteriaId":"0A5B196A-2AF1-4AE5-9148-A75A572807BC"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:21.4:r3-s4:*:*:*:*:*:*","matchCriteriaId":"3B457616-2D91-4913-9A7D-038BBF8F1F66"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:21.4:r3-s5:*:*:*:*:*:*","matchCriteriaId":"C470FB4E-A927-4AF3-ACB0-AD1E264218B7"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:21.4:r3-s6:*:*:*:*:*:*","matchCriteriaId":"44E98BC3-1D43-481A-AB09-FFA502C36AAF"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:21.4:r3-s7:*:*:*:*:*:*","matchCriteriaId":"1A0DA88F-6C61-4FEA-ABF3-99F7DD43DB0B"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:21.4:r3-s8:*:*:*:*:*:*","matchCriteriaId":"25B4FC60-140D-49EF-8011-A5888D8493B0"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*","matchCriteriaId":"06156CD6-09D3-4A05-9C5E-BC64A70640F9"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*","matchCriteriaId":"E949B21B-AD62-4022-9088-06313277479E"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*","matchCriteriaId":"8D862E6F-0D01-4B25-8340-888C30F75A2F"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*","matchCriteriaId":"2F28F73E-8563-41B9-A313-BBAAD5B57A67"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*","matchCriteriaId":"E37D4694-C80B-475E-AB5B-BB431F59C5E1"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*","matchCriteriaId":"5EC0D2D2-4922-4675-8A2C-57A08D7BE334"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:22.2:r2-s2:*:*:*:*:*:*","matchCriteriaId":"9EC91F9D-DEDA-46B4-A39F-59A2CDB86C2E"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:22.2:r3:*:*:*:*:*:*","matchCriteriaId":"591AA3E6-62A2-4A1A-A04C-E808F71D8B6E"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:22.2:r3-s1:*:*:*:*:*:*","matchCriteriaId":"786F993E-32CB-492A-A7CC-A7E4F48EA8B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:22.2:r3-s2:*:*:*:*:*:*","matchCriteriaId":"60CEA89D-BAC4-41CD-A1D1-AA5EDDEBD54A"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:22.2:r3-s3:*:*:*:*:*:*","matchCriteriaId":"BC449CC7-B2D6-41CB-8D6C-81DE89E79520"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:22.2:r3-s4:*:*:*:*:*:*","matchCriteriaId":"05E47861-3311-45E2-A722-8CD7FFDC2DFD"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:22.4:-:*:*:*:*:*:*","matchCriteriaId":"1379EF30-AF04-4F98-8328-52A631F24737"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*","matchCriteriaId":"28E42A41-7965-456B-B0AF-9D3229CE4D4C"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:22.4:r1-s1:*:*:*:*:*:*","matchCriteriaId":"CB1A77D6-D3AD-481B-979C-8F778530B175"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:22.4:r1-s2:*:*:*:*:*:*","matchCriteriaId":"3A064B6B-A99B-4D8D-A62D-B00C7870BC30"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:22.4:r2:*:*:*:*:*:*","matchCriteriaId":"40813417-A938-4F74-A419-8C5188A35486"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:22.4:r2-s1:*:*:*:*:*:*","matchCriteriaId":"7FC1BA1A-DF0E-4B15-86BA-24C60E546732"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:22.4:r2-s2:*:*:*:*:*:*","matchCriteriaId":"EBB967BF-3495-476D-839A-9DBFCBE69F91"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:22.4:r3:*:*:*:*:*:*","matchCriteriaId":"7E5688D6-DCA4-4550-9CD1-A3D792252129"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:22.4:r3-s1:*:*:*:*:*:*","matchCriteriaId":"8494546C-00EA-49B6-B6FA-FDE42CA5B1FA"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:22.4:r3-s2:*:*:*:*:*:*","matchCriteriaId":"8BB98579-FA33-4E41-A162-A46E9709FBD3"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:22.4:r3-s3:*:*:*:*:*:*","matchCriteriaId":"08E2562F-FB18-4347-8497-7D61B8157EBB"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:23.2:-:*:*:*:*:*:*","matchCriteriaId":"1A78CC80-E8B1-4CDA-BB35-A61833657FA7"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:23.2:r1:*:*:*:*:*:*","matchCriteriaId":"4B3B2FE1-C228-46BE-AC76-70C2687050AE"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:23.2:r1-s1:*:*:*:*:*:*","matchCriteriaId":"F1B16FF0-900F-4AEE-B670-A537139F6909"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:23.2:r1-s2:*:*:*:*:*:*","matchCriteriaId":"B227E831-30FF-4BE1-B8B2-31829A5610A6"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:23.2:r2:*:*:*:*:*:*","matchCriteriaId":"1ADA814B-EF98-45B1-AF7A-0C89688F7CA5"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:23.2:r2-s1:*:*:*:*:*:*","matchCriteriaId":"A6FB32DF-D062-4FB9-8777-452978BEC7B7"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:23.2:r2-s2:*:*:*:*:*:*","matchCriteriaId":"B3B6C811-5C10-4486-849D-5559B592350A"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:23.4:-:*:*:*:*:*:*","matchCriteriaId":"78481ABC-3620-410D-BC78-334657E0BB75"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:23.4:r1:*:*:*:*:*:*","matchCriteriaId":"BE8A5BA3-87BD-473A-B229-2AAB2C797005"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:23.4:r1-s1:*:*:*:*:*:*","matchCriteriaId":"8B74AC3E-8FC9-400A-A176-4F7F21F10756"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:23.4:r1-s2:*:*:*:*:*:*","matchCriteriaId":"CB2D1FCE-8019-4CE1-BA45-D62F91AF7B51"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:23.4:r2:*:*:*:*:*:*","matchCriteriaId":"175CCB13-76C0-44A4-A71D-41E22B92EB23"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:23.4:r2-s1:*:*:*:*:*:*","matchCriteriaId":"166BFDB3-1945-4949-BC2B-E18442FF2E4D"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:23.4:r2-s2:*:*:*:*:*:*","matchCriteriaId":"5923610F-878C-48CA-8B5D-9C609E4DD4DB"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:24.2:-:*:*:*:*:*:*","matchCriteriaId":"89524D6D-0B22-4952-AD8E-8072C5A05D5C"},{"vulnerable":true,"criteria":"cpe:2.3:o:juniper:junos:24.2:r1:*:*:*:*:*:*","matchCriteriaId":"AD69A194-1B03-44EA-8092-79BD10C6F729"}]}]}],"references":[{"url":"https://supportportal.juniper.net/JSA96452","source":"sirt@juniper.net","tags":["Vendor Advisory"]}]}}]}