CVE-2025-52963
published 2025-07-11CVE-2025-52963: An Improper Access Control vulnerability in the User Interface (UI) of Juniper Networks Junos OS allows a local, low-privileged attacker to bring down an…
medium6.8CVSS 4.0
AVLACLATNPRLUINVCNVINVAHSCNSINSALEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRUVXREMUX
An Improper Access Control vulnerability in the User Interface (UI) of Juniper Networks Junos OS allows a local, low-privileged attacker to bring down an interface, leading to a Denial-of-Service. Users with "view" permissions can run a specific request interface command which allows the user to shut down the interface. This issue affects Junos OS: * All versions before 21.2R3-S9, * from 21.4 before 21.4R3-S11, * from 22.2 before 22.2R3-S7, * from 22.4 before 22.4R3-S7, * from 23.2 before 23.2R2-S4, * from 23.4 before 23.4R2-S5, * from 24.2 before 24.2R2-S1, * from 24.4 before 24.4R1-S3, 24.4R2.
Affected
18 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| juniper | junos | < 21.2 | 21.2 |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos_os | — | — |
| juniper_networks | junos_os | < 21.2R3-S9 | 21.2R3-S9 |
| juniper_networks | junos_os | >= 21.4 < 21.4R3-S11 | 21.4R3-S11 |
| juniper_networks | junos_os | >= 22.2 < 22.2R3-S7 | 22.2R3-S7 |
| juniper_networks | junos_os | >= 22.4 < 22.4R3-S7 | 22.4R3-S7 |
| juniper_networks | junos_os | >= 23.2 < 23.2R2-S4 | 23.2R2-S4 |
| juniper_networks | junos_os | >= 23.4 < 23.4R2-S5 | 23.4R2-S5 |
| juniper_networks | junos_os | >= 24.2 < 24.2R2-S1 | 24.2R2-S1 |
| juniper_networks | junos_os | >= 24.4 < 24.4R1-S3, 24.4R2 | 24.4R1-S3, 24.4R2 |