CVE-2025-60010

CWE-2624 documents4 sources
Severity
5.3MEDIUM
EPSS
0.0%
top 87.61%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Juniper Networks Junos OSJuniper Networks Junos OS EvolvedJuniper Junos+1 more
Timeline
PublishedOct 9

Description

A password aging vulnerability in the RADIUS client of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated, network-based attacker to access the device without enforcing the required password change. Affected devices allow logins by users for whom the RADIUS server has responded with a reject and required the user to change the password as their password was expired. Therefore the policy mandating the password change is not enforced. This does not allow users to login with a

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Affected Packages4 packages

CVEListV5juniper_networks/junos_os_evolved23.223.2R2-S4-EVO+4
CVEListV5juniper_networks/junos_os23.223.2R2-S4+4
NVDjuniper/junos< 22.4+5

🔴Vulnerability Details

2
GHSA
GHSA-7r8r-6vw9-6mf8: A password aging vulnerability in the RADIUS client of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated, network-based attacker2025-10-09
CVEList
Junos OS and Junos OS Evolved: Device allows login for user with expired password2025-10-09

📋Vendor Advisories

1
Juniper
CVE-2025-60010: A password aging vulnerability in the RADIUS client of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated, network-based attacker2025-10-09
CVE-2025-60010 (MEDIUM CVSS 5.3) | A password aging vulnerability in t | cvebase.io