Juniper Networks Session Smart Conductor vulnerabilities
2 known vulnerabilities affecting juniper_networks/session_smart_conductor.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2
Vulnerabilities
Page 1 of 1
CVE-2025-21589P2CRITICALCVSS 9.8≥ 5.6.7, < 5.6.17≥ 6.1, < 6.1.12-lts+2 more2026-01-27
CVE-2025-21589 [CRITICAL] CWE-288 CVE-2025-21589: An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Sessio
An Authentication Bypass Using an
Alternate Path or Channel vulnerability in Juniper Networks Session Smart
Router may allows a network-based attacker to bypass authentication
and take administrative control of the device.
This issue affects Session Smart Router:
* from 5.6.7 before 5.6.17,
* from 6.0 before 6.0.8 (affected from 6.0.8),
* from
nvd
CVE-2024-2973P2CRITICALCVSS 10.0fixed in 5.6.15≥ 6.0, < 6.1.9-lts+1 more2024-06-27
CVE-2024-2973 [CRITICAL] CWE-288 CVE-2024-2973: An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Sessio
An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router or conductor running with a redundant peer allows a network based attacker to bypass authentication and take full control of the device.
Only routers or conductors that are running in high-availability redundant configurations are affec
nvd