Description
A UI Discrepancy for Security Feature vulnerability in the UI of Juniper Networks Junos OS on VM Host systems allows a network-based, unauthenticated attacker to access the device. On VM Host Routing Engines (RE), even if the configured public key for root has been removed, remote users which are in possession of the corresponding private key can still log in as root. This issue affects Junos OS: * all versions before 22.2R3-S7, * 22.4 versions before 22.4R3-S5, * 23.2 versions before 23.2R2-S3, * 23.4 versions before 23.4R2-S3, * 24.2 versions before 24.2R1-S2, 24.2R2.
References (2)
Core 2
Core References
Vendor Advisory vendor-advisory
https://supportportal.juniper.net/JSA100089
Technical Description technical-description
https://www.juniper.net/documentation/us/en/software/junos/junos-install-upgrade/topics/topic-map/vm-host-overview.html#id-routing-engines-with-vm-host-support
Scores
CVSS v3
7.2
EPSS
0.0058
EPSS Percentile
69.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-446
Status
published
Products (6)
juniper/junos
22.2 (14 CPE variants)
juniper/junos
22.4 (12 CPE variants)
juniper/junos
23.2 (7 CPE variants)
juniper/junos
23.4 (7 CPE variants)
juniper/junos
24.2 (4 CPE variants)
juniper/junos
< 22.2
Published
Jul 11, 2025
Tracked Since
Feb 18, 2026