CVE-2025-52952

Опубликовано: 11 июл. 2025

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition.

This issue affects Juniper Networks: Junos OS:

All versions before 22.2R3-S1,
from 22.4 before 22.4R2.

This feature is not enabled by default.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*

Версия до 22.2 (исключая)

cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*

cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*

cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*

cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*

cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*

cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*

cpe:2.3:o:juniper:junos:22.2:r2-s2:*:*:*:*:*:*

cpe:2.3:o:juniper:junos:22.2:r3:*:*:*:*:*:*

cpe:2.3:o:juniper:junos:22.4:-:*:*:*:*:*:*

cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*

cpe:2.3:o:juniper:junos:22.4:r1-s1:*:*:*:*:*:*

cpe:2.3:o:juniper:junos:22.4:r1-s2:*:*:*:*:*:*

Одно из

cpe:2.3:h:juniper:2x100ge_\+_4x10ge_mpc5e:-:*:*:*:*:*:*:*

cpe:2.3:h:juniper:2x100ge_\+_4x10ge_mpc5eq:-:*:*:*:*:*:*:*

cpe:2.3:h:juniper:2x100ge_\+_8x10ge_mpc4e:-:*:*:*:*:*:*:*

cpe:2.3:h:juniper:32x10ge_mpc4e:-:*:*:*:*:*:*:*

cpe:2.3:h:juniper:6x40ge_\+_24x10ge_mpc5e:-:*:*:*:*:*:*:*

cpe:2.3:h:juniper:6x40ge_\+_24x10ge_mpc5eq:-:*:*:*:*:*:*:*

cpe:2.3:h:juniper:mpc1:-:*:*:*:*:*:*:*

cpe:2.3:h:juniper:mpc1_q:-:*:*:*:*:*:*:*

cpe:2.3:h:juniper:mpc1e:-:*:*:*:*:*:*:*

cpe:2.3:h:juniper:mpc1e_q:-:*:*:*:*:*:*:*

cpe:2.3:h:juniper:mpc2:-:*:*:*:*:*:*:*

cpe:2.3:h:juniper:mpc2_eq:-:*:*:*:*:*:*:*

cpe:2.3:h:juniper:mpc2_q:-:*:*:*:*:*:*:*

cpe:2.3:h:juniper:mpc2e:-:*:*:*:*:*:*:*

cpe:2.3:h:juniper:mpc2e_eq:-:*:*:*:*:*:*:*

cpe:2.3:h:juniper:mpc2e_ng:-:*:*:*:*:*:*:*

cpe:2.3:h:juniper:mpc2e_ng_q:-:*:*:*:*:*:*:*

cpe:2.3:h:juniper:mpc2e_p:-:*:*:*:*:*:*:*

cpe:2.3:h:juniper:mpc2e_q:-:*:*:*:*:*:*:*

cpe:2.3:h:juniper:mpc3e:-:*:*:*:*:*:*:*

cpe:2.3:h:juniper:mpc3e-3d-ng:-:*:*:*:*:*:*:*

cpe:2.3:h:juniper:mpc3e-3d-ng-q:-:*:*:*:*:*:*:*

cpe:2.3:h:juniper:mpc6e:-:*:*:*:*:*:*:*

cpe:2.3:h:juniper:mpc7e-10g:-:*:*:*:*:*:*:*

cpe:2.3:h:juniper:mpc7e-mrate:-:*:*:*:*:*:*:*

cpe:2.3:h:juniper:mpc8e:-:*:*:*:*:*:*:*

cpe:2.3:h:juniper:mpc9e:-:*:*:*:*:*:*:*

cpe:2.3:h:juniper:mx2008:-:*:*:*:*:*:*:*

cpe:2.3:h:juniper:mx2010:-:*:*:*:*:*:*:*

cpe:2.3:h:juniper:mx2020:-:*:*:*:*:*:*:*

cpe:2.3:h:juniper:mx240:-:*:*:*:*:*:*:*

cpe:2.3:h:juniper:mx480:-:*:*:*:*:*:*:*

cpe:2.3:h:juniper:mx960:-:*:*:*:*:*:*:*

EPSS

Процентиль: 11%

0.00036

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-787

Связанные уязвимости

GHSA-pwqr-fp7x-9xcp

CVSS3: 6.5

github

7 месяцев назад

An Out-of-bounds Write vulnerability in the connectivity fault management (CFM) daemon of Juniper Networks Junos OS on MX Series with MPC-BUILTIN, MPC1 through MPC9 line cards allows an unauthenticated adjacent attacker to send a malformed packet to the device, leading to an FPC crash and restart, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks: Junos OS: * All versions before 22.2R3-S1, * from 22.4 before 22.4R2. This feature is not enabled by default.

BDU:2025-08739

CVSS3: 6.5

fstec

7 месяцев назад

Уязвимость демона Connectivity Fault Management (CFM) операционных систем Juniper Networks Junos OS, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 11%

0.00036

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-787