CVE-2025-52958

Опубликовано: 11 июл. 2025

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

Continued session establishment failures leads to a sustained DoS condition.

This issue affects Junos OS:

All versions before 22.2R3-S6,
from 22.4 before 22.4R3-S6,
from 23.2 before 23.2R2-S3,
from 23.4 before 23.4R2-S4,
from 24.2 before 24.2R2;

Junos OS Evolved:

All versions before 22.2R3-S6-EVO,
from 22.4 before 22.4R3-S6-EVO,
from 23.2 before 23.2R2-S3-EVO,
from 23.4 before 23.4R2-S4-EVO,
from 24.2 before 24.2R2-EVO.

Ссылки

https://supportportal.juniper.net/JSA100066

EPSS

Процентиль: 3%

0.00019

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-617

Связанные уязвимости

GHSA-5694-q557-w4rg

CVSS3: 5.3

github

около 2 месяцев назад

A Reachable Assertion vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS).On all Junos OS and Junos OS Evolved devices, when route validation is enabled, a rare condition during BGP initial session establishment can lead to an rpd crash and restart. This occurs specifically when the connection request fails during error-handling scenario. Continued session establishment failures leads to a sustained DoS condition. This issue affects Junos OS: * All versions before 22.2R3-S6, * from 22.4 before 22.4R3-S6, * from 23.2 before 23.2R2-S3, * from 23.4 before 23.4R2-S4, * from 24.2 before 24.2R2; Junos OS Evolved: * All versions before 22.2R3-S6-EVO, * from 22.4 before 22.4R3-S6-EVO, * from 23.2 before 23.2R2-S3-EVO, * from 23.4 before 23.4R2-S4-EVO, * from 24.2 before 24.2R2-EVO.

BDU:2025-08751

CVSS3: 5.3

fstec

около 2 месяцев назад

Уязвимость демона Routing Protocol Daemon (RPD) операционных систем Juniper Networks Junos OS и Junos OS Evolved, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 3%

0.00019

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-617