{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-30657", "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "state": "PUBLISHED", "assignerShortName": "juniper", "dateReserved": "2025-03-24T19:34:11.322Z", "datePublished": "2025-04-09T20:02:21.815Z", "dateUpdated": "2025-04-09T20:32:08.395Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Junos OS", "vendor": "Juniper Networks", "versions": [{"lessThan": "21.2R3-S9", "status": "affected", "version": "0", "versionType": "semver"}, {"lessThan": "21.4R3-S10", "status": "affected", "version": "21.4", "versionType": "semver"}, {"lessThan": "22.2R3-S6", "status": "affected", "version": "22.2", "versionType": "semver"}, {"lessThan": "22.4R3", "status": "affected", "version": "22.4", "versionType": "semver"}, {"lessThan": "23.2R1-S2, 23.2R2", "status": "affected", "version": "23.2", "versionType": "semver"}]}], "configurations": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "For a system to be exposed to this issue flow-monitoring needs to be configured:<br><br><tt><span style=\"background-color: rgb(255, 255, 255);\">[ services flow-monitoring (version-ipfix|version9) ]</span></tt>"}], "value": "For a system to be exposed to this issue flow-monitoring needs to be configured:\n\n[ services flow-monitoring (version-ipfix|version9) ]"}], "datePublic": "2025-04-09T16:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An Improper Encoding or Escaping of Output vulnerability in the Sampling Route Record Daemon (<span style=\"background-color: rgb(255, 255, 255);\">SRRD</span>) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).<br><br>When a device configured for flow-monitoring receives a specific BGP update message, it is correctly processed internally by the routing protocol daemon (rpd), but when it's sent to SRRD it's encoded incorrectly which leads to a crash and momentary interruption of jflow processing until it automatically restarts. This issue does not affect traffic forwarding itself.<br><p>This issue affects Junos OS:&nbsp;</p><p></p><ul><li>All versions before 21.2R3-S9,</li><li>21.4 versions before 21.4R3-S10,</li><li>22.2 versions before 22.2R3-S6,</li><li>22.4 versions before 22.4R3,</li><li>23.2 versions before 23.2R1-S2, 23.2R2.</li></ul><br>This issue does not affected Junos OS Evolved.<p></p>"}], "value": "An Improper Encoding or Escaping of Output vulnerability in the Sampling Route Record Daemon (SRRD) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).\n\nWhen a device configured for flow-monitoring receives a specific BGP update message, it is correctly processed internally by the routing protocol daemon (rpd), but when it's sent to SRRD it's encoded incorrectly which leads to a crash and momentary interruption of jflow processing until it automatically restarts. This issue does not affect traffic forwarding itself.\nThis issue affects Junos OS:\u00a0\n\n\n\n * All versions before 21.2R3-S9,\n * 21.4 versions before 21.4R3-S10,\n * 22.2 versions before 22.2R3-S6,\n * 22.4 versions before 22.4R3,\n * 23.2 versions before 23.2R1-S2, 23.2R2.\n\n\n\nThis issue does not affected Junos OS Evolved."}], "exploits": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"cvssV4_0": {"Automatable": "YES", "Recovery": "AUTOMATIC", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 6.9, "baseSeverity": "MEDIUM", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/AU:Y/R:A/RE:M", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "MODERATE"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-116", "description": "CWE-116 Improper Encoding or Escaping of Output", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper", "dateUpdated": "2025-04-09T20:02:21.815Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://supportportal.juniper.net/JSA96467"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The following software releases have been updated to resolve this specific issue: 21.2R3-S9, 21.4R3-S10, 22.2R3-S6, 22.4R3, 23.2R1-S2, 23.2R2, 23.4R1, and all subsequent releases."}], "value": "The following software releases have been updated to resolve this specific issue: 21.2R3-S9, 21.4R3-S10, 22.2R3-S6, 22.4R3, 23.2R1-S2, 23.2R2, 23.4R1, and all subsequent releases."}], "source": {"advisory": "JSA96467", "defect": ["1744804"], "discovery": "INTERNAL"}, "timeline": [{"lang": "en", "time": "2025-04-09T16:00:00.000Z", "value": "Initial Publication"}], "title": "Junos OS: Processing of a specific BGP update causes the SRRD process to crash", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "There are no known workarounds for this issue."}], "value": "There are no known workarounds for this issue."}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-04-09T20:31:55.715760Z", "id": "CVE-2025-30657", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-09T20:32:08.395Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-30657", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-04-09T20:31:55.715760Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-09T20:32:02.020Z"}}], "cna": {"title": "Junos OS: Processing of a specific BGP update causes the SRRD process to crash", "source": {"defect": ["1744804"], "advisory": "JSA96467", "discovery": "INTERNAL"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "AUTOMATIC", "baseScore": 6.9, "Automatable": "YES", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/AU:Y/R:A/RE:M", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "MODERATE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Juniper Networks", "product": "Junos OS", "versions": [{"status": "affected", "version": "0", "lessThan": "21.2R3-S9", "versionType": "semver"}, {"status": "affected", "version": "21.4", "lessThan": "21.4R3-S10", "versionType": "semver"}, {"status": "affected", "version": "22.2", "lessThan": "22.2R3-S6", "versionType": "semver"}, {"status": "affected", "version": "22.4", "lessThan": "22.4R3", "versionType": "semver"}, {"status": "affected", "version": "23.2", "lessThan": "23.2R1-S2, 23.2R2", "versionType": "semver"}], "defaultStatus": "unaffected"}], "exploits": [{"lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.", "supportingMedia": [{"type": "text/html", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.", "base64": false}]}], "timeline": [{"lang": "en", "time": "2025-04-09T16:00:00.000Z", "value": "Initial Publication"}], "solutions": [{"lang": "en", "value": "The following software releases have been updated to resolve this specific issue: 21.2R3-S9, 21.4R3-S10, 22.2R3-S6, 22.4R3, 23.2R1-S2, 23.2R2, 23.4R1, and all subsequent releases.", "supportingMedia": [{"type": "text/html", "value": "The following software releases have been updated to resolve this specific issue: 21.2R3-S9, 21.4R3-S10, 22.2R3-S6, 22.4R3, 23.2R1-S2, 23.2R2, 23.4R1, and all subsequent releases.", "base64": false}]}], "datePublic": "2025-04-09T16:00:00.000Z", "references": [{"url": "https://supportportal.juniper.net/JSA96467", "tags": ["vendor-advisory"]}], "workarounds": [{"lang": "en", "value": "There are no known workarounds for this issue.", "supportingMedia": [{"type": "text/html", "value": "There are no known workarounds for this issue.", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "An Improper Encoding or Escaping of Output vulnerability in the Sampling Route Record Daemon (SRRD) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).\n\nWhen a device configured for flow-monitoring receives a specific BGP update message, it is correctly processed internally by the routing protocol daemon (rpd), but when it's sent to SRRD it's encoded incorrectly which leads to a crash and momentary interruption of jflow processing until it automatically restarts. This issue does not affect traffic forwarding itself.\nThis issue affects Junos OS:\u00a0\n\n\n\n * All versions before 21.2R3-S9,\n * 21.4 versions before 21.4R3-S10,\n * 22.2 versions before 22.2R3-S6,\n * 22.4 versions before 22.4R3,\n * 23.2 versions before 23.2R1-S2, 23.2R2.\n\n\n\nThis issue does not affected Junos OS Evolved.", "supportingMedia": [{"type": "text/html", "value": "An Improper Encoding or Escaping of Output vulnerability in the Sampling Route Record Daemon (<span style=\"background-color: rgb(255, 255, 255);\">SRRD</span>) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).<br><br>When a device configured for flow-monitoring receives a specific BGP update message, it is correctly processed internally by the routing protocol daemon (rpd), but when it's sent to SRRD it's encoded incorrectly which leads to a crash and momentary interruption of jflow processing until it automatically restarts. This issue does not affect traffic forwarding itself.<br><p>This issue affects Junos OS:&nbsp;</p><p></p><ul><li>All versions before 21.2R3-S9,</li><li>21.4 versions before 21.4R3-S10,</li><li>22.2 versions before 22.2R3-S6,</li><li>22.4 versions before 22.4R3,</li><li>23.2 versions before 23.2R1-S2, 23.2R2.</li></ul><br>This issue does not affected Junos OS Evolved.<p></p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-116", "description": "CWE-116 Improper Encoding or Escaping of Output"}]}], "configurations": [{"lang": "en", "value": "For a system to be exposed to this issue flow-monitoring needs to be configured:\n\n[ services flow-monitoring (version-ipfix|version9) ]", "supportingMedia": [{"type": "text/html", "value": "For a system to be exposed to this issue flow-monitoring needs to be configured:<br><br><tt><span style=\"background-color: rgb(255, 255, 255);\">[ services flow-monitoring (version-ipfix|version9) ]</span></tt>", "base64": false}]}], "providerMetadata": {"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper", "dateUpdated": "2025-04-09T20:02:21.815Z"}}}, "cveMetadata": {"cveId": "CVE-2025-30657", "state": "PUBLISHED", "dateUpdated": "2025-04-09T20:32:08.395Z", "dateReserved": "2025-03-24T19:34:11.322Z", "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "datePublished": "2025-04-09T20:02:21.815Z", "assignerShortName": "juniper"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An Improper Encoding or Escaping of Output vulnerability in the Sampling Route Record Daemon (SRRD) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).\n\nWhen a device configured for flow-monitoring receives a specific BGP update message, it is correctly processed internally by the routing protocol daemon (rpd), but when it's sent to SRRD it's encoded incorrectly which leads to a crash and momentary interruption of jflow processing until it automatically restarts. This issue does not affect traffic forwarding itself.\nThis issue affects Junos OS:\u00a0\n\n\n\n * All versions before 21.2R3-S9,\n * 21.4 versions before 21.4R3-S10,\n * 22.2 versions before 22.2R3-S6,\n * 22.4 versions before 22.4R3,\n * 23.2 versions before 23.2R1-S2, 23.2R2.\n\n\n\nThis issue does not affected Junos OS Evolved."}, {"lang": "es", "value": "Una vulnerabilidad de codificaci\u00f3n o escape incorrectos de salida en el demonio de registro de rutas de muestreo (SRRD) de Juniper Networks Junos OS permite a un atacante no autenticado basado en la red provocar una denegaci\u00f3n de servicio (DoS). Cuando un dispositivo configurado para la monitorizaci\u00f3n de flujo recibe un mensaje de actualizaci\u00f3n BGP espec\u00edfico, el demonio de protocolo de enrutamiento (RPD) lo procesa correctamente internamente, pero al enviarlo a SRRD, se codifica incorrectamente, lo que provoca un bloqueo y una interrupci\u00f3n moment\u00e1nea del procesamiento de jflow hasta que se reinicia autom\u00e1ticamente. Este problema no afecta al reenv\u00edo de tr\u00e1fico. Este problema afecta a Junos OS: * Todas las versiones anteriores a 21.2R3-S9, * Versiones 21.4 anteriores a 21.4R3-S10, * Versiones 22.2 anteriores a 22.2R3-S6, * Versiones 22.4 anteriores a 22.4R3, * Versiones 23.2 anteriores a 23.2R1-S2 y 23.2R2. Este problema no afecta a Junos OS Evolved."}], "id": "CVE-2025-30657", "lastModified": "2025-04-11T15:40:10.277", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "sirt@juniper.net", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "YES", "Recovery": "AUTOMATIC", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:X/RE:M/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "MODERATE"}, "source": "sirt@juniper.net", "type": "Secondary"}]}, "published": "2025-04-09T20:15:29.763", "references": [{"source": "sirt@juniper.net", "url": "https://supportportal.juniper.net/JSA96467"}], "sourceIdentifier": "sirt@juniper.net", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-116"}], "source": "sirt@juniper.net", "type": "Primary"}]}

{}