{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Session Smart Conductor versions 6.2.x ant\u00e9rieures \u00e0 6.2.8-lts","product":{"name":"Session Smart Conductor","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Session Smart Router versions 6.3.x ant\u00e9rieures \u00e0 6.3.3-r2","product":{"name":"Session Smart Router","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"WAN Assurance Managed Routers versions 6.2.x ant\u00e9rieures \u00e0 6.2.8-lts","product":{"name":"WAN Assurance Managed Routers","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Session Smart Router versions 6.x ant\u00e9rieures \u00e0 6.1.12-lts","product":{"name":"Session Smart Router","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"WAN Assurance Managed Routers versions 6.x ant\u00e9rieures \u00e0 6.1.12-lts","product":{"name":"WAN Assurance Managed Routers","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Session Smart Router versions 5.6.x ant\u00e9rieures \u00e0 5.6.17","product":{"name":"Session Smart Router","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Session Smart Conductor versions 5.6.x ant\u00e9rieures \u00e0 5.6.17","product":{"name":"Session Smart Conductor","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Session Smart Conductor versions 6.x ant\u00e9rieures \u00e0 6.1.12-lts","product":{"name":"Session Smart Conductor","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Session Smart Conductor versions 6.3.x ant\u00e9rieures \u00e0 6.3.3-r2","product":{"name":"Session Smart Conductor","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"WAN Assurance Managed Routers versions 6.3.x ant\u00e9rieures \u00e0 6.3.3-r2","product":{"name":"WAN Assurance Managed Routers","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"WAN Assurance Managed Routers versions 5.6.x ant\u00e9rieures \u00e0 5.6.17","product":{"name":"WAN Assurance Managed Routers","vendor":{"name":"Juniper Networks","scada":false}}},{"description":"Session Smart Router versions 6.2.x ant\u00e9rieures \u00e0 6.2.8-lts","product":{"name":"Session Smart Router","vendor":{"name":"Juniper Networks","scada":false}}}],"affected_systems_content":"","content":"## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des correctifs (cf. section Documentation).","cves":[{"name":"CVE-2025-21589","url":"https://www.cve.org/CVERecord?id=CVE-2025-21589"}],"links":[],"reference":"CERTFR-2025-AVI-0126","revisions":[{"description":"Version initiale","revision_date":"2025-02-12T00:00:00.000000"}],"risks":[{"description":"Contournement de la politique de s\u00e9curit\u00e9"}],"summary":"Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans les produits Juniper Networks. Elle permet \u00e0 un attaquant de provoquer un contournement de la politique de s\u00e9curit\u00e9.","title":"Vuln\u00e9rabilit\u00e9 dans les produits Juniper Networks","vendor_advisories":[{"published_at":"2025-02-11","title":"Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA94663","url":"https://supportportal.juniper.net/s/article/2025-02-Out-of-Cycle-Security-Bulletin-Session-Smart-Router-Session-Smart-Conductor-WAN-Assurance-Router-API-Authentication-Bypass-Vulnerability-CVE-2025-21589"}]}