{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2025-60004","assignerOrgId":"8cbe9d5a-a066-4c94-8978-4b15efeae968","state":"PUBLISHED","assignerShortName":"juniper","dateReserved":"2025-09-23T18:19:06.960Z","datePublished":"2025-10-09T16:18:27.118Z","dateUpdated":"2025-10-09T19:46:51.236Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"Junos OS","vendor":"Juniper Networks","versions":[{"lessThan":"23.4R2-S5","status":"affected","version":"23.4R2-S3","versionType":"semver"},{"lessThan":"24.2R2-S1","status":"affected","version":"24.2R2","versionType":"semver"},{"lessThan":"24.4R1-S3, 24.4R2","status":"affected","version":"24.4R1","versionType":"semver"}]},{"defaultStatus":"unaffected","product":"Junos OS Evolved","vendor":"Juniper Networks","versions":[{"lessThan":"23.4R2-S5-EVO","status":"affected","version":"23.4R2-S2-EVO","versionType":"semver"},{"lessThan":"24.2R2-S1-EVO","status":"affected","version":"24.2R2-EVO","versionType":"semver"},{"lessThan":"24.4R1-S3-EVO, 24.4R2-EVO","status":"affected","version":"24.4R1-EVO","versionType":"semver"}]}],"configurations":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"To be exposed to this issue a BGP peering needs to be configured via:<br><br><tt>[ protocols bgp ... neighbor ... ]</tt>"}],"value":"To be exposed to this issue a BGP peering needs to be configured via:\n\n[ protocols bgp ... neighbor ... ]"}],"datePublic":"2025-10-08T16:00:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial-Of-Service (DoS).<br><br>When an affected system receives a specific BGP EVPN update message over an established BGP session, this causes an rpd crash and restart.<br><br>A BGP EVPN configuration is not necessary to be vulnerable. If peers are not configured to send BGP EVPN updates to a vulnerable device, then this issue can't occur.<br>\nThis issue affects iBGP and eBGP, over IPv4 and IPv6.<br><br>\nThis issue affects:<br>Junos OS:<br><ul><li>23.4 versions from \n\n23.4R2-S3 before&nbsp;23.4R2-S5,</li><li>24.2 versions from \n\n24.2R2 \n\nbefore 24.2R2-S1,</li><li>24.4 versions before 24.4R1-S3, 24.4R2;</li></ul><br>Junos OS Evolved:<br><ul><li>23.4-EVO versions from 23.4R2-S2-EVO before 23.4R2-S5-EVO,</li><li>24.2-EVO versions from 24.2R2-EVO before 24.2R2-S1-EVO,</li><li>24.4-EVO versions before 24.4R1-S3-EVO, 24.4R2-EVO.\n</li></ul>"}],"value":"An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial-Of-Service (DoS).\n\nWhen an affected system receives a specific BGP EVPN update message over an established BGP session, this causes an rpd crash and restart.\n\nA BGP EVPN configuration is not necessary to be vulnerable. If peers are not configured to send BGP EVPN updates to a vulnerable device, then this issue can't occur.\n\nThis issue affects iBGP and eBGP, over IPv4 and IPv6.\n\n\nThis issue affects:\nJunos OS:\n  *  23.4 versions from \n\n23.4R2-S3 before 23.4R2-S5,\n  *  24.2 versions from \n\n24.2R2 \n\nbefore 24.2R2-S1,\n  *  24.4 versions before 24.4R1-S3, 24.4R2;\n\n\n\nJunos OS Evolved:\n  *  23.4-EVO versions from 23.4R2-S2-EVO before 23.4R2-S5-EVO,\n  *  24.2-EVO versions from 24.2R2-EVO before 24.2R2-S1-EVO,\n  *  24.4-EVO versions before 24.4R1-S3-EVO, 24.4R2-EVO."}],"exploits":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}],"value":"Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]},{"cvssV4_0":{"Automatable":"YES","Recovery":"NOT_DEFINED","Safety":"NOT_DEFINED","attackComplexity":"LOW","attackRequirements":"NONE","attackVector":"NETWORK","baseScore":8.7,"baseSeverity":"HIGH","privilegesRequired":"NONE","providerUrgency":"NOT_DEFINED","subAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","userInteraction":"NONE","valueDensity":"NOT_DEFINED","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/RE:M","version":"4.0","vulnAvailabilityImpact":"HIGH","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnerabilityResponseEffort":"MODERATE"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-754","description":"CWE-754 Improper Check for Unusual or Exceptional Conditions","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"8cbe9d5a-a066-4c94-8978-4b15efeae968","shortName":"juniper","dateUpdated":"2025-10-09T16:18:27.118Z"},"references":[{"tags":["vendor-advisory"],"url":"https://supportportal.juniper.net/JSA103165"}],"solutions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"The following software releases have been updated to resolve this specific issue:<br>Junos OS Evolved: 23.4R2-S5-EVO, 24.2R2-S1-EVO, 24.4R1-S3-EVO, 24.4R2-EVO, 25.2R1-EVO,&nbsp;and all subsequent releases;<br>Junos OS: 23.4R2-S5, 24.2R2-S1, 24.4R1-S3, 24.4R2, 25.2R1, and all subsequent releases."}],"value":"The following software releases have been updated to resolve this specific issue:\nJunos OS Evolved: 23.4R2-S5-EVO, 24.2R2-S1-EVO, 24.4R1-S3-EVO, 24.4R2-EVO, 25.2R1-EVO, and all subsequent releases;\nJunos OS: 23.4R2-S5, 24.2R2-S1, 24.4R1-S3, 24.4R2, 25.2R1, and all subsequent releases."}],"source":{"advisory":"JSA103165","defect":["1860302"],"discovery":"INTERNAL"},"title":"Junos OS and Junos OS Evolved: Specific BGP EVPN update message causes rpd crash","workarounds":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"There are no known workarounds for this issue."}],"value":"There are no known workarounds for this issue."}],"x_generator":{"engine":"Vulnogram 0.1.0-dev"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-10-09T18:47:25.363001Z","id":"CVE-2025-60004","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-10-09T19:46:51.236Z"}}]}}