{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2025-60010","assignerOrgId":"8cbe9d5a-a066-4c94-8978-4b15efeae968","state":"PUBLISHED","assignerShortName":"juniper","dateReserved":"2025-09-23T18:19:06.961Z","datePublished":"2025-10-09T16:20:28.121Z","dateUpdated":"2025-10-09T19:46:35.043Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"Junos OS","vendor":"Juniper Networks","versions":[{"lessThan":"22.4R3-S8","status":"affected","version":"0","versionType":"semver"},{"lessThan":"23.2R2-S4","status":"affected","version":"23.2","versionType":"semver"},{"lessThan":"23.4R2-S5","status":"affected","version":"23.4","versionType":"semver"},{"lessThan":"24.2R2-S1","status":"affected","version":"24.2","versionType":"semver"},{"lessThan":"24.4R1-S3, 24.4R2","status":"affected","version":"24.4","versionType":"semver"}]},{"defaultStatus":"unaffected","product":"Junos OS Evolved","vendor":"Juniper Networks","versions":[{"lessThan":"22.4R3-S8-EVO","status":"affected","version":"0","versionType":"semver"},{"lessThan":"23.2R2-S4-EVO","status":"affected","version":"23.2","versionType":"semver"},{"lessThan":"23.4R2-S5-EVO","status":"affected","version":"23.4","versionType":"semver"},{"lessThan":"24.2R2-S1-EVO","status":"affected","version":"24.2","versionType":"semver"},{"lessThan":"24.4R1-S3-EVO, 24.4R2-EVO","status":"affected","version":"24.4","versionType":"semver"}]}],"configurations":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"This issue only affect systems where radius server is configured and refer to as follows:<br><br><tt>[ system radius-server &lt;IP address&gt; ... ]<br>[ system radius-options password-protocol mschap-v2 ]<br>[ system authentication-order ... radius ... ]</tt>"}],"value":"This issue only affect systems where radius server is configured and refer to as follows:\n\n[ system radius-server <IP address> ... ]\n[ system radius-options password-protocol mschap-v2 ]\n[ system authentication-order ... radius ... ]"}],"datePublic":"2025-10-08T16:00:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"A password aging vulnerability in the RADIUS client of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated, network-based attacker to access the device without enforcing the required password change.<br><br><p>Affected devices allow logins by users for whom the RADIUS server has responded with a reject and required the user to change the password as their password was expired. Therefore the policy mandating the password change is not enforced.<br>This does not allow users to login with a wrong password, but only with the correct but expired one.</p><p><br></p><p>This issue affects:</p><p>Junos OS:&nbsp;</p><p></p><ul><li>all versions before 22.4R3-S8,</li><li>23.2 versions before 23.2R2-S4,</li><li>23.4 versions before 23.4R2-S5,</li><li>24.2 versions before 24.2R2-S1,</li><li>24.4 versions before 24.4R1-S3, 24.4R2;</li></ul><p></p><p>Junos OS Evolved:</p><p></p><ul><li>all versions before 22.4R3-S8-EVO,</li><li>23.2 versions before 23.2R2-S4-EVO,</li><li>23.4 versions before 23.4R2-S5-EVO,</li><li>24.2 versions before 24.2R2-S1-EVO,</li><li>24.4 versions before 24.4R1-S3-EVO, 24.4R2-EVO.</li></ul><p></p><p><br></p>"}],"value":"A password aging vulnerability in the RADIUS client of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated, network-based attacker to access the device without enforcing the required password change.\n\nAffected devices allow logins by users for whom the RADIUS server has responded with a reject and required the user to change the password as their password was expired. Therefore the policy mandating the password change is not enforced.\nThis does not allow users to login with a wrong password, but only with the correct but expired one.\n\n\n\n\nThis issue affects:\n\nJunos OS: \n\n\n\n  *  all versions before 22.4R3-S8,\n  *  23.2 versions before 23.2R2-S4,\n  *  23.4 versions before 23.4R2-S5,\n  *  24.2 versions before 24.2R2-S1,\n  *  24.4 versions before 24.4R1-S3, 24.4R2;\n\n\n\n\nJunos OS Evolved:\n\n\n\n  *  all versions before 22.4R3-S8-EVO,\n  *  23.2 versions before 23.2R2-S4-EVO,\n  *  23.4 versions before 23.4R2-S5-EVO,\n  *  24.2 versions before 24.2R2-S1-EVO,\n  *  24.4 versions before 24.4R1-S3-EVO, 24.4R2-EVO."}],"exploits":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}],"value":"Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":5.4,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"LOW","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]},{"cvssV4_0":{"Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","Safety":"NOT_DEFINED","attackComplexity":"LOW","attackRequirements":"NONE","attackVector":"NETWORK","baseScore":5.3,"baseSeverity":"MEDIUM","privilegesRequired":"LOW","providerUrgency":"NOT_DEFINED","subAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","userInteraction":"NONE","valueDensity":"NOT_DEFINED","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/RE:M","version":"4.0","vulnAvailabilityImpact":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnerabilityResponseEffort":"MODERATE"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-262","description":"CWE-262 Not Using Password Aging","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"8cbe9d5a-a066-4c94-8978-4b15efeae968","shortName":"juniper","dateUpdated":"2025-10-09T16:20:28.121Z"},"references":[{"tags":["vendor-advisory"],"url":"https://supportportal.juniper.net/JSA103168"}],"solutions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"The following software releases have been updated to resolve this specific issue:<br>Junos OS Evolved: 22.4R3-S8-EVO, 23.2R2-S4-EVO, 23.4R2-S5-EVO, 24.2R2-S1-EVO, 24.4R1-S3-EVO, 24.4R2-EVO, 25.2R1-EVO,&nbsp;and all subsequent releases;<br>Junos OS: 22.4R3-S8, 23.2R2-S4, 23.4R2-S5, 24.2R2-S1, 24.4R1-S3, 24.4R2, 25.2R1, and all subsequent releases."}],"value":"The following software releases have been updated to resolve this specific issue:\nJunos OS Evolved: 22.4R3-S8-EVO, 23.2R2-S4-EVO, 23.4R2-S5-EVO, 24.2R2-S1-EVO, 24.4R1-S3-EVO, 24.4R2-EVO, 25.2R1-EVO, and all subsequent releases;\nJunos OS: 22.4R3-S8, 23.2R2-S4, 23.4R2-S5, 24.2R2-S1, 24.4R1-S3, 24.4R2, 25.2R1, and all subsequent releases."}],"source":{"advisory":"JSA103168","defect":["1862890"],"discovery":"USER"},"title":"Junos OS and Junos OS Evolved: Device allows login for user with expired password","workarounds":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"There are no known workarounds for this issue."}],"value":"There are no known workarounds for this issue."}],"x_generator":{"engine":"Vulnogram 0.1.0-dev"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-10-09T18:48:49.916110Z","id":"CVE-2025-60010","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-10-09T19:46:35.043Z"}}]}}