Description
A Key Exchange without Entity Authentication vulnerability in the SSH implementation of Juniper Networks Apstra allows a unauthenticated, MITM attacker to impersonate managed devices. Due to insufficient SSH host key validation an attacker can perform a machine-in-the-middle attack on the SSH connections from Apstra to managed devices, enabling an attacker to impersonate a managed device and capture user credentials. This issue affects all versions of Apstra before 6.1.1.
INFO
Published Date :
2026-04-09T21:32:14.834Z
Last Modified :
2026-04-09T21:32:14.834Z
Source :
juniper
AFFECTED PRODUCTS
The following products are affected by CVE-2025-13914 vulnerability.
| Vendors | Products |
|---|---|
| Juniper Networks |
|
REFERENCES
Here, you will find a curated list of external links that provide in-depth information to CVE-2025-13914.
| URL | Resource |
|---|---|
| https://kb.juniper.net/JSA107862 |
|
CVSS Vulnerability Scoring System
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact