5.3
CVE-2025-60010 - Junos OS and Junos OS Evolved: Device allows login for user with expired password
A password aging vulnerability in the RADIUS client of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated, network-based attacker to access the device without enforcing the required password change. Affected devices allow logins by users for whom the RADIUS server has respondedβ¦
5.1
CVE-2025-60009 - Junos Space: CLI Configlet page is vulnerable to reflected cross-site script injection
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the CLI Configlet page that, when visited by another user, enables the attacker to execute commands with the target'sβ¦
4.8
CVE-2025-60006 - Junos OS Evolved: OS command injection vulnerabilities fixed
Multiple instances of an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in the CLI of Juniper Networks Junos OS Evolved could be used to elevate privileges and/or execute unauthorized commands. When an attacker executes crafted CLI commanβ¦
8.7
CVE-2025-60004 - Junos OS and Junos OS Evolved: Specific BGP EVPN update message causes rpd crash
An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial-Of-Service (DoS). When an affected system receives a specific BGP EVPN upβ¦
5.1
CVE-2025-60002 - Junos Space: Template Definitions page is vulnerable to reflected cross-site script injection
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Template Definitions page that, when visited by another user, enables the attacker to execute commands with the targeβ¦
5.1
CVE-2025-60001 - Junos Space: Create Quick Template page is vulnerable to reflected cross-site script injection
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Generate Report page that, when visited by another user, enables the attacker to execute commands with the target's pβ¦
5.1
CVE-2025-60000 - Junos Space: Generate Report page is vulnerable to reflected cross-site script injection
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Generate Report page that, when visited by another user, enables the attacker to execute commands with the target's pβ¦
5.1
CVE-2025-59999 - Junos Space: API Access Profiles page is vulnerable to reflected cross-site script injection
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the API Access Profiles page that, when visited by another user, enables the attacker to execute commands with the targetβ¦
5.1
CVE-2025-59998 - Junos Space: Archive Logs screen is vulnerable to reflected cross-site script injection
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Archive Log screen that, when visited by another user, enables the attacker to execute commands with the target's perβ¦
5.1
CVE-2025-59997 - Junos Space: Fields in the CLI Configlets are vulnerable to reflected cross-site script injection
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the CLI Configlets pages that, when visited by another user, enable the attacker to execute commands with the target's peβ¦