Close Menu

    CVE-2025-6549 – Juniper Networks Junos OS SRX Series Incorrect Authorization Web Access Vulnerability

    CVE ID : CVE-2025-6549

    Published : July 11, 2025, 4:15 p.m. | 4 hours, 50 minutes ago

    Description : An Incorrect Authorization vulnerability in the web server of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to reach the

    Juniper Web Device Manager

    (J-Web).

    When Juniper Secure connect (JSC) is enabled on specific interfaces, or multiple interfaces are configured for J-Web, the J-Web UI is reachable over more than the intended interfaces.
    This issue affects Junos OS:

    * all versions before 21.4R3-S9,
    * 22.2 versions before 22.2R3-S5,
    * 22.4 versions before 22.4R3-S5,
    * 23.2 versions before 23.2R2-S3,
    * 23.4 versions before 23.4R2-S5,
    * 24.2 versions before 24.2R2.

    Severity: 6.5 | MEDIUM

    Visit the link for more details, such as CVSS details, affected products, timeline, and more…

    Source: Read More

    Related Posts

    Leave A Reply

    For security, use of Google's reCAPTCHA service is required which is subject to the Google Privacy Policy and Terms of Use.