CNNVD-202510-1340 Information

CNNVD ID

CNNVD-202510-1340

Related CVE

CVE-2025-11198

• CNNVD Published: 2025-10-09

Description (Chinese)

Juniper Security Director Policy Enforcer是美国瞻博（Juniper）公司的一个实现安全策略的集中下发与威胁响应自动化的模块。 Juniper Security Director Policy Enforcer 23.1R1 Hotpatch v3之前版本存在访问控制错误漏洞，该漏洞源于缺少关键功能身份验证，可能导致未经身份验证的攻击者替换合法vSRX镜像。

Description (English)

Juniper Security Director Policy Enforcer is a module for centralizing security strategies and automating threat response. The previous version of Juniper Security Director Policy Enforcer 23.1R1 Hotpact v3 had access control error holes, which stemmed from the lack of critical functional identification, which could lead to the replacement of legitimate vSRX images by unidentified assailants.

Hazard Level

Medium

Vulnerability Type

访问控制错误

Affected Vendor

瞻博

Published

2025-10-09

Last Modified

2026-02-24

References

https://supportportal.juniper.net/JSA103437

Patch

https://supportportal.juniper.net/JSA103437