CVE-2025-30653

09.04.2025, 20:15

An Expired Pointer Dereference vulnerability in Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause Denial of Service (DoS).On all Junos OS and Junos OS Evolved platforms, when an MPLS Label-Switched Path (LSP) is configured with node-link-protection and transport-class, and an LSP flaps, rpd crashes and restarts. Continuous flapping of LSP can cause a sustained Denial of Service (DoS) condition.

This issue affects:

Junos OS:



  *  All versions before 22.2R3-S4,

  *  22.4 versions before 22.4R3-S2,

  *  23.2 versions before 23.2R2,

  *  23.4 versions before 23.4R2.





Junos OS Evolved:



  *  All versions before 22.2R3-S4-EVO,

  *  22.4-EVO versions before 22.4R3-S2-EVO,

  *  23.2-EVO versions before 23.2R2-EVO,

  *  23.4-EVO versions before 23.4R2-EVO.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	6.5 MEDIUM	ADJACENT_NETWORK	LOW	NONE	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
juniper	CNA	6.5 MEDIUM	ADJACENT_NETWORK	LOW	NONE	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA-ADP	ADP	---				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 3%

Common Weakness Enumeration

CWE-825 - Expired Pointer Dereference
The program dereferences a pointer that contains a location for memory that was previously valid, but is no longer valid.

References

https://supportportal.juniper.net/JSA96463