Vulnerability CVE-2024-2973


Published: 2024-06-27

Description:
An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router or conductor running with a redundant peer allows a network based attacker to bypass authentication and take full control of the device.
Only routers or conductors that are running in high-availability redundant configurations are affected by this vulnerability.




No other Juniper Networks products or platforms are affected by this issue.





This issue affects:

Session Smart Router: 



* All versions before 5.6.15, 
* from 6.0 before 6.1.9-lts, 
* from 6.2 before 6.2.5-sts.



Session Smart Conductor: 



* All versions before 5.6.15, 
* from 6.0 before 6.1.9-lts, 
* from 6.2 before 6.2.5-sts. 



WAN Assurance Router: 



* 6.0 versions before 6.1.9-lts, 
* 6.2 versions before 6.2.5-sts.

 References:
https://supportportal.juniper.net/JSA83126
https://support.juniper.net/support/eol/software/ssr/

Copyright 2026, cxsecurity.com

 

Back to Top