CVE-2025-22235 – VMware Tanzu Spring Boot Vulnerability
April 29, 2025Multiple Google Chrome Vulnerabilities
April 29, 2025CVE-2025-22235 – VMware Tanzu Spring Boot Vulnerability
April 29, 2025Multiple Google Chrome Vulnerabilities
April 29, 2025Severity
Medium
Analysis Summary
CVE-2025-30657 CVSS:5.3
Juniper Networks Junos OS is vulnerable to a denial of service, caused by improper encoding or escaping of output in the Sampling Route Record Daemon (SRRD).
CVE-2025-30654 CVSS:5.5
Juniper Networks Junos OS and Junos OS Evolved could allow a local authenticated attacker to obtain sensitive information, caused by improper authorization validation in the User Interface (UI).
Impact
- Denial of Service
- Information Disclosure
Indicators of Compromise
CVE
CVE-2025-30657
CVE-2025-30654
Affected Vendors
Affected Products
- Juniper Networks Junos OS - 21.4 - 22.2 - 22.4 - 23.2 - 23.4
- Juniper Networks Junos OS - 22.2 - 22.4 - 23.2 - 23.4
- Juniper Networks Junos OS Evolved - 22.2-EVO - 22.4-EVO - 23.2-EVO - 23.4-EVO
Remediation
Upgrade to the latest version of Junos OS, available from the Juniper Networks Security Advisory.