Vulnerability Details CVE-2025-11198
A Missing Authentication for Critical Function vulnerability in Juniper Networks Security Director Policy Enforcer allows an unauthenticated, network-based attacker to replace legitimate vSRX images with malicious ones.
If a trusted user initiates deployment, Security Director Policy Enforcer will deliver the attacker's uploaded image to VMware NSX instead of a legitimate one.
This issue affects Security Director Policy Enforcer:
* All versions before 23.1R1 Hotpatch v3.
This issue does not affect Junos Space Security Director Insights.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 20.8%
CVSS Severity
CVSS v3 Score 7.4
References
Products affected by CVE-2025-11198
-
cpe:2.3:a:juniper:security_director_policy_enforcer:17.1
-
cpe:2.3:a:juniper:security_director_policy_enforcer:17.2
-
cpe:2.3:a:juniper:security_director_policy_enforcer:18.1
-
cpe:2.3:a:juniper:security_director_policy_enforcer:18.2
-
cpe:2.3:a:juniper:security_director_policy_enforcer:19.4
-
cpe:2.3:a:juniper:security_director_policy_enforcer:20.3
-
cpe:2.3:a:juniper:security_director_policy_enforcer:21.1
-
cpe:2.3:a:juniper:security_director_policy_enforcer:21.2
-
cpe:2.3:a:juniper:security_director_policy_enforcer:21.3
-
cpe:2.3:a:juniper:security_director_policy_enforcer:22.1
-
cpe:2.3:a:juniper:security_director_policy_enforcer:22.2
-
cpe:2.3:a:juniper:security_director_policy_enforcer:22.3
-
cpe:2.3:a:juniper:security_director_policy_enforcer:23.1