Security Director Policy Enforcer
Approved changes feed: RSS · Atom
cpe:2.3:a:juniper_networks:security_director_policy_enforcer:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Juniper Networks (75c1b4ad-b137-51c1-bf9a-3bc90c5e98be) |
|---|---|
| Product | Security Director Policy Enforcer (f624485a-7fef-579f-81f3-0bca46fa3878) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-11198 |
vulnerable | 2026-06-03 14:58:35.623707 |
Security Director Policy Enforcer: An unrestricted API allows a network-based unauthenticated attacker to deploy malicious vSRX images to VMWare NSX Server
HIGH (7.4)
A Missing Authentication for Critical Function vulnerability in Juniper Networks Security Director Policy Enforcer allows an unauthenticated, network-based attacker to replace legitimate vSRX images with malicious ones.
If a trusted user initiates deployment, Security Director Policy Enforcer will deliver the attacker's uploaded image to VMware NSX instead of a legitimate one.
This issue affects Security Director Policy Enforcer:
* All versions before 23.1R1 Hotpatch v3.
This issue does not affect Junos Space Security Director Insights.
Published: 2025-10-09T15:39:28.578Z
Updated: 2025-10-09T19:49:45.941Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.