Home / Vulnerability Intelligence / CVE-2025-13914

CVE-2025-13914 - Vulnerability Analysis

HighCVSS: 8.7

Last Updated: April 9, 2026

Juniper Networks Apstra - Man-in-the-Middle

Published: April 9, 2026Updated: April 9, 2026Remote Exploitable

Overview

Juniper Networks Apstra < 6.1.1 contains a key exchange without entity authentication vulnerability caused by insufficient SSH host key validation, letting unauthenticated MITM attackers impersonate managed devices and capture credentials, exploit requires network access to SSH connections.

Severity & Score

Severity: High

CVSS Score: 8.7

Impact

Attackers can impersonate managed devices and capture user credentials via MITM on SSH connections.

Mitigation

Update to version 6.1.1 or later.

References

https://kb.juniper.net/JSA107862

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2025-13914
Severity: High
CVSS Score: 8.7
Type: undefined
Status: new

CWE

CWE-322

CVSS Metrics

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N