CVE-2024-2973

An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router or conductor running with a redundant peer allows a network based attacker to bypass authentication and take full control of the device.<br /> Only routers or conductors that are running in high-availability redundant configurations are affected by this vulnerability.<br /> <br /> <br /> <br /> <br /> No other Juniper Networks products or platforms are affected by this issue.<br /> <br /> <br /> <br /> <br /> <br /> This issue affects:<br /> <br /> Session Smart Router: <br /> <br /> <br /> <br /> * All versions before 5.6.15, <br /> * from 6.0 before 6.1.9-lts, <br /> * from 6.2 before 6.2.5-sts.<br /> <br /> <br /> <br /> Session Smart Conductor: <br /> <br /> <br /> <br /> * All versions before 5.6.15, <br /> * from 6.0 before 6.1.9-lts, <br /> * from 6.2 before 6.2.5-sts. <br /> <br /> <br /> <br /> WAN Assurance Router: <br /> <br /> <br /> <br /> * 6.0 versions before 6.1.9-lts, <br /> * 6.2 versions before 6.2.5-sts.