Key Exchange Without Authentication Vulnerability in Juniper Networks Apstra
CVE-2025-13914

7HIGH

Key Information:

Vendor: Juniper Networks
Status: Apstra
Vendor: CVE Published:; 9 April 2026

🔔 Create Juniper Networks Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2025-13914?

A vulnerability in the SSH implementation of Juniper Networks Apstra exposes the system to man-in-the-middle attacks due to inadequate host key validation. This flaw allows an unauthenticated attacker to impersonate managed devices, potentially compromising user credentials. All versions of Apstra prior to 6.1.1 are affected, making it critical for users to upgrade to the latest version to mitigate this risk.

Affected Version(s)

Apstra 0 < 6.1.1

References

https://kb.juniper.net/JSA107862

vendor-advisory

CVSS V4

Score:

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Apr 9, 2026
Vulnerability published
Apr 9, 2026
Vulnerability Reserved
Dec 2, 2025

Credit

Juniper SIRT would like to acknowledge and thank the Federal Office for Information Security (BSI) for responsibly reporting this vulnerability.

CVE-2025-13914 Data

JSON