Primary

Context

Juniper Networks Apstra SSH Host Key Validation Vulnerability Allowing MITM Impersonation of Managed Devices

Vulnerability

A vulnerability in the SSH implementation of Juniper Networks Apstra, present in all versions prior to 6.1.1, allows an unauthenticated man-in-the-middle attacker to impersonate managed devices. This vulnerability arises from inadequate validation of SSH host keys, enabling attackers to intercept and potentially manipulate SSH connections between Apstra and managed devices. As a result, attackers can impersonate managed devices and capture user credentials.

Impact

Exploitation of this vulnerability could lead to unauthorized impersonation of managed devices, allowing interception of user credentials.

Remediation

Users can upgrade to Apstra version 6.1.1 or any subsequent release to address this vulnerability. For guidance on which releases vulnerabilities are fixed, refer to Juniper's vulnerability release information KB16765.

Added: Apr 10, 2026, 1:09 AM

Updated: Apr 10, 2026, 1:09 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

4.5

remediation

0.0

relevance

5.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

4.5

remediation

0.0

relevance

5.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Juniper Networks Apstra SSH Host Key Validation Vulnerability Allowing MITM Impersonation of Managed Devices

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating