CVE-2025-52987

A clickjacking vulnerability exists in the web portal of Juniper Networks Paragon Automation (Pathfinder, Planner, Insights) due to the application's failure to set appropriate X-Frame-Options and X-Content-Type HTTP headers. This vulnerability allows an attacker to trick users into interacting with the interface under the attacker's control. This issue affects all versions of Paragon Automation (Pathfinder, Planner, Insights) before 24.1.1.

CVSS v3 6.1 MEDIUM

6.1^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://kb.juniper.net/JSA103145	Vendor Advisory
https://supportportal.juniper.net/	Permissions Required

Configurations

Configuration 1 (hide)

cpe:2.3:a:juniper:paragon_automation:*:*:*:*:*:*:*:*

History

26 Jan 2026, 18:01

Type	Values Removed	Values Added
References	~~() https://kb.juniper.net/JSA103145 -~~	() https://kb.juniper.net/JSA103145 - Vendor Advisory
References	~~() https://supportportal.juniper.net/ -~~	() https://supportportal.juniper.net/ - Permissions Required
CPE		cpe:2.3:a:juniper:paragon_automation::::::::
First Time		Juniper Juniper paragon Automation

15 Jan 2026, 21:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-01-15 21:16

Updated : 2026-01-26 18:01

NVD link : CVE-2025-52987

Mitre link : CVE-2025-52987

CVE.ORG link : CVE-2025-52987

JSON object : View

Products Affected

juniper

paragon_automation

CWE

CWE-1021

Improper Restriction of Rendered UI Layers or Frames

{"id": "CVE-2025-52987", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "sirt@juniper.net", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}], "cvssMetricV40": [{"type": "Secondary", "source": "sirt@juniper.net", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 5.1, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:M/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "ACTIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "LOW", "vulnIntegrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "MODERATE", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2026-01-15T21:16:02.653", "references": [{"url": "https://kb.juniper.net/JSA103145", "tags": ["Vendor Advisory"], "source": "sirt@juniper.net"}, {"url": "https://supportportal.juniper.net/", "tags": ["Permissions Required"], "source": "sirt@juniper.net"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "sirt@juniper.net", "description": [{"lang": "en", "value": "CWE-1021"}]}], "descriptions": [{"lang": "en", "value": "A clickjacking vulnerability exists in the web portal of Juniper Networks Paragon Automation (Pathfinder, Planner, Insights) due to the application's failure to set appropriate X-Frame-Options and X-Content-Type HTTP headers. This vulnerability allows an attacker to trick users into interacting with the interface under the attacker's control.\u00a0\n\nThis issue affects all versions of Paragon Automation (Pathfinder, Planner, Insights) before 24.1.1."}], "lastModified": "2026-01-26T18:01:01.997", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:juniper:paragon_automation:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6E0B7E88-1016-4ED6-86C3-B60B6D8CE501", "versionEndExcluding": "24.1.1"}], "operator": "OR"}]}], "sourceIdentifier": "sirt@juniper.net"}