CVE-2025-59975

HIGH

7.5

Beschreibung

An Uncontrolled Resource Consumption vulnerability in the HTTP daemon (httpd) of Juniper Networks Junos Space allows an unauthenticated network-based attacker flooding the device with inbound API calls to consume all resources on the system, leading to a Denial of Service (DoS). After continuously flooding the system with inbound connection requests, all available file handles become consumed, blocking access to the system via SSH and the web user interface (WebUI), resulting in a management interface DoS. A manual reboot of the system is required to restore functionality. This issue affects Junos Space: * all versions before 22.2R1 Patch V3, * from 23.1 before 23.1R1 Patch V3.

CVE Details

CVSS v3.1 Bewertung7.5

SchweregradHIGH

CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AngriffsvektorNETWORK

KomplexitatLOW

Erforderliche PrivilegienNONE

BenutzerinteraktionNONE

Veroffentlicht10/9/2025

Zuletzt geandert1/23/2026

Quellenvd

Honeypot-Sichtungen0

Betroffene Produkte

juniper:junos_space

Schwachen (CWE)

CWE-400

Referenzen

https://supportportal.juniper.net/JSA103172(sirt@juniper.net)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.