216.73.216.233

CVE-2025-59975

· Published 09/10/2025 16:15 · Modified 09/10/2025 16:15

Labels: CVE-2025-59975 2025-10-09CVE-2025-59975CWE-400[email protected]

Essential information

Published
09/10/2025 16:15
Modified
09/10/2025 16:15
Author
Creator
CVSS
8.7 HIGH (v3) 8.7 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

An Uncontrolled Resource Consumption vulnerability in the HTTP daemon (httpd) of Juniper Networks Junos Space allows an unauthenticated network-based attacker flooding the device with inbound API calls to consume all resources on the system, leading to a Denial of Service (DoS). After continuously flooding the system with inbound connection requests, all available file handles become consumed, blocking access to the system via SSH and the web user interface (WebUI), resulting in a management interface DoS. A manual reboot of the system is required to restore functionality. This issue affects Junos Space: * all versions before 22.2R1 Patch V3, * from 23.1 before 23.1R1 Patch V3.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
juniper / juniper junos space cpe:2.3:a:juniper:juniper_junos_space:*:*:*:*:*:*:*:*
juniper / juniper junos space cpe:2.3:a:juniper:juniper_junos_space:<22.2R1:patch_v3:*:*:*:*:*:*
juniper / juniper junos space cpe:2.3:a:juniper:juniper_junos_space:23.1:<23.1R1:patch_v3:*:*:*:*:*:*

References