Vulnerability Database

319,592

Total vulnerabilities in the database

CVE-2025-59975

An Uncontrolled Resource Consumption vulnerability in the HTTP daemon (httpd) of Juniper Networks Junos Space allows an unauthenticated network-based attacker flooding the device with inbound API calls to consume all resources on the system, leading to a Denial of Service (DoS).

After continuously flooding the system with inbound connection requests, all available file handles become consumed, blocking access to the system via SSH and the web user interface (WebUI), resulting in a management interface DoS. A manual reboot of the system is required to restore functionality.

This issue affects Junos Space:

all versions before 22.2R1 Patch V3,
from 23.1 before 23.1R1 Patch V3.

Published: Oct 9, 2025
Updated: Nov 16, 2025
CVE: CVE-2025-59975
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWEs:

CWE-400

Affected Software
References

Software	From	Fixed in
juniper / junos_space	-	22.2
juniper / junos_space	22.2-r1	22.2-r1.x
juniper / junos_space	23.1-r1	23.1-r1.x

https://supportportal.juniper.net/JSA103172

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo