CVE-2025-59975
Severity
8.7HIGH
EPSS
0.1%
top 71.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedOct 9
Description
An Uncontrolled Resource Consumption vulnerability in the HTTP daemon (httpd) of Juniper Networks Junos Space allows an unauthenticated network-based attacker flooding the device with inbound API calls to consume all resources on the system, leading to a Denial of Service (DoS).
After continuously flooding the system with inbound connection requests, all available file handles become consumed, blocking access to the system via SSH and the web user interface (WebUI), resulting in a management in…
CVSS vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L
Affected Packages2 packages
🔴Vulnerability Details
2GHSA▶
GHSA-834q-vmvq-2qjx: An Uncontrolled Resource Consumption vulnerability in the HTTP daemon (httpd) of Juniper Networks Junos Space allows an unauthenticated network-based↗2025-10-09
CVEList▶
Junos Space: Flooding device with inbound API calls leads to WebUI and CLI management access DoS↗2025-10-09
📋Vendor Advisories
1Juniper▶
CVE-2025-59975: An Uncontrolled Resource Consumption vulnerability in the HTTP daemon (httpd) of Juniper Networks Junos Space allows an unauthenticated network-based↗2025-10-09