Unrated severityNVD Advisory· Published Oct 9, 2025· Updated Oct 9, 2025

Junos Space: Flooding device with inbound API calls leads to WebUI and CLI management access DoS

CVE-2025-59975

Description

An Uncontrolled Resource Consumption vulnerability in the HTTP daemon (httpd) of Juniper Networks Junos Space allows an unauthenticated network-based attacker flooding the device with inbound API calls to consume all resources on the system, leading to a Denial of Service (DoS).

After continuously flooding the system with inbound connection requests, all available file handles become consumed, blocking access to the system via SSH and the web user interface (WebUI), resulting in a management interface DoS. A manual reboot of the system is required to restore functionality.

This issue affects Junos Space: * all versions before 22.2R1 Patch V3, * from 23.1 before 23.1R1 Patch V3.

Affected products

Juniper Networks/Junos Spacellm-fuzzy
Range: <22.2R1 Patch V3, >=23.1 <23.1R1 Patch V3
Juniper Networks/Junos Spacev5
Range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

supportportal.juniper.net/JSA103172mitrevendor-advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000