Missing Authorization Vulnerability in Junos Space Security Director by Juniper Networks
CVE-2025-59968

7.7HIGH

Key Information:

Vendor: Juniper Networks
Status: Junos Space Security Director; Junos Os
Vendor: CVE Published:; 9 October 2025

🔔 Create Juniper Networks Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2025-59968?

A vulnerability in Junos Space Security Director allows unauthenticated attackers to read or modify metadata through the web interface. This unauthorized access could enable malicious actors to create conditions where network traffic, normally restricted by security policies, is allowed through managed SRX Series devices. Consequently, this undermines the intended protections, exposing the network to potential threats. All versions prior to 24.1R3 Patch V4 are impacted, though managed cSRX Series devices remain unaffected. Organizations utilizing this product should assess their security posture and apply necessary updates to mitigate risks.

Affected Version(s)

Junos OS vSRX Series 0

Junos Space Security Director 0 < 24.1R3 Patch V4

Junos OS cSRX 0

References

https://supportportal.juniper.net/JSA103157

vendor-advisory

https://www.juniper.net/documentation/us/en/software/nm-a...

technical-description

CVSS V4

Score:

7.7

Severity:

HIGH

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Oct 9, 2025
Vulnerability published
Oct 9, 2025
Vulnerability Reserved
Sep 23, 2025

JSON