Vulnerability Description
A Missing Authorization vulnerability in the Juniper Networks Junos Space Security Director allows an unauthenticated network-based attacker to read or modify metadata via the web interface. Tampering with this metadata can result in managed SRX Series devices permitting network traffic that should otherwise be blocked by policy, effectively bypassing intended security controls. This issue affects Junos Space Security Director * all versions prior to 24.1R3 Patch V4 This issue does not affect managed cSRX Series devices.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Juniper | Space Security Director | < 24.1 |
| Juniper | Vsrx | - |
| Juniper | Srx1500 | - |
| Juniper | Srx1600 | - |
| Juniper | Srx2300 | - |
| Juniper | Srx300 | - |
| Juniper | Srx320 | - |
| Juniper | Srx340 | - |
| Juniper | Srx345 | - |
| Juniper | Srx380 | - |
| Juniper | Srx4100 | - |
| Juniper | Srx4120 | - |
| Juniper | Srx4200 | - |
| Juniper | Srx4300 | - |
| Juniper | Srx4600 | - |
| Juniper | Srx4700 | - |
| Juniper | Srx5400 | - |
| Juniper | Srx5600 | - |
| Juniper | Srx5800 | - |
Related Weaknesses (CWE)
References
- https://supportportal.juniper.net/JSA103157Vendor Advisory
- https://www.juniper.net/documentation/us/en/software/nm-apps24.1/junos-space-secTechnical Description
FAQ
What is CVE-2025-59968?
CVE-2025-59968 is a vulnerability with a CVSS score of 8.6 (HIGH). A Missing Authorization vulnerability in the Juniper Networks Junos Space Security Director allows an unauthenticated network-based attacker to read or modify metadata via the web interface. Tamp...
How severe is CVE-2025-59968?
CVE-2025-59968 has been rated HIGH with a CVSS base score of 8.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-59968?
Check the references section above for vendor advisories and patch information. Affected products include: Juniper Space Security Director, Juniper Vsrx, Juniper Srx1500, Juniper Srx1600, Juniper Srx2300.