CVE-2025-59968 – An unauthenticated attacker can read or modify ... (How to Fix)

Q: What is the severity of CVE-2025-59968?

CVE-2025-59968 has a CVSS score of 8.6 (HIGH). An unauthenticated attacker can read or modify metadata in Juniper Junos Space Security Director, potentially causing managed SRX Series devices to bypass security policies and allow blocked traffic. This affects all versions prior to 24.1R3 Patch V4. Managed cSRX Series devices are not affected.

📋 TL;DR

An unauthenticated attacker can read or modify metadata in Juniper Junos Space Security Director, potentially causing managed SRX Series devices to bypass security policies and allow blocked traffic. This affects all versions prior to 24.1R3 Patch V4. Managed cSRX Series devices are not affected.

💻 Affected Systems

Products:

Juniper Networks Junos Space Security Director

Versions: All versions prior to 24.1R3 Patch V4

Operating Systems: Junos Space platform

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects SRX Series managed devices, not cSRX Series. Requires web interface access.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers bypass all firewall policies on managed SRX devices, allowing unrestricted network access and data exfiltration.

🟠

Likely Case

Attackers modify metadata to create policy exceptions, allowing specific malicious traffic through firewalls.

🟢

If Mitigated

With network segmentation, impact is limited to the Security Director management network only.

🌐 Internet-Facing: HIGH - Web interface accessible from internet allows complete policy bypass on firewalls.

🏢 Internal Only: HIGH - Even internal attackers can compromise security policies without authentication.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Web interface exploitation requires no authentication. Attackers need network access to Security Director.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 24.1R3 Patch V4 or later

Vendor Advisory: https://supportportal.juniper.net/JSA103157

Restart Required: Yes

Instructions:

1. Download patch from Juniper support portal. 2. Apply patch via Junos Space administration interface. 3. Restart Security Director services. 4. Verify patch installation.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict access to Junos Space Security Director web interface to trusted management networks only.

Configure firewall rules to limit access to Security Director IP/ports

Access Control Lists

all

Implement strict source IP restrictions on Security Director web interface.

Configure ACLs on network devices to permit only authorized management stations

🧯 If You Can't Patch

Isolate Security Director to dedicated management VLAN with strict access controls
Implement network monitoring for unauthorized access attempts to Security Director web interface

🔍 How to Verify

Check if Vulnerable:

Check Junos Space version via web interface: Administration > System > About. Verify version is earlier than 24.1R3 Patch V4.

Check Version:

Web interface: Administration > System > About shows current version

Verify Fix Applied:

Confirm version is 24.1R3 Patch V4 or later in Administration > System > About. Test metadata access with unauthenticated requests.

📡 Detection & Monitoring

Log Indicators:

Unauthenticated web requests to Security Director metadata endpoints
Unusual metadata modification events in Security Director logs
SRX policy changes without administrator authentication

Network Indicators:

Unusual traffic patterns from Security Director to managed SRX devices
HTTP requests to Security Director from unauthorized source IPs

SIEM Query:

source="junos-space" AND (http_status=200 AND uri CONTAINS "/metadata" AND user="-")

📊 Metadata

CVE ID: CVE-2025-59968

CVSS v3 Score: 8.6 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N

CWE: CWE-862

EPSS Score: 0.05% exploit probability (16.7th percentile)

Published: October 9, 2025

Last Updated: January 23, 2026

🔗 References

https://supportportal.juniper.net/JSA103157 Vendor Advisory
https://www.juniper.net/documentation/us/en/software/nm-apps24.1/junos-space-security-director/topics/task/junos-space-metadata-creating.html Technical Description

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-59968, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Space Security Director by Juniper

Space Security Director by Juniper

Space Security Director by Juniper

Space Security Director by Juniper

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Network Segmentation

Access Control Lists

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities