CVE-2025-59958
BaseFortify
Publication date: 2025-10-09
Last updated on: 2025-10-14
Assigner: Juniper Networks, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| juniper | junoss_evolved | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-754 | The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an improper check for unusual or exceptional conditions in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved on PTX Series. When an output firewall filter with 'reject' action terms is applied to WAN or revenue interfaces, packets that match these terms are mistakenly sent to the Routing Engine (RE) instead of being dropped. The RE then processes these packets, consuming its limited resources. Additionally, responses from the RE to the source of this traffic could reveal confidential information about the device. This issue does not affect management or loopback interfaces or input filters.
How can this vulnerability impact me? :
This vulnerability can impact you by causing a loss of confidentiality and availability. Specifically, the Routing Engine's limited resources may be consumed by processing packets that should have been rejected, potentially leading to degraded device performance or availability issues. Furthermore, the responses sent back to the source of the rejected traffic could leak confidential information about the affected device.