CVE-2025-59980

{"id": "CVE-2025-59980", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "sirt@juniper.net", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.5, "exploitabilityScore": 3.9}], "cvssMetricV40": [{"type": "Secondary", "source": "sirt@juniper.net", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.9, "Automatable": "YES", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:X/RE:M/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "LOW", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "MODERATE", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-10-09T17:15:59.427", "references": [{"url": "https://supportportal.juniper.net/JSA103167", "tags": ["Vendor Advisory"], "source": "sirt@juniper.net"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "sirt@juniper.net", "description": [{"lang": "en", "value": "CWE-305"}]}], "descriptions": [{"lang": "en", "value": "An Authentication Bypass by Primary Weakness\n\nin the FTP server of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to get limited read-write access to files on the device.\nWhen the FTP server is enabled and a user named \"ftp\" or \"anonymous\" is configured, that user can login without providing the configured password and then has read-write access to their home directory.\n\nThis issue affects Junos OS:\u00a0\n\n\n\n * all versions before 22.4R3-S8,\n * 23.2 versions before 23.2R2-S3,\n * 23.4 versions before 23.4R2."}], "lastModified": "2026-01-23T18:37:47.893", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "57F66641-003B-49D6-A9B9-AB300CFE3C93", "versionEndExcluding": "22.4"}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1379EF30-AF04-4F98-8328-52A631F24737"}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "28E42A41-7965-456B-B0AF-9D3229CE4D4C"}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CB1A77D6-D3AD-481B-979C-8F778530B175"}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3A064B6B-A99B-4D8D-A62D-B00C7870BC30"}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "40813417-A938-4F74-A419-8C5188A35486"}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7FC1BA1A-DF0E-4B15-86BA-24C60E546732"}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EBB967BF-3495-476D-839A-9DBFCBE69F91"}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7E5688D6-DCA4-4550-9CD1-A3D792252129"}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8494546C-00EA-49B6-B6FA-FDE42CA5B1FA"}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8BB98579-FA33-4E41-A162-A46E9709FBD3"}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "08E2562F-FB18-4347-8497-7D61B8157EBB"}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "494D1D96-1DA2-4B0A-9536-1B5A4FDFCA09"}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "60A1E37B-1990-44D9-87FE-300678243BE2"}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D306ED88-8700-4FD4-8919-3C85728C04C3"}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "11340C63-A638-420C-85C9-1B4438C88D52"}, {"criteria": "cpe:2.3:o:juniper:junos:23.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1A78CC80-E8B1-4CDA-BB35-A61833657FA7"}, {"criteria": "cpe:2.3:o:juniper:junos:23.2:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4B3B2FE1-C228-46BE-AC76-70C2687050AE"}, {"criteria": "cpe:2.3:o:juniper:junos:23.2:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1B16FF0-900F-4AEE-B670-A537139F6909"}, {"criteria": "cpe:2.3:o:juniper:junos:23.2:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B227E831-30FF-4BE1-B8B2-31829A5610A6"}, {"criteria": "cpe:2.3:o:juniper:junos:23.2:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1ADA814B-EF98-45B1-AF7A-0C89688F7CA5"}, {"criteria": "cpe:2.3:o:juniper:junos:23.2:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A6FB32DF-D062-4FB9-8777-452978BEC7B7"}, {"criteria": "cpe:2.3:o:juniper:junos:23.2:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B3B6C811-5C10-4486-849D-5559B592350A"}, {"criteria": "cpe:2.3:o:juniper:junos:23.4:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "78481ABC-3620-410D-BC78-334657E0BB75"}, {"criteria": "cpe:2.3:o:juniper:junos:23.4:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BE8A5BA3-87BD-473A-B229-2AAB2C797005"}, {"criteria": "cpe:2.3:o:juniper:junos:23.4:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8B74AC3E-8FC9-400A-A176-4F7F21F10756"}, {"criteria": "cpe:2.3:o:juniper:junos:23.4:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CB2D1FCE-8019-4CE1-BA45-D62F91AF7B51"}], "operator": "OR"}]}], "sourceIdentifier": "sirt@juniper.net"}