【資安漏洞預警】Juniper Junos Space存在高風險安全漏洞(CVE-2025-59978)，請儘速確認並進行修補

【資安漏洞預警】Juniper Junos Space存在高風險安全漏洞(CVE-2025-59978)，請儘速確認並進行修補
[Security Vulnerability Alert] Juniper Junos Space has a high-risk security vulnerability (CVE-2025-59978). Please confirm and patch it as soon as possible.

發布單位：圖資處數位服務組

日期範圍：2025/10/17 ～ 2026/4/17

發布單位：圖資處數位服務組

日期範圍：2025/10/17 ～ 2026/4/17

行政行政公告

全體

轉發國家資安資訊分享與分析中心 NISAC-200-202510-00000030

[內容說明]
研究人員發現Juniper Junos Space存在儲存型跨網站腳本攻擊(Cross-Site Scripting)漏洞(CVE-2025-59978)。已通過身分鑑別之遠端攻擊者可利用此漏洞，將惡意腳本注入網頁中。當使用者瀏覽受影響頁面時，將於其瀏覽器中執行惡意腳本，攻擊者即可以管理者權限執行未經授權之指令，請儘速確認並進行修補。

[影響平台]
Junos Space 24.1R4(不含)以前版本

[建議措施]
官方已針對漏洞釋出修復更新，請參考官方說明進行更新，網址如下：
https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-24-1R4-release

[參考資料]
1. https://nvd.nist.gov/vuln/detail/CVE-2025-59978
2. https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-24-1R4-release

Forwarded by the National Information Security Information Sharing and Analysis Center (NISAC-200-202510-00000030)

[Content Description]
Researchers have discovered a stored cross-site scripting vulnerability (CVE-2025-59978) in Juniper Junos Space. An authenticated remote attacker could exploit this vulnerability to inject malicious scripts into web pages. When a user browses to an affected page, the malicious script will execute in their browser, allowing the attacker to execute unauthorized commands with administrator privileges. Please verify and patch this vulnerability as soon as possible.

[Affected Platforms]
Junos Space versions prior to 24.1R4

[Recommended Action]
Officials have released a fix for this vulnerability. Please refer to the official instructions for the update:
https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-24-1R4-release

[References]
1. https://nvd.nist.gov/vuln/detail/CVE-2025-59978
2. https://supportportal.juniper.net/s/article/2025-10-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-24-1R4-release

【資安漏洞預警】Juniper Junos Space存在高風險安全漏洞(CVE-2025-59978)，請儘速確認並進行修補
[Security Vulnerability Alert] Juniper Junos Space has a high-risk security vulnerability (CVE-2025-59978). Please confirm and patch it as soon as possible.

發布單位：圖資處數位服務組

日期範圍：2025/10/17 ～ 2026/4/17

行政行政公告

全體

相關附件

無

【返回上頁】

【資安漏洞預警】Juniper Junos Space存在高風險安全漏洞(CVE-2025-59978)，請儘速確認並進行修補 [Security Vulnerability Alert] Juniper Junos Space has a high-risk security vulnerability (CVE-2025-59978). Please confirm and patch it as soon as possible.

發布單位：圖資處數位服務組

日期範圍：2025/10/17 ～ 2026/4/17

行政 行政公告

全體

相關附件

無

【返回上頁】

【資安漏洞預警】Juniper Junos Space存在高風險安全漏洞(CVE-2025-59978)，請儘速確認並進行修補
[Security Vulnerability Alert] Juniper Junos Space has a high-risk security vulnerability (CVE-2025-59978). Please confirm and patch it as soon as possible.

行政行政公告