How severe is CVE-2025-30657?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2025-30657?

This is classified as CWE-116, which is a common weakness in software security.

CVE-2025-30657 - MEDIUM Severity | CVSS 5.3

Vulnerability Description

An Improper Encoding or Escaping of Output vulnerability in the Sampling Route Record Daemon (SRRD) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). When a device configured for flow-monitoring receives a specific BGP update message, it is correctly processed internally by the routing protocol daemon (rpd), but when it's sent to SRRD it's encoded incorrectly which leads to a crash and momentary interruption of jflow processing until it automatically restarts. This issue does not affect traffic forwarding itself. This issue affects Junos OS: * All versions before 21.2R3-S9, * 21.4 versions before 21.4R3-S10, * 22.2 versions before 22.2R3-S6, * 22.4 versions before 22.4R3, * 23.2 versions before 23.2R1-S2, 23.2R2. This issue does not affected Junos OS Evolved.

Related Vulnerabilities

CVE-2018-20586

MEDIUM

CVSS:5.3(Medium)

bitcoind and Bitcoin-Qt prior to 0.17.1 allow injection of arbitrary data into the debug log via an RPC call.

CWE-1162018

CVE-2019-11717

MEDIUM

CVSS:5.3(Medium)

A vulnerability exists where the caret ("^") character is improperly escaped constructing some URIs due to it being used as a separator, allowing for possible spoofing of origin attributes. This vulne...

CWE-1162019

CVE-2019-15944

MEDIUM

CVSS:5.3(Medium)

In Counter-Strike: Global Offensive before 8/29/2019, community game servers can display unsafe HTML in a disconnection message.

CWE-1162019

CVE-2019-19714

MEDIUM

CVSS:5.3(Medium)

Contao 4.8.4 and 4.8.5 has Improper Encoding or Escaping of Output. It is possible to inject insert tags into the login module which will be replaced when the page is rendered.

CWE-1162019

CVE-2019-3571

MEDIUM

CVSS:5.3(Medium)

An input validation issue affected WhatsApp Desktop versions prior to 0.3.3793 which allows malicious clients to send files to users that would be displayed with a wrong extension.

CWE-1162019

CVE-2020-24592

MEDIUM

CVSS:5.3(Medium)

Mitel MiCloud Management Portal before 6.1 SP5 could allow an attacker, by sending a crafted request, to view system information due to insufficient output sanitization.

CWE-1162020