CVE-2014-0613

2014-01-1516:08:04

[email protected]

web.nvd.nist.gov

juniper

junos

xnm

command processor

denial of service

vulnerability

cve-2014-0613

7 High

AI Score

Confidence

Low

7.1 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

0.007 Low

EPSS

Percentile

80.7%

JSON

The XNM command processor in Juniper Junos 10.4 before 10.4R16, 11.4 before 11.4R10, 12.1R before 12.1R8-S2, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, 12.1X46 before 12.1X46-D10, 12.2 before 12.2R7, 12.3 before 12.3R5, 13.1 before 13.1R3-S1, 13.2 before 13.2R2-S2, and 13.3 before 13.3R1, when xnm-ssl or xnm-clear-text is enabled, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.

Affected configurations

NVD

Node

juniperjunosMatch10.4

juniperjunosMatch11.4

juniperjunosMatch12.1r

juniperjunosMatch12.1x44

juniperjunosMatch12.1x45

juniperjunosMatch12.1x46

juniperjunosMatch12.2

juniperjunosMatch12.3

juniperjunosMatch13.1

juniperjunosMatch13.2

juniperjunosMatch13.3

CPENameOperatorVersion
juniper:junosjuniper junoseq10.4
juniper:junosjuniper junoseq11.4
juniper:junosjuniper junoseq12.1r
juniper:junosjuniper junoseq12.1x44
juniper:junosjuniper junoseq12.1x45
juniper:junosjuniper junoseq12.1x46
juniper:junosjuniper junoseq12.2
juniper:junosjuniper junoseq12.3
juniper:junosjuniper junoseq13.1
juniper:junosjuniper junoseq13.2

CPE	Name	Operator	Version
juniper:junos	juniper junos	eq	10.4
juniper:junos	juniper junos	eq	11.4
juniper:junos	juniper junos	eq	12.1r
juniper:junos	juniper junos	eq	12.1x44
juniper:junos	juniper junos	eq	12.1x45
juniper:junos	juniper junos	eq	12.1x46
juniper:junos	juniper junos	eq	12.2
juniper:junos	juniper junos	eq	12.3
juniper:junos	juniper junos	eq	13.1
juniper:junos	juniper junos	eq	13.2