CVE-2014-3814

2014-06-1314:55:16

CWE-20

[email protected]

web.nvd.nist.gov

juniper

netscreen

firewall

screenos

6.3r17

denial of service

dos

cve-2014-3814

nvd

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.9 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.6%

JSON

The Juniper Networks NetScreen Firewall devices with ScreenOS before 6.3r17, when configured to use the internal DNS lookup client, allows remote attackers to cause a denial of service (crash and reboot) via a sequence of malformed packets to the device IP.

Affected configurations

NVD

Node

juniperscreenosRange≤6.3.0

juniperscreenosMatch6.0.0

juniperscreenosMatch6.1.0

juniperscreenosMatch6.2.0

AND

junipernetscreen-5200Match-

junipernetscreen-5400Match-

CPENameOperatorVersion
juniper:screenosjuniper screenosle6.3.0
juniper:screenosjuniper screenoseq6.0.0
juniper:screenosjuniper screenoseq6.1.0
juniper:screenosjuniper screenoseq6.2.0
juniper:netscreen-5200juniper netscreen-5200eq-
juniper:netscreen-5400juniper netscreen-5400eq-

CPE	Name	Operator	Version
juniper:screenos	juniper screenos	le	6.3.0
juniper:screenos	juniper screenos	eq	6.0.0
juniper:screenos	juniper screenos	eq	6.1.0
juniper:screenos	juniper screenos	eq	6.2.0
juniper:netscreen-5200	juniper netscreen-5200	eq	-
juniper:netscreen-5400	juniper netscreen-5400	eq	-