Lucene search

[email protected]CVE-2014-6377

HistoryOct 14, 2014 - 2:55 p.m.

CVE-2014-6377

2014-10-1414:55:06

CWE-399

[email protected]

web.nvd.nist.gov

cve-2014-6377

juniper

junose

denial of service

remote attack

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.8 Medium

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.5%

JSON

Juniper JunosE before 13.3.3p0-1, 14.x before 14.3.2, and 15.x before 15.1.0, when DEBUG severity icmpTraffic logging is enabled, allows remote attackers to cause a denial of service (SRP reset) via a crafted ICMP packet to the (1) interface or (2) loopback IP address, which triggers a processor exception in ip_RxData_8.

Affected configurations

NVD

Node

juniperjunos_eRange≤13.3.2

juniperjunos_eMatch13.3.0

juniperjunos_eMatch13.3.1

juniperjunos_eMatch14.3.0

juniperjunos_eMatch14.3.1

CPENameOperatorVersion
juniper:junos_ejuniper junos ele13.3.2
juniper:junos_ejuniper junos eeq13.3.0
juniper:junos_ejuniper junos eeq13.3.1
juniper:junos_ejuniper junos eeq14.3.0
juniper:junos_ejuniper junos eeq14.3.1

CPE	Name	Operator	Version
juniper:junos_e	juniper junos e	le	13.3.2
juniper:junos_e	juniper junos e	eq	13.3.0
juniper:junos_e	juniper junos e	eq	13.3.1
juniper:junos_e	juniper junos e	eq	14.3.0
juniper:junos_e	juniper junos e	eq	14.3.1

References

www.securityfocus.com/bid/70368

www.securitytracker.com/id/1031006

exchange.xforce.ibmcloud.com/vulnerabilities/96907

kb.juniper.net/InfoCenter/index?page=content&id=JSA10651

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.8 Medium

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.5%

JSON

Related for CVE-2014-6377

nessus1 cvelist1 nvd1 prion1