Sign-up

ID

VAR-201401-0349


CVE

CVE-2014-0618


TITLE

Juniper Networks SRX Operates on the series service gateway Junos Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2014-001038

DESCRIPTION

Juniper Junos before 10.4 before 10.4R16, 11.4 before 11.4R8, 12.1R before 12.1R7, 12.1X44 before 12.1X44-D20, and 12.1X45 before 12.1X45-D10 on SRX Series service gateways, when used as a UAC enforcer and captive portal is enabled, allows remote attackers to cause a denial of service (flowd crash) via a crafted HTTP message. Juniper Junos is prone to a remote denial-of-service vulnerability. Successful exploits may allow the attacker to cause denial-of-service conditions. Juniper Networks Juniper Junos is a set of network operating system of Juniper Networks (Juniper Networks) dedicated to the company's hardware system. The operating system provides a secure programming interface and Junos SDK. The following releases are affected: Juniper Junos 10.4 prior to 10.4R16, 11.4 prior to 11.4R8, 12.1R prior to 12.1R7, 12.1X44 prior to 12.1X44-D20, 12.1X45 prior to 12.1X45-D10

Trust: 1.98

sources: NVD: CVE-2014-0618 // JVNDB: JVNDB-2014-001038 // BID: 64769 // VULHUB: VHN-68111

AFFECTED PRODUCTS

vendor:junipermodel:junosscope:eqversion:11.4

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:12.1x44

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:12.1x45

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:10.4

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:12.1r

Trust: 1.6

vendor:junipermodel:srx3600scope:eqversion: -

Trust: 1.0

vendor:junipermodel:srx100scope:eqversion: -

Trust: 1.0

vendor:junipermodel:srx240scope:eqversion: -

Trust: 1.0

vendor:junipermodel:srx550scope:eqversion: -

Trust: 1.0

vendor:junipermodel:srx210scope:eqversion: -

Trust: 1.0

vendor:junipermodel:srx110scope:eqversion: -

Trust: 1.0

vendor:junipermodel:srx1400scope:eqversion: -

Trust: 1.0

vendor:junipermodel:srx3400scope:eqversion: -

Trust: 1.0

vendor:junipermodel:srx650scope:eqversion: -

Trust: 1.0

vendor:junipermodel:srx220scope:eqversion: -

Trust: 1.0

vendor:junipermodel:srx5800scope:eqversion: -

Trust: 1.0

vendor:junipermodel:srx5600scope:eqversion: -

Trust: 1.0

vendor:junipermodel:junos osscope:ltversion:12.1x44

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:10.4

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:11.4r8

Trust: 0.8

vendor:junipermodel:srx3400scope: - version: -

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:12.1x44-d20

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:11.4

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:12.1r7

Trust: 0.8

vendor:junipermodel:srx210scope: - version: -

Trust: 0.8

vendor:junipermodel:srx650scope: - version: -

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:10.4r16

Trust: 0.8

vendor:junipermodel:srx550scope: - version: -

Trust: 0.8

vendor:junipermodel:srx5800scope: - version: -

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:12.1x45

Trust: 0.8

vendor:junipermodel:srx100scope: - version: -

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:12.1x45-d10

Trust: 0.8

vendor:junipermodel:srx220scope: - version: -

Trust: 0.8

vendor:junipermodel:srx5600scope: - version: -

Trust: 0.8

vendor:junipermodel:srx110scope: - version: -

Trust: 0.8

vendor:junipermodel:srx240scope: - version: -

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:12.1r

Trust: 0.8

vendor:junipermodel:srx1400scope: - version: -

Trust: 0.8

vendor:junipermodel:srx3600scope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2014-001038 // CNNVD: CNNVD-201401-159 // NVD: CVE-2014-0618

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-0618
value: HIGH

Trust: 1.0

NVD: CVE-2014-0618
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201401-159
value: HIGH

Trust: 0.6

VULHUB: VHN-68111
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2014-0618
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-68111
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-68111 // JVNDB: JVNDB-2014-001038 // CNNVD: CNNVD-201401-159 // NVD: CVE-2014-0618

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2014-0618

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201401-159

TYPE

Failure to Handle Exceptional Conditions

Trust: 0.3

sources: BID: 64769

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2014-001038

PATCH
title:JSA10611url:https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10611
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2014-001038

EXTERNAL IDS
db:NVDid:CVE-2014-0618
Trust: 2.8
db:OSVDBid:101864
Trust: 1.7
db:JUNIPERid:JSA10611
Trust: 1.7
db:BIDid:64769
Trust: 1.4
db:SECTRACKid:1029584
Trust: 1.1
db:JVNDBid:JVNDB-2014-001038
Trust: 0.8
db:CNNVDid:CNNVD-201401-159
Trust: 0.7
db:VULHUBid:VHN-68111
Trust: 0.1
sources:
            
            
            VULHUB: VHN-68111 // 
            
            
            
            BID: 64769 // 
            
            
            
            JVNDB: JVNDB-2014-001038 // 
            
            
            
            CNNVD: CNNVD-201401-159 // 
            
            
            
            NVD: CVE-2014-0618

REFERENCES
url:http://osvdb.org/101864
Trust: 1.7
url:https://kb.juniper.net/infocenter/index?page=content&id=jsa10611
Trust: 1.6
url:http://www.securityfocus.com/bid/64769
Trust: 1.1
url:http://www.securitytracker.com/id/1029584
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/90238
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0618
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0618
Trust: 0.8
url:http://www.juniper.net/
Trust: 0.3
url:https://kb.juniper.net/infocenter/index?page=content&id=jsa10611
Trust: 0.1
sources:
            
            
            VULHUB: VHN-68111 // 
            
            
            
            BID: 64769 // 
            
            
            
            JVNDB: JVNDB-2014-001038 // 
            
            
            
            CNNVD: CNNVD-201401-159 // 
            
            
            
            NVD: CVE-2014-0618

CREDITS
The vendor reported this issue.
Trust: 0.3
sources:
            
            
            BID: 64769

SOURCES
db:VULHUBid:VHN-68111
db:BIDid:64769
db:JVNDBid:JVNDB-2014-001038
db:CNNVDid:CNNVD-201401-159
db:NVDid:CVE-2014-0618

LAST UPDATE DATE
2024-11-23T22:49:32.708000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-68111date:2017-08-29T00:00:00
db:BIDid:64769date:2014-01-10T00:00:00
db:JVNDBid:JVNDB-2014-001038date:2014-01-15T00:00:00
db:CNNVDid:CNNVD-201401-159date:2014-01-14T00:00:00
db:NVDid:CVE-2014-0618date:2024-11-21T02:02:30.550

SOURCES RELEASE DATE
db:VULHUBid:VHN-68111date:2014-01-11T00:00:00
db:BIDid:64769date:2014-01-10T00:00:00
db:JVNDBid:JVNDB-2014-001038date:2014-01-15T00:00:00
db:CNNVDid:CNNVD-201401-159date:2014-01-14T00:00:00
db:NVDid:CVE-2014-0618date:2014-01-11T04:44:42.617