Sign-up

ID

VAR-201510-0583


CVE

CVE-2014-6451


TITLE

Juniper Junos OS of vSRX Virtual firewall J-Web Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2015-005350

DESCRIPTION

J-Web in Juniper vSRX virtual firewalls with Junos OS before 15.1X49-D20 allows remote attackers to cause a denial of service (system reboot) via unspecified vectors. Juniper Junos is prone to a remote denial-of-service vulnerability. A remote attacker may exploit this issue to reboot the vSRX instance, denying service to legitimate users. Juniper Networks vSRX virtual is a firewall simulator product of Juniper Networks (Juniper Networks). J-Web is one of the network management tools

Trust: 2.07

sources: NVD: CVE-2014-6451 // JVNDB: JVNDB-2015-005350 // BID: 77122 // VULHUB: VHN-74395 // VULMON: CVE-2014-6451

AFFECTED PRODUCTS

vendor:junipermodel:junosscope:lteversion:15.1x49

Trust: 1.0

vendor:junipermodel:junos osscope:ltversion:15.1x49-d20

Trust: 0.8

vendor:junipermodel:junosscope:eqversion:15.1x49

Trust: 0.6

vendor:junipermodel:vsrx seriesscope:eqversion:0

Trust: 0.3

vendor:junipermodel:junosescope:eqversion:14.3.2

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d10scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1r1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.2r3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.2r2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.2r1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos r2scope:eqversion:14.2

Trust: 0.3

vendor:junipermodel:junos r1scope:eqversion:14.2

Trust: 0.3

vendor:junipermodel:junos rscope:eqversion:14.2

Trust: 0.3

vendor:junipermodel:junos 14.1x55-d25scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x55-d20scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d16scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x53-d12scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x50-d85scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1x50-d70scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1r5scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1r4scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1r3-s2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1r3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1r2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 14.1r1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos r3scope:eqversion:14.1

Trust: 0.3

vendor:junipermodel:junos r2scope:eqversion:14.1

Trust: 0.3

vendor:junipermodel:junos r1scope:eqversion:14.1

Trust: 0.3

vendor:junipermodel:junosscope:eqversion:14.1

Trust: 0.3

vendor:junipermodel:junos 13.3r5scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 13.3r4scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 13.3r3-s3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 13.3r3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 13.3r2-s3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 13.3r2-s2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 13.3r2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 13.3r1.7scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 13.3r1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 13.2x51-d15.5scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 13.2x50-d15.3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 13.2r6scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 13.2r5scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 13.2r4scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 13.2r3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 13.2r2-s2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 13.2r2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 13.2r1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 13.1x50-d15.1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3x48-d10scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3r8.7scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3r8scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3r7-s1scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3r7scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3r6.6scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3r6scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3r5scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3r4.6scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3r4-s3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3r4-s2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3r4scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3r3.4scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3r3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3r2-s3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.3r2scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x47-d20scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x47-d15scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x47-d11scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x47-d10scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d30scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d25scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d20.5scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d20scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d15scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x46-d10scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x44-d45scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x44-d40scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x44-d35.5scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x44-d35scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x44-d34scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x44-d32scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x44-d30.4scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x44-d30scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x44-d26scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x44-d25scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x44-d20.3scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x44-d20scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 12.1x44-d15scope: - version: -

Trust: 0.3

vendor:junipermodel:junos 15.1x49-d20scope:neversion: -

Trust: 0.3

sources: BID: 77122 // JVNDB: JVNDB-2015-005350 // CNNVD: CNNVD-201510-294 // NVD: CVE-2014-6451

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-6451
value: HIGH

Trust: 1.0

NVD: CVE-2014-6451
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201510-294
value: HIGH

Trust: 0.6

VULHUB: VHN-74395
value: HIGH

Trust: 0.1

VULMON: CVE-2014-6451
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2014-6451
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-74395
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-74395 // VULMON: CVE-2014-6451 // JVNDB: JVNDB-2015-005350 // CNNVD: CNNVD-201510-294 // NVD: CVE-2014-6451

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2014-6451

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201510-294

TYPE

Failure to Handle Exceptional Conditions

Trust: 0.3

sources: BID: 77122

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-005350

PATCH
title:JSA10700url:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10700&actp=search
Trust: 0.8
title:Juniper Networks vSRX virtual Repair measures for firewall denial of service vulnerabilityurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58142
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2015-005350 // 
            
            
            
            CNNVD: CNNVD-201510-294

EXTERNAL IDS
db:NVDid:CVE-2014-6451
Trust: 2.9
db:JUNIPERid:JSA10700
Trust: 2.1
db:SECTRACKid:1033857
Trust: 1.2
db:JVNDBid:JVNDB-2015-005350
Trust: 0.8
db:CNNVDid:CNNVD-201510-294
Trust: 0.7
db:BIDid:77122
Trust: 0.4
db:VULHUBid:VHN-74395
Trust: 0.1
db:VULMONid:CVE-2014-6451
Trust: 0.1
sources:
            
            
            VULHUB: VHN-74395 // 
            
            
            
            VULMON: CVE-2014-6451 // 
            
            
            
            BID: 77122 // 
            
            
            
            JVNDB: JVNDB-2015-005350 // 
            
            
            
            CNNVD: CNNVD-201510-294 // 
            
            
            
            NVD: CVE-2014-6451

REFERENCES
url:http://kb.juniper.net/infocenter/index?page=content&id=jsa10700
Trust: 2.0
url:http://www.securitytracker.com/id/1033857
Trust: 1.2
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-6451
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-6451
Trust: 0.8
url:http://www.juniper.net/
Trust: 0.3
url:http://kb.juniper.net/infocenter/index?page=content&id=jsa10700
Trust: 0.1
url:https://cwe.mitre.org/data/definitions/.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            VULHUB: VHN-74395 // 
            
            
            
            VULMON: CVE-2014-6451 // 
            
            
            
            BID: 77122 // 
            
            
            
            JVNDB: JVNDB-2015-005350 // 
            
            
            
            CNNVD: CNNVD-201510-294 // 
            
            
            
            NVD: CVE-2014-6451

CREDITS
The vendor reported this issue.
Trust: 0.3
sources:
            
            
            BID: 77122

SOURCES
db:VULHUBid:VHN-74395
db:VULMONid:CVE-2014-6451
db:BIDid:77122
db:JVNDBid:JVNDB-2015-005350
db:CNNVDid:CNNVD-201510-294
db:NVDid:CVE-2014-6451

LAST UPDATE DATE
2024-11-23T22:45:55.813000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-74395date:2016-12-08T00:00:00
db:VULMONid:CVE-2014-6451date:2016-12-08T00:00:00
db:BIDid:77122date:2015-10-16T00:00:00
db:JVNDBid:JVNDB-2015-005350date:2015-10-20T00:00:00
db:CNNVDid:CNNVD-201510-294date:2015-10-19T00:00:00
db:NVDid:CVE-2014-6451date:2024-11-21T02:14:24.767

SOURCES RELEASE DATE
db:VULHUBid:VHN-74395date:2015-10-16T00:00:00
db:VULMONid:CVE-2014-6451date:2015-10-16T00:00:00
db:BIDid:77122date:2015-10-16T00:00:00
db:JVNDBid:JVNDB-2015-005350date:2015-10-20T00:00:00
db:CNNVDid:CNNVD-201510-294date:2015-10-19T00:00:00
db:NVDid:CVE-2014-6451date:2015-10-16T20:59:03.073