CVE-2014-0616

Published Jan 15, 2014

Last updated 11 years ago

Overview

Description: Juniper Junos 10.4 before 10.4R16, 11.4 before 11.4R10, 12.1R before 12.1R8-S2, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, 12.1X46 before 12.1X46-D10, 12.2 before 12.2R7, 12.3 before 12.3R4-S2, 13.1 before 13.1R3-S1, 13.2 before 13.2R2, and 13.3 before 13.3R1 allows remote attackers to cause a denial of service (rdp crash) via a large BGP UPDATE message which immediately triggers a withdraw message to be sent, as demonstrated by a long AS_PATH and a large number of BGP Communities.
Source: cve@mitre.org
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.1
Impact score: 6.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-362

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:juniper:junos:10.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "45C2DA1E-12A7-4018-92CE-7621FC278025"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:11.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "41543223-0FA9-4CBE-8DEC-717CE5FFED79"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:12.1r:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ECE31A7E-657C-49FC-B3F8-5654B0C6087E"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:12.1x44:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1B307477-C5F2-4D98-AF4C-640D326164C7"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:12.1x45:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8E747970-4C27-4B46-9163-964252CB98F6"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:12.1x46:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CFB89F64-16BB-4A14-9084-B338668D7FF1"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:12.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5FB9541A-2570-459A-87D6-5341C67B8EC8"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:12.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8E014A0D-0054-4EBA-BA1F-035B74BD822F"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:13.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "71FB12AC-DB5A-444A-81E0-C0DDD06810EB"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:13.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CAB7D840-9469-4CE2-8DBF-017A44741374"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:13.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E4AF5DAA-62F5-491F-A9CE-098970671D43"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References