Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2014-3818

Juniper Junos OS 9.1 through 11.4 before 11.4R11, 12.1 before R10, 12.1X44 before D40, 12.1X46 before D30, 12.1X47 before D11 and 12.147-D15, 12.1X48 before D41 and D62, 12.2 before R8, 12.2X50 before D70, 12.3 before R6, 13.1 before R4-S2, 13.1X49 before D49, 13.1X50 before 30, 13.2 before R4, 13.2X50 before D20, 13.2X51 before D25, 13.2X52 before D15, 13.3 before R2, and 14.1 before R1, when supporting 4-byte AS numbers and a BGP peer does not, allows remote attackers to cause a denial of service (memory corruption and RDP routing process crash and restart) via crafted transitive attributes in a BGP UPDATE.

Published

2014-10-14T14:55:05.007

Last Modified

2025-04-12T10:46:40.837

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 7.8 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: COMPLETE

Exploitability Score

10.0

Impact Score

6.9

Weaknesses

Type: Primary
CWE-119

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	juniper	junos	9.1	Yes
Operating System	juniper	junos	9.2	Yes
Operating System	juniper	junos	9.4	Yes
Operating System	juniper	junos	9.5	Yes
Operating System	juniper	junos	9.6	Yes
Operating System	juniper	junos	10.0	Yes
Operating System	juniper	junos	10.1	Yes
Operating System	juniper	junos	10.2	Yes
Operating System	juniper	junos	10.3	Yes
Operating System	juniper	junos	10.4	Yes
Operating System	juniper	junos	10.4r	Yes
Operating System	juniper	junos	10.4s	Yes
Operating System	juniper	junos	11.0	Yes
Operating System	juniper	junos	11.1	Yes
Operating System	juniper	junos	11.2	Yes
Operating System	juniper	junos	11.3	Yes
Operating System	juniper	junos	11.4	Yes
Operating System	juniper	junos	12.1	Yes
Operating System	juniper	junos	12.1x44	Yes
Operating System	juniper	junos	12.1x46	Yes
Operating System	juniper	junos	12.1x47	Yes
Operating System	juniper	junos	12.1x48	Yes
Operating System	juniper	junos	12.2	Yes
Operating System	juniper	junos	12.2x50	Yes
Operating System	juniper	junos	12.3	Yes
Operating System	juniper	junos	13.1	Yes
Operating System	juniper	junos	13.1x49	Yes
Operating System	juniper	junos	13.1x50	Yes
Operating System	juniper	junos	13.2	Yes
Operating System	juniper	junos	13.2x50	Yes
Operating System	juniper	junos	13.2x51	Yes
Operating System	juniper	junos	13.2x52	Yes
Operating System	juniper	junos	13.3	Yes
Operating System	juniper	junos	14.1	Yes

References

http://www.securitytracker.com/id/1031009 ([email protected])
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10653 Vendor Advisory ([email protected])
http://www.securitytracker.com/id/1031009 (af854a3a-2127-422b-91ae-364da2661108)
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10653 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)