The Juniper MX Series routers with Junos 13.3R3 through 13.3Rx before 13.3R6, 14.1 before 14.1R4, 14.1X50 before 14.1X50-D70, and 14.2 before 14.2R2, when configured as a broadband edge (BBE) router, allows remote attackers to cause a denial of service (jpppd crash and restart) by sending a crafted PAP Authenticate-Request after the PPPoE Discovery and LCP phase are complete.
2015-01-16T16:59:02.967
2025-04-12T10:46:40.837
Deferred
CVSSv2: 7.1 (HIGH)
AV:N/AC:M/Au:N/C:N/I:N/A:C
8.6
6.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | juniper | junos | 13.3 | Yes |
| Operating System | juniper | junos | 13.3 | Yes |
| Operating System | juniper | junos | 13.3 | Yes |
| Operating System | juniper | junos | 14.1 | Yes |
| Operating System | juniper | junos | 14.1 | Yes |
| Operating System | juniper | junos | 14.1 | Yes |
| Operating System | juniper | junos | 14.1 | Yes |
| Operating System | juniper | junos | 14.2 | Yes |
| Operating System | juniper | junos | 14.2 | Yes |
| Hardware | juniper | mx10 | * | No |
| Hardware | juniper | mx104 | * | No |
| Hardware | juniper | mx2010 | * | No |
| Hardware | juniper | mx2020 | * | No |
| Hardware | juniper | mx240 | * | No |
| Hardware | juniper | mx40 | * | No |
| Hardware | juniper | mx480 | * | No |
| Hardware | juniper | mx80 | * | No |
| Hardware | juniper | mx960 | * | No |
| Operating System | juniper | vmx | * | No |