Sign-up

ID

VAR-201410-0931


CVE

CVE-2014-6380


TITLE

Juniper Junos Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2014-004860

DESCRIPTION

Juniper Junos 11.4 before R11, 12.1 before R9, 12.1X44 before D30, 12.1X45 before D20, 12.1X46 before D15, 12.1X47 before D10, 12.2 before R8, 12.2X50 before D70, 12.3 before R6, 13.1 before R4, 13.1X49 before D55, 13.1X50 before D30, 13.2 before R4, 13.2X50 before D20, 13.2X51 before D15, 13.2X52 before D15, 13.3 before R1, when using an em interface to connect to a certain internal network, allows remote attackers to cause a denial of service (em driver bock and FPC reset or "go offline") via a series of crafted (1) CLNP fragmented packets, when clns-routing or ESIS is configured, or (2) IPv4 or (3) IPv6 fragmented packets. Juniper Junos is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause an affected device to crash, denying service to legitimate users. Juniper Junos is a set of network operating system of Juniper Networks (Juniper Networks) dedicated to the company's hardware system. The operating system provides a secure programming interface and Junos SDK. The following versions are affected: Juniper Junos 11.4 before R11, 12.1 before R9, 12.1X44 before D30, 12.1X45 before D20, 12.1X46 before D15, 12.1X47 before D10, 12.2 before R8, 12.2X50 before D70 Version, 12.3 before R6, 13.1 before R4, 13.1X49 before D55, 13.1X50 before D30, 13.2 before R4, 13.2X50 before D20, 13.2X51 before D15, 13.2X52 before D15, 13.3 before R1 Version

Trust: 1.98

sources: NVD: CVE-2014-6380 // JVNDB: JVNDB-2014-004860 // BID: 70369 // VULHUB: VHN-74324

AFFECTED PRODUCTS

vendor:junipermodel:junosscope:eqversion:12.1x47

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:12.1

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:11.4

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:13.2x52

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:13.3

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:13.2x51

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:12.1x44

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:12.1x46

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:12.1x45

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:12.1r

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:13.1x49

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:12.2

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:12.2x50

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:13.2x50

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:13.1x50

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:12.3

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:13.1

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:13.2

Trust: 1.0

vendor:junipermodel:junos osscope:eqversion:13.2x52-d15

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:12.2r8

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:12.2x50-d70

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:12.1x44

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:12.1x44-d30

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:13.1x49

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:13.1x50-d30

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:11.4

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:12.3

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:13.3r1

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:13.3

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:13.2

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:12.1x45-d20

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:13.1

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:12.1r9

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:12.1x45

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:13.2x50

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:13.1x49-d55

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:13.1x50

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:12.1x46

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:12.2

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:13.2x52

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:12.1x47

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:12.1x47-d10

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:11.4r11

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:12.2x50

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:13.1r4

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:13.2x51-d15

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:12.1x46-d15

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:12.3r6

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:13.2x51

Trust: 0.8

vendor:junipermodel:junos osscope:ltversion:12.1

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:13.2r4

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:13.2x50-d20

Trust: 0.8

sources: JVNDB: JVNDB-2014-004860 // CNNVD: CNNVD-201410-263 // NVD: CVE-2014-6380

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-6380
value: HIGH

Trust: 1.0

NVD: CVE-2014-6380
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201410-263
value: HIGH

Trust: 0.6

VULHUB: VHN-74324
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2014-6380
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-74324
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-74324 // JVNDB: JVNDB-2014-004860 // CNNVD: CNNVD-201410-263 // NVD: CVE-2014-6380

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:CWE-Other

Trust: 0.8

sources: JVNDB: JVNDB-2014-004860 // NVD: CVE-2014-6380

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201410-263

TYPE

Failure to Handle Exceptional Conditions

Trust: 0.3

sources: BID: 70369

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2014-004860

PATCH
title:JSA10655url:https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10655
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2014-004860

EXTERNAL IDS
db:NVDid:CVE-2014-6380
Trust: 2.8
db:JUNIPERid:JSA10655
Trust: 2.0
db:BIDid:70369
Trust: 1.4
db:SECTRACKid:1031011
Trust: 1.1
db:JVNDBid:JVNDB-2014-004860
Trust: 0.8
db:CNNVDid:CNNVD-201410-263
Trust: 0.6
db:VULHUBid:VHN-74324
Trust: 0.1
sources:
            
            
            VULHUB: VHN-74324 // 
            
            
            
            BID: 70369 // 
            
            
            
            JVNDB: JVNDB-2014-004860 // 
            
            
            
            CNNVD: CNNVD-201410-263 // 
            
            
            
            NVD: CVE-2014-6380

REFERENCES
url:https://kb.juniper.net/infocenter/index?page=content&id=jsa10655
Trust: 1.6
url:http://www.securityfocus.com/bid/70369
Trust: 1.1
url:http://www.securitytracker.com/id/1031011
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/96904
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-6380
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-6380
Trust: 0.8
url:http://www.juniper.net/
Trust: 0.3
url:http://kb.juniper.net/infocenter/index?page=content&id=jsa10655&cat=sirt_1&actp=list
Trust: 0.3
url:https://kb.juniper.net/infocenter/index?page=content&id=jsa10655
Trust: 0.1
sources:
            
            
            VULHUB: VHN-74324 // 
            
            
            
            BID: 70369 // 
            
            
            
            JVNDB: JVNDB-2014-004860 // 
            
            
            
            CNNVD: CNNVD-201410-263 // 
            
            
            
            NVD: CVE-2014-6380

CREDITS
The vendor reported this issue.
Trust: 0.3
sources:
            
            
            BID: 70369

SOURCES
db:VULHUBid:VHN-74324
db:BIDid:70369
db:JVNDBid:JVNDB-2014-004860
db:CNNVDid:CNNVD-201410-263
db:NVDid:CVE-2014-6380

LAST UPDATE DATE
2025-04-13T23:25:21.871000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-74324date:2017-09-08T00:00:00
db:BIDid:70369date:2014-10-09T00:00:00
db:JVNDBid:JVNDB-2014-004860date:2014-10-21T00:00:00
db:CNNVDid:CNNVD-201410-263date:2014-10-16T00:00:00
db:NVDid:CVE-2014-6380date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:VULHUBid:VHN-74324date:2014-10-14T00:00:00
db:BIDid:70369date:2014-10-09T00:00:00
db:JVNDBid:JVNDB-2014-004860date:2014-10-21T00:00:00
db:CNNVDid:CNNVD-201410-263date:2014-10-15T00:00:00
db:NVDid:CVE-2014-6380date:2014-10-14T14:55:06.460