Sign-up

ID

VAR-201412-0213


CVE

CVE-2014-6381


TITLE

Juniper WLC Device WLAN Software Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2014-007221

DESCRIPTION

Juniper WLC devices with WLAN Software releases 8.0.x before 8.0.4, 9.0.x before 9.0.2.11, 9.0.3.x before 9.0.3.5, and 9.1.x before 9.1.1, when "Proxy ARP" or "No Broadcast" features are enabled in a clustered setup, allows remote attackers to cause a denial of service (device disconnect) via unspecified vectors. The Juniper WLC Series is a wireless LAN controller. Juniper WLC Series Devices are prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause an affected device to crash, denying service to legitimate users. The following releases are affected: Juniper WLC devices using releases 8.0, 9.0, and 9.1 of the WLAN software

Trust: 2.52

sources: NVD: CVE-2014-6381 // JVNDB: JVNDB-2014-007221 // CNVD: CNVD-2014-08956 // BID: 71612 // VULHUB: VHN-74325

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2014-08956

AFFECTED PRODUCTS

vendor:junipermodel:smartpassscope:eqversion:9.0

Trust: 1.6

vendor:junipermodel:mobile system softwarescope:eqversion:8.0.3.6

Trust: 1.6

vendor:junipermodel:ringmasterscope:eqversion:9.0.2.1

Trust: 1.6

vendor:junipermodel:ringmasterscope:eqversion:9.1

Trust: 1.6

vendor:junipermodel:ringmasterscope:eqversion:8.0.2.1

Trust: 1.6

vendor:junipermodel:ringmasterscope:eqversion:8.0.3.2

Trust: 1.6

vendor:junipermodel:ringmasterscope:eqversion:8.0

Trust: 1.6

vendor:junipermodel:smartpassscope:eqversion:9.1

Trust: 1.6

vendor:junipermodel:mobile system softwarescope:eqversion:8.0.2.2

Trust: 1.6

vendor:junipermodel:ringmasterscope:eqversion:9.0

Trust: 1.6

vendor:junipermodel:mobile system softwarescope:eqversion:9.0

Trust: 1.0

vendor:junipermodel:mobile system softwarescope:eqversion:9.1

Trust: 1.0

vendor:junipermodel:mobile system softwarescope:eqversion:9.0.2.5

Trust: 1.0

vendor:junipermodel:smartpassscope:eqversion:8.0.2.1

Trust: 1.0

vendor:junipermodel:smartpassscope:eqversion:8.0.3.1

Trust: 1.0

vendor:junipermodel:mobile system softwarescope:eqversion:8.0

Trust: 1.0

vendor:junipermodel:smartpassscope:eqversion:8.0

Trust: 1.0

vendor:junipermodel:smartpassscope:eqversion:9.1.1

Trust: 0.8

vendor:junipermodel:ringmaster softwarescope:eqversion:9.0.2.11

Trust: 0.8

vendor:junipermodel:mobile system softwarescope:eqversion:9.0.3.5

Trust: 0.8

vendor:junipermodel:mobile system softwarescope:ltversion:9.1.x

Trust: 0.8

vendor:junipermodel:ringmaster softwarescope:ltversion:9.0.x

Trust: 0.8

vendor:junipermodel:smartpassscope:eqversion:9.0.2.11

Trust: 0.8

vendor:junipermodel:smartpassscope:ltversion:9.0.3.x

Trust: 0.8

vendor:junipermodel:smartpassscope:ltversion:9.0.x

Trust: 0.8

vendor:junipermodel:ringmaster softwarescope:ltversion:9.0.3.x

Trust: 0.8

vendor:junipermodel:mobile system softwarescope:eqversion:9.1.1

Trust: 0.8

vendor:junipermodel:smartpassscope:ltversion:8.0.x

Trust: 0.8

vendor:junipermodel:ringmaster softwarescope:ltversion:8.0.x

Trust: 0.8

vendor:junipermodel:mobile system softwarescope:eqversion:9.0.2.11

Trust: 0.8

vendor:junipermodel:ringmaster softwarescope:eqversion:8.0.4

Trust: 0.8

vendor:junipermodel:ringmaster softwarescope:ltversion:9.1.x

Trust: 0.8

vendor:junipermodel:smartpassscope:ltversion:9.1.x

Trust: 0.8

vendor:junipermodel:smartpassscope:eqversion:8.0.4

Trust: 0.8

vendor:junipermodel:mobile system softwarescope:ltversion:9.0.x

Trust: 0.8

vendor:junipermodel:ringmaster softwarescope:eqversion:9.0.3.5

Trust: 0.8

vendor:junipermodel:mobile system softwarescope:ltversion:9.0.3.x

Trust: 0.8

vendor:junipermodel:smartpassscope:eqversion:9.0.3.5

Trust: 0.8

vendor:junipermodel:ringmaster softwarescope:eqversion:9.1.1

Trust: 0.8

vendor:junipermodel:mobile system softwarescope:ltversion:8.0.x

Trust: 0.8

vendor:junipermodel:mobile system softwarescope:eqversion:8.0.4

Trust: 0.8

vendor:junipermodel:wlc seriesscope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2014-08956 // JVNDB: JVNDB-2014-007221 // CNNVD: CNNVD-201412-311 // NVD: CVE-2014-6381

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-6381
value: LOW

Trust: 1.0

NVD: CVE-2014-6381
value: LOW

Trust: 0.8

CNVD: CNVD-2014-08956
value: LOW

Trust: 0.6

CNNVD: CNNVD-201412-311
value: LOW

Trust: 0.6

VULHUB: VHN-74325
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2014-6381
severity: LOW
baseScore: 2.9
vectorString: AV:A/AC:M/AU:N/C:N/I:N/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 5.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2014-08956
severity: LOW
baseScore: 2.9
vectorString: AV:A/AC:M/AU:N/C:N/I:N/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 5.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-74325
severity: LOW
baseScore: 2.9
vectorString: AV:A/AC:M/AU:N/C:N/I:N/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 5.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CNVD: CNVD-2014-08956 // VULHUB: VHN-74325 // JVNDB: JVNDB-2014-007221 // CNNVD: CNNVD-201412-311 // NVD: CVE-2014-6381

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-74325 // JVNDB: JVNDB-2014-007221 // NVD: CVE-2014-6381

THREAT TYPE

specific network environment

Trust: 0.6

sources: CNNVD: CNNVD-201412-311

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201412-311

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2014-007221

PATCH
title:JSA10662url:https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10662
Trust: 0.8
title:Juniper WLC Series Devices Patch for Denial of Service Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/52902
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2014-08956 // 
            
            
            
            JVNDB: JVNDB-2014-007221

EXTERNAL IDS
db:NVDid:CVE-2014-6381
Trust: 3.4
db:BIDid:71612
Trust: 2.6
db:JUNIPERid:JSA10662
Trust: 2.3
db:SECTRACKid:1031360
Trust: 1.7
db:JVNDBid:JVNDB-2014-007221
Trust: 0.8
db:CNNVDid:CNNVD-201412-311
Trust: 0.7
db:CNVDid:CNVD-2014-08956
Trust: 0.6
db:VULHUBid:VHN-74325
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2014-08956 // 
            
            
            
            VULHUB: VHN-74325 // 
            
            
            
            BID: 71612 // 
            
            
            
            JVNDB: JVNDB-2014-007221 // 
            
            
            
            CNNVD: CNNVD-201412-311 // 
            
            
            
            NVD: CVE-2014-6381

REFERENCES
url:https://kb.juniper.net/infocenter/index?page=content&id=jsa10662
Trust: 2.2
url:http://www.securityfocus.com/bid/71612
Trust: 1.7
url:http://www.securitytracker.com/id/1031360
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-6381
Trust: 0.8
url:https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-6381
Trust: 0.8
url:https://kb.juniper.net/infocenter/index?page=content&id=jsa10662
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2014-08956 // 
            
            
            
            VULHUB: VHN-74325 // 
            
            
            
            JVNDB: JVNDB-2014-007221 // 
            
            
            
            CNNVD: CNNVD-201412-311 // 
            
            
            
            NVD: CVE-2014-6381

CREDITS
The vendor reported this issue.
Trust: 0.3
sources:
            
            
            BID: 71612

SOURCES
db:CNVDid:CNVD-2014-08956
db:VULHUBid:VHN-74325
db:BIDid:71612
db:JVNDBid:JVNDB-2014-007221
db:CNNVDid:CNNVD-201412-311
db:NVDid:CVE-2014-6381

LAST UPDATE DATE
2025-04-13T23:36:30.138000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2014-08956date:2014-12-17T00:00:00
db:VULHUBid:VHN-74325date:2014-12-16T00:00:00
db:BIDid:71612date:2014-12-11T00:00:00
db:JVNDBid:JVNDB-2014-007221date:2014-12-17T00:00:00
db:CNNVDid:CNNVD-201412-311date:2014-12-15T00:00:00
db:NVDid:CVE-2014-6381date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:CNVDid:CNVD-2014-08956date:2014-12-17T00:00:00
db:VULHUBid:VHN-74325date:2014-12-12T00:00:00
db:BIDid:71612date:2014-12-11T00:00:00
db:JVNDBid:JVNDB-2014-007221date:2014-12-17T00:00:00
db:CNNVDid:CNNVD-201412-311date:2014-12-12T00:00:00
db:NVDid:CVE-2014-6381date:2014-12-12T15:59:03.057