PT-2014-3714 · Juniper Networks · Junos

Published

2014-01-11

Updated

2017-08-29

CVE-2014-0618

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Juniper Junos versions prior to 10.4R16 Juniper Junos versions prior to 11.4R8 Juniper Junos versions prior to 12.1R7 Juniper Junos versions prior to 12.1X44-D20 Juniper Junos versions prior to 12.1X45-D10

Description The issue allows remote attackers to cause a denial of service via a crafted HTTP message when the Juniper Junos is used as a UAC enforcer and captive portal is enabled, resulting in a flowd crash.

Recommendations For versions prior to 10.4R16, update to 10.4R16 or later. For versions prior to 11.4R8, update to 11.4R8 or later. For versions prior to 12.1R7, update to 12.1R7 or later. For versions prior to 12.1X44-D20, update to 12.1X44-D20 or later. For versions prior to 12.1X45-D10, update to 12.1X45-D10 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2014-0618

Affected Products

Junos

PT-2014-3714 · Juniper Networks · Junos

CVE-2014-0618

Related Identifiers

Affected Products

References · 6