PT-2014-5524 · Juniper Networks · Junos

Published

2014-07-11

Updated

2014-08-01

CVE-2014-3817

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Juniper Junos versions 11.4 before 11.4R12 Juniper Junos versions 12.1X44 before 12.1X44-D32 Juniper Junos versions 12.1X45 before 12.1X45-D25 Juniper Junos versions 12.1X46 before 12.1X46-D20 Juniper Junos versions 12.1X47 before 12.1X47-D10

Description The issue allows remote attackers to cause a denial of service, resulting in a flowd hang or crash, via a crafted packet when NAT protocol translation from IPv4 to IPv6 is enabled on SRX Series devices.

Recommendations For Juniper Junos version 11.4, update to 11.4R12 or later. For Juniper Junos version 12.1X44, update to 12.1X44-D32 or later. For Juniper Junos version 12.1X45, update to 12.1X45-D25 or later. For Juniper Junos version 12.1X46, update to 12.1X46-D20 or later. For Juniper Junos version 12.1X47, update to 12.1X47-D10 or later.

Fix

DoS

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2014-3817

Affected Products

Junos

PT-2014-5524 · Juniper Networks · Junos

CVE-2014-3817

Weakness Enumeration

Related Identifiers

Affected Products

References · 5