CVE-2014-6447

Name of the Vulnerable Software and Affected Versions Juniper Junos OS versions 12.1X44 through 12.1X44-D45 Juniper Junos OS versions 12.1X46 through 12.1X46-D30 Juniper Junos OS versions 12.1X47 through 12.1X47-D20 Juniper Junos OS versions 12.3 through 12.3R8 Juniper Junos OS versions 12.3X48 through 12.3X48-D10 Juniper Junos OS versions 13.1 through 13.1R5 Juniper Junos OS versions 13.2 through 13.2R6 Juniper Junos OS versions 13.3 through 13.3R4 Juniper Junos OS versions 14.1 through 14.1R3 Juniper Junos OS versions 14.1X53 through 14.1X53-D10 Juniper Junos OS versions 14.2 through 14.2R1 Juniper Junos OS versions 15.1 through 15.1R1

Description Multiple vulnerabilities exist in Juniper Junos J-Web error handling that may lead to cross site scripting (XSS) issues or crash the J-Web service, resulting in a denial of service (DoS).

Recommendations For Juniper Junos OS versions 12.1X44 through 12.1X44-D45, update to version 12.1X44-D45 or later. For Juniper Junos OS versions 12.1X46 through 12.1X46-D30, update to version 12.1X46-D30 or later. For Juniper Junos OS versions 12.1X47 through 12.1X47-D20, update to version 12.1X47-D20 or later. For Juniper Junos OS versions 12.3 through 12.3R8, update to version 12.3R8 or later. For Juniper Junos OS versions 12.3X48 through 12.3X48-D10, update to version 12.3X48-D10 or later. For Juniper Junos OS versions 13.1 through 13.1R5, update to version 13.1R5 or later. For Juniper Junos OS versions 13.2 through 13.2R6, update to version 13.2R6 or later. For Juniper Junos OS versions 13.3 through 13.3R4, update to version 13.3R4 or later. For Juniper Junos OS versions 14.1 through 14.1R3, update to version 14.1R3 or later. For Juniper Junos OS versions 14.1X53 through 14.1X53-D10, update to version 14.1X53-D10 or later. For Juniper Junos OS versions 14.2 through 14.2R1, update to version 14.2R1 or later. For Juniper Junos OS versions 15.1 through 15.1R1, update to version 15.1R1 or later.