CVE-2014-3825

The Juniper SRX Series devices with Junos 11.4 before 11.4R12-S4, 12.1X44 before 12.1X44-D40, 12.1X45 before 12.1X45-D30, 12.1X46 before 12.1X46-D25, and 12.1X47 before 12.1X47-D10, when an Application Layer Gateway (ALG) is enabled, allows remote attackers to cause a denial of service (flowd crash) via a crafted packet.

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.securitytracker.com/id/1031007
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10650	Vendor Advisory
http://www.securitytracker.com/id/1031007
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10650	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:o:juniper:junos:11.4:::::::*
	cpe:2.3:o:juniper:junos:12.1:::::::*
	cpe:2.3:o:juniper:junos:12.1x44:::::::*
	cpe:2.3:o:juniper:junos:12.1x45:::::::*
	cpe:2.3:o:juniper:junos:12.1x46:::::::*
	cpe:2.3:o:juniper:junos:12.1x47:::::::*

OR	cpe:2.3:h:juniper:srx100:-:::::::*
	cpe:2.3:h:juniper:srx110:-:::::::*
	cpe:2.3:h:juniper:srx1400:-:::::::*
	cpe:2.3:h:juniper:srx210:-:::::::*
	cpe:2.3:h:juniper:srx220:-:::::::*
	cpe:2.3:h:juniper:srx240:-:::::::*
	cpe:2.3:h:juniper:srx3400:-:::::::*
	cpe:2.3:h:juniper:srx3600:-:::::::*
	cpe:2.3:h:juniper:srx550:-:::::::*
	cpe:2.3:h:juniper:srx5600:-:::::::*
	cpe:2.3:h:juniper:srx5800:-:::::::*
	cpe:2.3:h:juniper:srx650:-:::::::*

History

21 Nov 2024, 02:08

Type	Values Removed	Values Added
References	~~() http://www.securitytracker.com/id/1031007 -~~	() http://www.securitytracker.com/id/1031007 -
References	~~() https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10650 - Vendor Advisory~~	() https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10650 - Vendor Advisory

Information

Published : 2014-10-14 14:55

Updated : 2024-11-21 02:08

NVD link : CVE-2014-3825

Mitre link : CVE-2014-3825

CVE.ORG link : CVE-2014-3825

JSON object : View

Products Affected

juniper

srx100
srx1400
srx220
srx3400
srx110
srx3600
srx240
srx650
srx210
junos
srx5600
srx5800
srx550

CWE

CWE-20

Improper Input Validation

{"id": "CVE-2014-3825", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-10-14T14:55:05.070", "references": [{"url": "http://www.securitytracker.com/id/1031007", "source": "cve@mitre.org"}, {"url": "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10650", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id/1031007", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10650", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "The Juniper SRX Series devices with Junos 11.4 before 11.4R12-S4, 12.1X44 before 12.1X44-D40, 12.1X45 before 12.1X45-D30, 12.1X46 before 12.1X46-D25, and 12.1X47 before 12.1X47-D10, when an Application Layer Gateway (ALG) is enabled, allows remote attackers to cause a denial of service (flowd crash) via a crafted packet."}, {"lang": "es", "value": "Los dispositivos de la serie Juniper SRX con Junos 11.4 anterior a 11.4R12-S4, 12.1X44 anterior a 12.1X44-D40, 12.1X45 anterior a 12.1X45-D30, 12.1X46 anterior a 12.1X46-D25, y 12.1X47 anterior a 12.1X47-D10, cuando un m\u00f3dulo Application Layer Gateway (ALG) est\u00e1 habilitado, permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda de flowd) a trav\u00e9s de un paquete manipulado."}], "lastModified": "2024-11-21T02:08:55.970", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:11.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "41543223-0FA9-4CBE-8DEC-717CE5FFED79"}, {"criteria": "cpe:2.3:o:juniper:junos:12.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B40B8FD6-A597-4845-8E8E-63EFDF606006"}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x44:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1B307477-C5F2-4D98-AF4C-640D326164C7"}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x45:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8E747970-4C27-4B46-9163-964252CB98F6"}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x46:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CFB89F64-16BB-4A14-9084-B338668D7FF1"}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x47:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0BB3DE56-1B04-4A53-B4A4-93286FC98463"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC"}, {"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317"}, {"criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30"}, {"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED"}, {"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321"}, {"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2"}, {"criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D"}, {"criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC"}, {"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801"}, {"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710"}, {"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B"}, {"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}