CVE-2015-5363

The SRX Network Security Daemon (nsd) in Juniper SRX Series services gateways with Junos 12.1X44 before 12.1X44-D50, 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, and 12.3X48 before 12.3X48-D15 allows remote DNS servers to cause a denial of service (crash) via a crafted DNS response.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10692	Vendor Advisory
http://www.securitytracker.com/id/1032848
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10692	Vendor Advisory
http://www.securitytracker.com/id/1032848

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:o:juniper:junos:12.1x44:::::::*
	cpe:2.3:o:juniper:junos:12.1x44:d10::::::
	cpe:2.3:o:juniper:junos:12.1x44:d15::::::
	cpe:2.3:o:juniper:junos:12.1x44:d20::::::
	cpe:2.3:o:juniper:junos:12.1x44:d25::::::
	cpe:2.3:o:juniper:junos:12.1x44:d30::::::
	cpe:2.3:o:juniper:junos:12.1x44:d35::::::
	cpe:2.3:o:juniper:junos:12.1x44:d40::::::
	cpe:2.3:o:juniper:junos:12.1x44:d45::::::
	cpe:2.3:o:juniper:junos:12.1x46:::::::*
	cpe:2.3:o:juniper:junos:12.1x46:d10::::::
	cpe:2.3:o:juniper:junos:12.1x46:d15::::::
	cpe:2.3:o:juniper:junos:12.1x46:d20::::::
	cpe:2.3:o:juniper:junos:12.1x46:d25::::::
	cpe:2.3:o:juniper:junos:12.1x46:d30::::::
	cpe:2.3:o:juniper:junos:12.1x47:::::::*
	cpe:2.3:o:juniper:junos:12.1x47:d10::::::
	cpe:2.3:o:juniper:junos:12.1x47:d15::::::
	cpe:2.3:o:juniper:junos:12.1x47:d20::::::
	cpe:2.3:o:juniper:junos:12.3x48:::::::*
	cpe:2.3:o:juniper:junos:12.3x48:d10::::::
	cpe:2.3:o:juniper:junos:12.3x48:d5::::::

OR	cpe:2.3:h:juniper:srx100:-:::::::*
	cpe:2.3:h:juniper:srx110:-:::::::*
	cpe:2.3:h:juniper:srx1400:-:::::::*
	cpe:2.3:h:juniper:srx210:-:::::::*
	cpe:2.3:h:juniper:srx220:-:::::::*
	cpe:2.3:h:juniper:srx240:-:::::::*
	cpe:2.3:h:juniper:srx3400:-:::::::*
	cpe:2.3:h:juniper:srx3600:-:::::::*
	cpe:2.3:h:juniper:srx5400:-:::::::*
	cpe:2.3:h:juniper:srx550:-:::::::*
	cpe:2.3:h:juniper:srx5600:-:::::::*
	cpe:2.3:h:juniper:srx5800:-:::::::*
	cpe:2.3:h:juniper:srx650:-:::::::*

History

21 Nov 2024, 02:32

Type	Values Removed	Values Added
References	~~() http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10692 - Vendor Advisory~~	() http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10692 - Vendor Advisory
References	~~() http://www.securitytracker.com/id/1032848 -~~	() http://www.securitytracker.com/id/1032848 -

Information

Published : 2015-07-16 14:59

Updated : 2024-11-21 02:32

NVD link : CVE-2015-5363

Mitre link : CVE-2015-5363

CVE.ORG link : CVE-2015-5363

JSON object : View

Products Affected

juniper

srx100
srx1400
srx220
srx3400
srx110
srx3600
srx240
srx650
srx210
junos
srx5600
srx5800
srx5400
srx550

CWE

CWE-19

Data Processing Errors

5.0 /10