CVE-2014-6380 (GCVE-0-2014-6380)
Vulnerability from cvelistv5
Published
2014-10-14 14:00
Modified
2024-08-06 12:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Juniper Junos 11.4 before R11, 12.1 before R9, 12.1X44 before D30, 12.1X45 before D20, 12.1X46 before D15, 12.1X47 before D10, 12.2 before R8, 12.2X50 before D70, 12.3 before R6, 13.1 before R4, 13.1X49 before D55, 13.1X50 before D30, 13.2 before R4, 13.2X50 before D20, 13.2X51 before D15, 13.2X52 before D15, 13.3 before R1, when using an em interface to connect to a certain internal network, allows remote attackers to cause a denial of service (em driver bock and FPC reset or "go offline") via a series of crafted (1) CLNP fragmented packets, when clns-routing or ESIS is configured, or (2) IPv4 or (3) IPv6 fragmented packets.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:17:22.286Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10655"
},
{
"name": "70369",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/70369"
},
{
"name": "1031011",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031011"
},
{
"name": "juniper-junos-cve20146380-dos(96904)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96904"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-10-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Juniper Junos 11.4 before R11, 12.1 before R9, 12.1X44 before D30, 12.1X45 before D20, 12.1X46 before D15, 12.1X47 before D10, 12.2 before R8, 12.2X50 before D70, 12.3 before R6, 13.1 before R4, 13.1X49 before D55, 13.1X50 before D30, 13.2 before R4, 13.2X50 before D20, 13.2X51 before D15, 13.2X52 before D15, 13.3 before R1, when using an em interface to connect to a certain internal network, allows remote attackers to cause a denial of service (em driver bock and FPC reset or \"go offline\") via a series of crafted (1) CLNP fragmented packets, when clns-routing or ESIS is configured, or (2) IPv4 or (3) IPv6 fragmented packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-07T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10655"
},
{
"name": "70369",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/70369"
},
{
"name": "1031011",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031011"
},
{
"name": "juniper-junos-cve20146380-dos(96904)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96904"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-6380",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Juniper Junos 11.4 before R11, 12.1 before R9, 12.1X44 before D30, 12.1X45 before D20, 12.1X46 before D15, 12.1X47 before D10, 12.2 before R8, 12.2X50 before D70, 12.3 before R6, 13.1 before R4, 13.1X49 before D55, 13.1X50 before D30, 13.2 before R4, 13.2X50 before D20, 13.2X51 before D15, 13.2X52 before D15, 13.3 before R1, when using an em interface to connect to a certain internal network, allows remote attackers to cause a denial of service (em driver bock and FPC reset or \"go offline\") via a series of crafted (1) CLNP fragmented packets, when clns-routing or ESIS is configured, or (2) IPv4 or (3) IPv6 fragmented packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10655",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10655"
},
{
"name": "70369",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70369"
},
{
"name": "1031011",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031011"
},
{
"name": "juniper-junos-cve20146380-dos(96904)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96904"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-6380",
"datePublished": "2014-10-14T14:00:00",
"dateReserved": "2014-09-11T00:00:00",
"dateUpdated": "2024-08-06T12:17:22.286Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2014-6380\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2014-10-14T14:55:06.460\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Juniper Junos 11.4 before R11, 12.1 before R9, 12.1X44 before D30, 12.1X45 before D20, 12.1X46 before D15, 12.1X47 before D10, 12.2 before R8, 12.2X50 before D70, 12.3 before R6, 13.1 before R4, 13.1X49 before D55, 13.1X50 before D30, 13.2 before R4, 13.2X50 before D20, 13.2X51 before D15, 13.2X52 before D15, 13.3 before R1, when using an em interface to connect to a certain internal network, allows remote attackers to cause a denial of service (em driver bock and FPC reset or \\\"go offline\\\") via a series of crafted (1) CLNP fragmented packets, when clns-routing or ESIS is configured, or (2) IPv4 or (3) IPv6 fragmented packets.\"},{\"lang\":\"es\",\"value\":\"Juniper Junos 11.4 anterior a R11, 12.1 anterior a R9, 12.1X44 anterior a D30, 12.1X45 anterior a D20, 12.1X46 anterior a D15, 12.1X47 anterior a D10, 12.2 anterior a R8, 12.2X50 anterior a D70, 12.3 anterior a R6, 13.1 anterior a R4, 13.1X49 anterior a D55, 13.1X50 anterior a D30, 13.2 anterior a R4, 13.2X50 anterior a D20, 13.2X51 anterior a D15, 13.2X52 anterior a D15, 13.3 anterior a R1, cuando utiliza una interfaz em para conectar con cierta red interna, permite a atacantes remotos causar una denegaci\u00f3n de servicio (reconfiguraci\u00f3n del controlador em bock y FPC o \u0027salir fuera de l\u00ednea\u0027) a trav\u00e9s de una serie de (1) paquetes fragmentados CLNP manipulados, cuando clns-routing o ESIS est\u00e1 configurado, o (2) paquetes fragmentados IPv4 o (3) paquetes fragmentados IPv6.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:11.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41543223-0FA9-4CBE-8DEC-717CE5FFED79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B40B8FD6-A597-4845-8E8E-63EFDF606006\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1r:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ECE31A7E-657C-49FC-B3F8-5654B0C6087E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x44:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B307477-C5F2-4D98-AF4C-640D326164C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x45:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E747970-4C27-4B46-9163-964252CB98F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x46:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFB89F64-16BB-4A14-9084-B338668D7FF1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x47:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0BB3DE56-1B04-4A53-B4A4-93286FC98463\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5FB9541A-2570-459A-87D6-5341C67B8EC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.2x50:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0684A88-6BBE-4F7E-A79A-AF8244241E8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E014A0D-0054-4EBA-BA1F-035B74BD822F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71FB12AC-DB5A-444A-81E0-C0DDD06810EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.1x49:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C71D3BA8-DA7D-46EF-8E2C-63DD630B7A48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.1x50:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"016DCFD8-9E72-4857-AE98-42F7BB581903\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CAB7D840-9469-4CE2-8DBF-017A44741374\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.2x50:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14ED6898-86EC-484F-9ACB-0485B0DECDC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.2x51:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B73BE56-F298-4EC5-88A3-D9808B89B63B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.2x52:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E69CA1E9-4416-4DEC-BF97-C22C615385BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:13.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4AF5DAA-62F5-491F-A9CE-098970671D43\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/70369\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id/1031011\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/96904\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10655\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/70369\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1031011\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/96904\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10655\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…