fkie_cve-2014-0613
Vulnerability from fkie_nvd
Published
2014-01-15 16:08
Modified
2025-04-11 00:51
Severity ?
Summary
The XNM command processor in Juniper Junos 10.4 before 10.4R16, 11.4 before 11.4R10, 12.1R before 12.1R8-S2, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, 12.1X46 before 12.1X46-D10, 12.2 before 12.2R7, 12.3 before 12.3R5, 13.1 before 13.1R3-S1, 13.2 before 13.2R2-S2, and 13.3 before 13.3R1, when xnm-ssl or xnm-clear-text is enabled, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
References
cve@mitre.orghttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA10607Vendor Advisory
cve@mitre.orghttp://osvdb.org/101861
cve@mitre.orghttp://www.securitytracker.com/id/1029586
af854a3a-2127-422b-91ae-364da2661108http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10607Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/101861
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1029586
Impacted products
Vendor Product Version
juniper junos 10.4
juniper junos 11.4
juniper junos 12.1r
juniper junos 12.1x44
juniper junos 12.1x45
juniper junos 12.1x46
juniper junos 12.2
juniper junos 12.3
juniper junos 13.1
juniper junos 13.2
juniper junos 13.3


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:10.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "45C2DA1E-12A7-4018-92CE-7621FC278025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:11.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "41543223-0FA9-4CBE-8DEC-717CE5FFED79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1r:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECE31A7E-657C-49FC-B3F8-5654B0C6087E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x44:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B307477-C5F2-4D98-AF4C-640D326164C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x45:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E747970-4C27-4B46-9163-964252CB98F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x46:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFB89F64-16BB-4A14-9084-B338668D7FF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FB9541A-2570-459A-87D6-5341C67B8EC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E014A0D-0054-4EBA-BA1F-035B74BD822F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:13.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "71FB12AC-DB5A-444A-81E0-C0DDD06810EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:13.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAB7D840-9469-4CE2-8DBF-017A44741374",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:13.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4AF5DAA-62F5-491F-A9CE-098970671D43",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The XNM command processor in Juniper Junos 10.4 before 10.4R16, 11.4 before 11.4R10, 12.1R before 12.1R8-S2, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, 12.1X46 before 12.1X46-D10, 12.2 before 12.2R7, 12.3 before 12.3R5, 13.1 before 13.1R3-S1, 13.2 before 13.2R2-S2, and 13.3 before 13.3R1, when xnm-ssl or xnm-clear-text is enabled, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "El procesador de comandos XNM en Juniper Junos 10.4 anteriores a 10.4R16, 11.4 anteriores a 11.4R10, 12.1R anteriores a 12.1R8-S2, 12.X44 anteriores a 12.1X44-D30, 12.1X45 anteriores a 12.X45-D20, 12.1X46 anteriores a 12.1X46-D10, 12.2 anteriores a 12.2R7, 12.3 anteriores a 12.3R5, 13.1 anteriores a 13.1R3-S1, 13.2 anteriores a 13.2R2-S2, y 13.3 anteriores a 13.3R1, cuando xnml-ssl o xnm-clear-text est\u00e1 activo, permite a atacantes remotos causar denegaci\u00f3n de servicio (consumo de memoria) a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2014-0613",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-01-15T16:08:04.157",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10607"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/101861"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1029586"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/101861"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1029586"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.