cvelistv5 - cve-2014-3825

CVE-2014-3825 (GCVE-0-2014-3825)

Vulnerability from cvelistv5 – Published: 2014-10-14 14:00 – Updated: 2024-08-06 10:57

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://kb.juniper.net/InfoCenter/index?page=cont…	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1031007	vdb-entryx_refsource_SECTRACK

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T10:57:17.053Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10650"
          },
          {
            "name": "1031007",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1031007"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-10-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Juniper SRX Series devices with Junos 11.4 before 11.4R12-S4, 12.1X44 before 12.1X44-D40, 12.1X45 before 12.1X45-D30, 12.1X46 before 12.1X46-D25, and 12.1X47 before 12.1X47-D10, when an Application Layer Gateway (ALG) is enabled, allows remote attackers to cause a denial of service (flowd crash) via a crafted packet."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2014-10-27T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10650"
        },
        {
          "name": "1031007",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1031007"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-3825",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Juniper SRX Series devices with Junos 11.4 before 11.4R12-S4, 12.1X44 before 12.1X44-D40, 12.1X45 before 12.1X45-D30, 12.1X46 before 12.1X46-D25, and 12.1X47 before 12.1X47-D10, when an Application Layer Gateway (ALG) is enabled, allows remote attackers to cause a denial of service (flowd crash) via a crafted packet."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10650",
              "refsource": "CONFIRM",
              "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10650"
            },
            {
              "name": "1031007",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1031007"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-3825",
    "datePublished": "2014-10-14T14:00:00",
    "dateReserved": "2014-05-21T00:00:00",
    "dateUpdated": "2024-08-06T10:57:17.053Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:11.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"41543223-0FA9-4CBE-8DEC-717CE5FFED79\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B40B8FD6-A597-4845-8E8E-63EFDF606006\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.1x44:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1B307477-C5F2-4D98-AF4C-640D326164C7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.1x45:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8E747970-4C27-4B46-9163-964252CB98F6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.1x46:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CFB89F64-16BB-4A14-9084-B338668D7FF1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:12.1x47:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0BB3DE56-1B04-4A53-B4A4-93286FC98463\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"561C1113-3D59-4DD9-ADA7-3C9ECC4632EC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"927EAB8B-EC3B-4B12-85B9-5517EBA49A30\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD647C15-A686-4C8F-A766-BC29404C0FED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"45AB1622-1AED-4CD7-98F1-67779CDFC321\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"89276D88-3B8D-4168-A2CD-0920297485F2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"746C3882-2A5B-4215-B259-EB1FD60C513D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"62FC145A-D477-4C86-89E7-F70F52773801\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"68CA098D-CBE4-4E62-9EC0-43E1B6098710\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"66F474D4-79B6-4525-983C-9A9011BD958B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8AA424D4-4DBF-4E8C-96B8-E37741B5403E\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The Juniper SRX Series devices with Junos 11.4 before 11.4R12-S4, 12.1X44 before 12.1X44-D40, 12.1X45 before 12.1X45-D30, 12.1X46 before 12.1X46-D25, and 12.1X47 before 12.1X47-D10, when an Application Layer Gateway (ALG) is enabled, allows remote attackers to cause a denial of service (flowd crash) via a crafted packet.\"}, {\"lang\": \"es\", \"value\": \"Los dispositivos de la serie Juniper SRX con Junos 11.4 anterior a 11.4R12-S4, 12.1X44 anterior a 12.1X44-D40, 12.1X45 anterior a 12.1X45-D30, 12.1X46 anterior a 12.1X46-D25, y 12.1X47 anterior a 12.1X47-D10, cuando un m\\u00f3dulo Application Layer Gateway (ALG) est\\u00e1 habilitado, permite a atacantes remotos causar una denegaci\\u00f3n de servicio (ca\\u00edda de flowd) a trav\\u00e9s de un paquete manipulado.\"}]",
      "id": "CVE-2014-3825",
      "lastModified": "2024-11-21T02:08:55.970",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2014-10-14T14:55:05.070",
      "references": "[{\"url\": \"http://www.securitytracker.com/id/1031007\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10650\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securitytracker.com/id/1031007\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10650\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2014-3825\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2014-10-14T14:55:05.070\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Juniper SRX Series devices with Junos 11.4 before 11.4R12-S4, 12.1X44 before 12.1X44-D40, 12.1X45 before 12.1X45-D30, 12.1X46 before 12.1X46-D25, and 12.1X47 before 12.1X47-D10, when an Application Layer Gateway (ALG) is enabled, allows remote attackers to cause a denial of service (flowd crash) via a crafted packet.\"},{\"lang\":\"es\",\"value\":\"Los dispositivos de la serie Juniper SRX con Junos 11.4 anterior a 11.4R12-S4, 12.1X44 anterior a 12.1X44-D40, 12.1X45 anterior a 12.1X45-D30, 12.1X46 anterior a 12.1X46-D25, y 12.1X47 anterior a 12.1X47-D10, cuando un m\u00f3dulo Application Layer Gateway (ALG) est\u00e1 habilitado, permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda de flowd) a trav\u00e9s de un paquete manipulado.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:11.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41543223-0FA9-4CBE-8DEC-717CE5FFED79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B40B8FD6-A597-4845-8E8E-63EFDF606006\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x44:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B307477-C5F2-4D98-AF4C-640D326164C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x45:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E747970-4C27-4B46-9163-964252CB98F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x46:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFB89F64-16BB-4A14-9084-B338668D7FF1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x47:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0BB3DE56-1B04-4A53-B4A4-93286FC98463\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"561C1113-3D59-4DD9-ADA7-3C9ECC4632EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"927EAB8B-EC3B-4B12-85B9-5517EBA49A30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD647C15-A686-4C8F-A766-BC29404C0FED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45AB1622-1AED-4CD7-98F1-67779CDFC321\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"89276D88-3B8D-4168-A2CD-0920297485F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"746C3882-2A5B-4215-B259-EB1FD60C513D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62FC145A-D477-4C86-89E7-F70F52773801\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68CA098D-CBE4-4E62-9EC0-43E1B6098710\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66F474D4-79B6-4525-983C-9A9011BD958B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AA424D4-4DBF-4E8C-96B8-E37741B5403E\"}]}]}],\"references\":[{\"url\":\"http://www.securitytracker.com/id/1031007\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10650\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securitytracker.com/id/1031007\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10650\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

GHSA-9R63-C76G-W755

Vulnerability from github – Published: 2022-05-17 04:03 – Updated: 2022-05-17 04:03

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2014-3825"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2014-10-14T14:55:00Z",
    "severity": "MODERATE"
  },
  "details": "The Juniper SRX Series devices with Junos 11.4 before 11.4R12-S4, 12.1X44 before 12.1X44-D40, 12.1X45 before 12.1X45-D30, 12.1X46 before 12.1X46-D25, and 12.1X47 before 12.1X47-D10, when an Application Layer Gateway (ALG) is enabled, allows remote attackers to cause a denial of service (flowd crash) via a crafted packet.",
  "id": "GHSA-9r63-c76g-w755",
  "modified": "2022-05-17T04:03:04Z",
  "published": "2022-05-17T04:03:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3825"
    },
    {
      "type": "WEB",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10650"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1031007"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2014-3825

Vulnerability from fkie_nvd - Published: 2014-10-14 14:55 - Updated: 2025-04-12 10:46

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://www.securitytracker.com/id/1031007
cve@mitre.org	https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10650	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1031007
af854a3a-2127-422b-91ae-364da2661108	https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10650	Vendor Advisory

Impacted products

Vendor	Product	Version
juniper	junos	11.4
juniper	junos	12.1
juniper	junos	12.1x44
juniper	junos	12.1x45
juniper	junos	12.1x46
juniper	junos	12.1x47
juniper	srx100	-
juniper	srx110	-
juniper	srx1400	-
juniper	srx210	-
juniper	srx220	-
juniper	srx240	-
juniper	srx3400	-
juniper	srx3600	-
juniper	srx550	-
juniper	srx5600	-
juniper	srx5800	-
juniper	srx650	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:11.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "41543223-0FA9-4CBE-8DEC-717CE5FFED79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B40B8FD6-A597-4845-8E8E-63EFDF606006",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x44:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B307477-C5F2-4D98-AF4C-640D326164C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x45:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E747970-4C27-4B46-9163-964252CB98F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x46:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFB89F64-16BB-4A14-9084-B338668D7FF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.1x47:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BB3DE56-1B04-4A53-B4A4-93286FC98463",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Juniper SRX Series devices with Junos 11.4 before 11.4R12-S4, 12.1X44 before 12.1X44-D40, 12.1X45 before 12.1X45-D30, 12.1X46 before 12.1X46-D25, and 12.1X47 before 12.1X47-D10, when an Application Layer Gateway (ALG) is enabled, allows remote attackers to cause a denial of service (flowd crash) via a crafted packet."
    },
    {
      "lang": "es",
      "value": "Los dispositivos de la serie Juniper SRX con Junos 11.4 anterior a 11.4R12-S4, 12.1X44 anterior a 12.1X44-D40, 12.1X45 anterior a 12.1X45-D30, 12.1X46 anterior a 12.1X46-D25, y 12.1X47 anterior a 12.1X47-D10, cuando un m\u00f3dulo Application Layer Gateway (ALG) est\u00e1 habilitado, permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda de flowd) a trav\u00e9s de un paquete manipulado."
    }
  ],
  "id": "CVE-2014-3825",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-10-14T14:55:05.070",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1031007"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10650"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1031007"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10650"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2014-3825

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2014-3825

Aliases

CVE-2014-3825

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2014-3825",
    "description": "The Juniper SRX Series devices with Junos 11.4 before 11.4R12-S4, 12.1X44 before 12.1X44-D40, 12.1X45 before 12.1X45-D30, 12.1X46 before 12.1X46-D25, and 12.1X47 before 12.1X47-D10, when an Application Layer Gateway (ALG) is enabled, allows remote attackers to cause a denial of service (flowd crash) via a crafted packet.",
    "id": "GSD-2014-3825"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2014-3825"
      ],
      "details": "The Juniper SRX Series devices with Junos 11.4 before 11.4R12-S4, 12.1X44 before 12.1X44-D40, 12.1X45 before 12.1X45-D30, 12.1X46 before 12.1X46-D25, and 12.1X47 before 12.1X47-D10, when an Application Layer Gateway (ALG) is enabled, allows remote attackers to cause a denial of service (flowd crash) via a crafted packet.",
      "id": "GSD-2014-3825",
      "modified": "2023-12-13T01:22:53.403360Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2014-3825",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The Juniper SRX Series devices with Junos 11.4 before 11.4R12-S4, 12.1X44 before 12.1X44-D40, 12.1X45 before 12.1X45-D30, 12.1X46 before 12.1X46-D25, and 12.1X47 before 12.1X47-D10, when an Application Layer Gateway (ALG) is enabled, allows remote attackers to cause a denial of service (flowd crash) via a crafted packet."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10650",
            "refsource": "CONFIRM",
            "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10650"
          },
          {
            "name": "1031007",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1031007"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:12.1x47:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:12.1x44:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:12.1x45:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:12.1x46:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:12.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:11.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-3825"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The Juniper SRX Series devices with Junos 11.4 before 11.4R12-S4, 12.1X44 before 12.1X44-D40, 12.1X45 before 12.1X45-D30, 12.1X46 before 12.1X46-D25, and 12.1X47 before 12.1X47-D10, when an Application Layer Gateway (ALG) is enabled, allows remote attackers to cause a denial of service (flowd crash) via a crafted packet."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10650",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10650"
            },
            {
              "name": "1031007",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1031007"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2015-11-05T16:22Z",
      "publishedDate": "2014-10-14T14:55Z"
    }
  }
}

CERTFR-2014-AVI-412

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Juniper Networks	Junos OS	Junos OS 11
Juniper Networks	N/A	JunosE 14
Juniper Networks	Junos OS	Junos OS 13
Juniper Networks	N/A	JunosE 13
Juniper Networks	N/A	JunosE 15
Juniper Networks	Junos OS	Junos OS 12
Juniper Networks	Junos OS	Junos OS 14

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper JSA10650 du 08 octobre 2014	None	vendor-advisory
Bulletin de sécurité Juniper JSA10652 du 08 octobre 2014	None	vendor-advisory
Bulletin de sécurité Juniper JSA10651 du 08 octobre 2014	None	vendor-advisory
Bulletin de sécurité Juniper JSA10649 du 08 octobre 2014	None	vendor-advisory
Bulletin de sécurité Juniper JSA10653 du 08 octobre 2014	None	vendor-advisory
Bulletin de sécurité Juniper JSA10655 du 08 octobre 2014	None	vendor-advisory
Bulletin de sécurité Juniper JSA10654 du 08 octobre 2014	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Junos OS 11",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "JunosE 14",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS 13",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "JunosE 13",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "JunosE 15",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS 12",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS 14",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2014-6378",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6378"
    },
    {
      "name": "CVE-2014-6379",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6379"
    },
    {
      "name": "CVE-2014-3509",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3509"
    },
    {
      "name": "CVE-2014-3512",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3512"
    },
    {
      "name": "CVE-2014-5139",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-5139"
    },
    {
      "name": "CVE-2014-6377",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6377"
    },
    {
      "name": "CVE-2014-3825",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3825"
    },
    {
      "name": "CVE-2014-6380",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6380"
    },
    {
      "name": "CVE-2014-3511",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3511"
    },
    {
      "name": "CVE-2014-3818",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3818"
    }
  ],
  "links": [],
  "reference": "CERTFR-2014-AVI-412",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2014-10-09T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eJuniper\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un\nd\u00e9ni de service \u00e0 distance et un contournement de la politique de\ns\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Juniper",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10650 du 08 octobre 2014",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10650"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10652 du 08 octobre 2014",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10652"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10651 du 08 octobre 2014",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10651"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10649 du 08 octobre 2014",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10649"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10653 du 08 octobre 2014",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10653"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10655 du 08 octobre 2014",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10655"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10654 du 08 octobre 2014",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10654"
    }
  ]
}

CERTFR-2014-AVI-412

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Juniper Networks	Junos OS	Junos OS 11
Juniper Networks	N/A	JunosE 14
Juniper Networks	Junos OS	Junos OS 13
Juniper Networks	N/A	JunosE 13
Juniper Networks	N/A	JunosE 15
Juniper Networks	Junos OS	Junos OS 12
Juniper Networks	Junos OS	Junos OS 14

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper JSA10650 du 08 octobre 2014	None	vendor-advisory
Bulletin de sécurité Juniper JSA10652 du 08 octobre 2014	None	vendor-advisory
Bulletin de sécurité Juniper JSA10651 du 08 octobre 2014	None	vendor-advisory
Bulletin de sécurité Juniper JSA10649 du 08 octobre 2014	None	vendor-advisory
Bulletin de sécurité Juniper JSA10653 du 08 octobre 2014	None	vendor-advisory
Bulletin de sécurité Juniper JSA10655 du 08 octobre 2014	None	vendor-advisory
Bulletin de sécurité Juniper JSA10654 du 08 octobre 2014	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Junos OS 11",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "JunosE 14",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS 13",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "JunosE 13",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "JunosE 15",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS 12",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS 14",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2014-6378",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6378"
    },
    {
      "name": "CVE-2014-6379",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6379"
    },
    {
      "name": "CVE-2014-3509",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3509"
    },
    {
      "name": "CVE-2014-3512",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3512"
    },
    {
      "name": "CVE-2014-5139",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-5139"
    },
    {
      "name": "CVE-2014-6377",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6377"
    },
    {
      "name": "CVE-2014-3825",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3825"
    },
    {
      "name": "CVE-2014-6380",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6380"
    },
    {
      "name": "CVE-2014-3511",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3511"
    },
    {
      "name": "CVE-2014-3818",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3818"
    }
  ],
  "links": [],
  "reference": "CERTFR-2014-AVI-412",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2014-10-09T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eJuniper\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un\nd\u00e9ni de service \u00e0 distance et un contournement de la politique de\ns\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Juniper",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10650 du 08 octobre 2014",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10650"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10652 du 08 octobre 2014",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10652"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10651 du 08 octobre 2014",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10651"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10649 du 08 octobre 2014",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10649"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10653 du 08 octobre 2014",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10653"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10655 du 08 octobre 2014",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10655"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10654 du 08 octobre 2014",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10654"
    }
  ]
}

VAR-201410-1108

Vulnerability from variot - Updated: 2023-12-18 12:51

The Juniper SRX Series devices with Junos 11.4 before 11.4R12-S4, 12.1X44 before 12.1X44-D40, 12.1X45 before 12.1X45-D30, 12.1X46 before 12.1X46-D25, and 12.1X47 before 12.1X47-D10, when an Application Layer Gateway (ALG) is enabled, allows remote attackers to cause a denial of service (flowd crash) via a crafted packet. Juniper Junos is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause an affected device to crash, denying service to legitimate users. Note: This issue affects on SRX series devices. Juniper Networks SRX Series devices with Junos are SRX series devices of Juniper Networks (Juniper Networks) running the Junos operating system. The following versions are affected: Juniper Networks Juniper SRX Series devices with Junos 11.4R12-S4 prior to 11.4, 12.1X44 prior to 12.1X44-D40, 12.1X45 prior to 12.1X45-D30, 12.1X46 prior to 12.1X46-D25, 12.1X47 -D10 before 12.1X47 version

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201410-1108",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "junos",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "juniper",
        "version": "12.1x47"
      },
      {
        "model": "junos",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "juniper",
        "version": "12.1x46"
      },
      {
        "model": "junos",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "juniper",
        "version": "12.1x45"
      },
      {
        "model": "junos",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "juniper",
        "version": "12.1x44"
      },
      {
        "model": "junos",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "juniper",
        "version": "12.1"
      },
      {
        "model": "junos",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "juniper",
        "version": "11.4"
      },
      {
        "model": "srx5800",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "srx550",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "srx110",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "srx5600",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "srx220",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "srx650",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "srx3600",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "srx240",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "srx3400",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "srx1400",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "srx100",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "srx210",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos os",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "juniper",
        "version": "12.1x44"
      },
      {
        "model": "srx3400",
        "scope": null,
        "trust": 0.8,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos os",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "juniper",
        "version": "11.4"
      },
      {
        "model": "srx210",
        "scope": null,
        "trust": 0.8,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "srx650",
        "scope": null,
        "trust": 0.8,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos os",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "juniper",
        "version": "11.4r12-s4"
      },
      {
        "model": "srx550",
        "scope": null,
        "trust": 0.8,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "srx5800",
        "scope": null,
        "trust": 0.8,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos os",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "juniper",
        "version": "12.1x44-d40"
      },
      {
        "model": "junos os",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "juniper",
        "version": "12.1x45"
      },
      {
        "model": "srx100",
        "scope": null,
        "trust": 0.8,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos os",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "juniper",
        "version": "12.1x47-d11"
      },
      {
        "model": "junos os",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "juniper",
        "version": "12.1x46"
      },
      {
        "model": "srx220",
        "scope": null,
        "trust": 0.8,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "srx5600",
        "scope": null,
        "trust": 0.8,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "srx5400",
        "scope": null,
        "trust": 0.8,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "srx110",
        "scope": null,
        "trust": 0.8,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos os",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "juniper",
        "version": "12.1x47"
      },
      {
        "model": "srx240",
        "scope": null,
        "trust": 0.8,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos os",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "juniper",
        "version": "12.1x46-d25"
      },
      {
        "model": "srx1400",
        "scope": null,
        "trust": 0.8,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos os",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "juniper",
        "version": "12.1x45-d30"
      },
      {
        "model": "srx3600",
        "scope": null,
        "trust": 0.8,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 12.1x46-d20",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 12.1x46-d10",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 12.1x45-d25",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 12.1x45-d20",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 12.1x45-d10",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos d15",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "juniper",
        "version": "12.1x45-"
      },
      {
        "model": "junos 12.1x44-d35",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 12.1x44-d34",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 12.1x44-d32",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 12.1x44-d30.4",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 12.1x44-d30",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 12.1x44-d26",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 12.1x44-d20.3",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 12.1x44-d20",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 11.4r12",
        "scope": null,
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 12.1x47-d10",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 12.1x46-d25",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 12.1x45-d30",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 12.1x44-d40",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      },
      {
        "model": "junos 11.4r12-s4",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "juniper",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "70366"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-004847"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-3825"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201410-259"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:12.1x47:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:12.1x44:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:12.1x45:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:12.1x46:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:12.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:11.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-3825"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The vendor reported this issue.",
    "sources": [
      {
        "db": "BID",
        "id": "70366"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2014-3825",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 6.8,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2014-3825",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "VHN-71765",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2014-3825",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201410-259",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-71765",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-71765"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-004847"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-3825"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201410-259"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The Juniper SRX Series devices with Junos 11.4 before 11.4R12-S4, 12.1X44 before 12.1X44-D40, 12.1X45 before 12.1X45-D30, 12.1X46 before 12.1X46-D25, and 12.1X47 before 12.1X47-D10, when an Application Layer Gateway (ALG) is enabled, allows remote attackers to cause a denial of service (flowd crash) via a crafted packet. Juniper Junos is prone to a remote denial-of-service vulnerability. \nAn attacker can exploit this issue to cause an affected device to crash, denying service to legitimate users. \nNote: This issue affects on SRX series devices. Juniper Networks SRX Series devices with Junos are SRX series devices of Juniper Networks (Juniper Networks) running the Junos operating system. The following versions are affected: Juniper Networks Juniper SRX Series devices with Junos 11.4R12-S4 prior to 11.4, 12.1X44 prior to 12.1X44-D40, 12.1X45 prior to 12.1X45-D30, 12.1X46 prior to 12.1X46-D25, 12.1X47 -D10 before 12.1X47 version",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-3825"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-004847"
      },
      {
        "db": "BID",
        "id": "70366"
      },
      {
        "db": "VULHUB",
        "id": "VHN-71765"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2014-3825",
        "trust": 2.8
      },
      {
        "db": "JUNIPER",
        "id": "JSA10650",
        "trust": 2.0
      },
      {
        "db": "SECTRACK",
        "id": "1031007",
        "trust": 1.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-004847",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201410-259",
        "trust": 0.7
      },
      {
        "db": "BID",
        "id": "70366",
        "trust": 0.4
      },
      {
        "db": "VULHUB",
        "id": "VHN-71765",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-71765"
      },
      {
        "db": "BID",
        "id": "70366"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-004847"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-3825"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201410-259"
      }
    ]
  },
  "id": "VAR-201410-1108",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-71765"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T12:51:50.531000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "JSA10650",
        "trust": 0.8,
        "url": "https://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10650"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-004847"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-71765"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-004847"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-3825"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.6,
        "url": "https://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10650"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1031007"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3825"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3825"
      },
      {
        "trust": 0.3,
        "url": "http://www.juniper.net/"
      },
      {
        "trust": 0.3,
        "url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10650\u0026cat=sirt_1\u0026actp=list"
      },
      {
        "trust": 0.1,
        "url": "https://kb.juniper.net/infocenter/index?page=content\u0026amp;id=jsa10650"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-71765"
      },
      {
        "db": "BID",
        "id": "70366"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-004847"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-3825"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201410-259"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-71765"
      },
      {
        "db": "BID",
        "id": "70366"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-004847"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-3825"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201410-259"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-10-14T00:00:00",
        "db": "VULHUB",
        "id": "VHN-71765"
      },
      {
        "date": "2014-10-08T00:00:00",
        "db": "BID",
        "id": "70366"
      },
      {
        "date": "2014-10-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-004847"
      },
      {
        "date": "2014-10-14T14:55:05.070000",
        "db": "NVD",
        "id": "CVE-2014-3825"
      },
      {
        "date": "2014-10-15T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201410-259"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-11-05T00:00:00",
        "db": "VULHUB",
        "id": "VHN-71765"
      },
      {
        "date": "2014-10-08T00:00:00",
        "db": "BID",
        "id": "70366"
      },
      {
        "date": "2015-12-02T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-004847"
      },
      {
        "date": "2015-11-05T16:22:04.987000",
        "db": "NVD",
        "id": "CVE-2014-3825"
      },
      {
        "date": "2014-10-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201410-259"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201410-259"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Junos of  Juniper SRX Service operation interruption in series drivers  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-004847"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201410-259"
      }
    ],
    "trust": 0.6
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2014-3825 (GCVE-0-2014-3825)

GHSA-9R63-C76G-W755

FKIE_CVE-2014-3825

GSD-2014-3825

CERTFR-2014-AVI-412

Solution

CERTFR-2014-AVI-412

Solution

VAR-201410-1108

Tags

Sightings

Nomenclature