CVE-2014-3818

Juniper Junos OS 9.1 through 11.4 before 11.4R11, 12.1 before R10, 12.1X44 before D40, 12.1X46 before D30, 12.1X47 before D11 and 12.147-D15, 12.1X48 before D41 and D62, 12.2 before R8, 12.2X50 before D70, 12.3 before R6, 13.1 before R4-S2, 13.1X49 before D49, 13.1X50 before 30, 13.2 before R4, 13.2X50 before D20, 13.2X51 before D25, 13.2X52 before D15, 13.3 before R2, and 14.1 before R1, when supporting 4-byte AS numbers and a BGP peer does not, allows remote attackers to cause a denial of service (memory corruption and RDP routing process crash and restart) via crafted transitive attributes in a BGP UPDATE.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 64%
VendorProductVersion
juniperjunos
9.1
juniperjunos
9.2
juniperjunos
9.4
juniperjunos
9.5
juniperjunos
9.6
juniperjunos
10.0
juniperjunos
10.1
juniperjunos
10.2
juniperjunos
10.3
juniperjunos
10.4
juniperjunos
10.4r:r
juniperjunos
10.4s:s
juniperjunos
11.0
juniperjunos
11.1
juniperjunos
11.2
juniperjunos
11.3
juniperjunos
11.4
juniperjunos
12.1
juniperjunos
12.1x44:x44
juniperjunos
12.1x46:x46
juniperjunos
12.1x47:x47
juniperjunos
12.1x48:x48
juniperjunos
12.2
juniperjunos
12.2x50:x50
juniperjunos
12.3
juniperjunos
13.1
juniperjunos
13.1x49:x49
juniperjunos
13.1x50:x50
juniperjunos
13.2
juniperjunos
13.2x50:x50
juniperjunos
13.2x51:x51
juniperjunos
13.2x52:x52
juniperjunos
13.3
juniperjunos
14.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securitytracker.com/id/1031009
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10653
http://www.securitytracker.com/id/1031009
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10653