CVE-2014-6450

16.10.2015, 20:59

Juniper Junos OS before 11.4R12-S4, 12.1X44 before 12.1X44-D41, 12.1X46 before 12.1X46-D26, 12.1X47 before 12.1X47-D11/D15, 12.2 before 12.2R9, 12.2X50 before 12.2X50-D70, 12.3 before 12.3R8, 12.3X48 before 12.3X48-D10, 12.3X50 before 12.3X50-D42, 13.1 before 13.1R4-S3, 13.1X49 before 13.1X49-D42, 13.1X50 before 13.1X50-D30, 13.2 before 13.2R6, 13.2X51 before 13.2X51-D26, 13.2X52 before 13.2X52-D15, 13.3 before 13.3R3-S3, 14.1 before 14.1R3, 14.2 before 14.2R1, 15.1 before 15.1R1, and 15.1X49 before 15.1X49-D10, when configured for IPv6, allow remote attackers to cause a denial of service (mbuf chain corruption and kernel panic) via crafted IPv6 packets.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Vector
NIST	NIST	7.8 UNKNOWN	NETWORK	LOW	AV:N/AC:L/Au:N/C:N/I:N/A:C
mitre	CNA	---			---
CVE	ADP	---			---

Base Score

CVSS 3.x

EPSS Score

Percentile: 72%

Vendor	Product	Version
juniper	junos	12.1x44:x44
juniper	junos	12.1x44:x44
juniper	junos	12.1x44:x44
juniper	junos	12.1x44:x44
juniper	junos	12.1x44:x44
juniper	junos	12.1x44:x44
juniper	junos	12.1x44:x44
juniper	junos	12.1x44:x44
juniper	junos	12.1x46:x46
juniper	junos	12.1x46:x46
juniper	junos	12.1x46:x46
juniper	junos	12.1x46:x46
juniper	junos	12.1x46:x46
juniper	junos	12.1x47:x47
juniper	junos	12.1x47:x47
juniper	junos	12.1x47:x47
juniper	junos	12.2
juniper	junos	12.2:r1
juniper	junos	12.2:r2
juniper	junos	12.2:r3
juniper	junos	12.2:r4
juniper	junos	12.2:r5
juniper	junos	12.2:r6
juniper	junos	12.2:r7
juniper	junos	12.2:r8
juniper	junos	12.2x65:x65
juniper	junos	12.3
juniper	junos	12.3:r1
juniper	junos	12.3:r2
juniper	junos	12.3:r3
juniper	junos	12.3:r4
juniper	junos	12.3:r5
juniper	junos	12.3:r6
juniper	junos	12.3:r7
juniper	junos	12.3x48:x48
juniper	junos	12.3x48:x48
juniper	junos	12.3x50:x50
juniper	junos	12.3x50:x50
juniper	junos	12.3x50:x50
juniper	junos	12.3x50:x50
juniper	junos	12.3x50:x50
juniper	junos	13.1
juniper	junos	13.1:r1
juniper	junos	13.1:r2
juniper	junos	13.1:r3
juniper	junos	13.1:r4
juniper	junos	13.1:r4-s2
juniper	junos	13.1x49:x49
juniper	junos	13.1x49:x49
juniper	junos	13.1x50:x50
juniper	junos	13.1x50:x50
juniper	junos	13.2
juniper	junos	13.2:r1
juniper	junos	13.2:r2
juniper	junos	13.2:r3
juniper	junos	13.2:r4
juniper	junos	13.2:r5
juniper	junos	13.2x51:x51
juniper	junos	13.2x51:x51
juniper	junos	13.2x51:x51
juniper	junos	13.2x51:x51
juniper	junos	13.2x51:x51
juniper	junos	13.2x52:x52
juniper	junos	13.2x52:x52
juniper	junos	13.2x52:x52
juniper	junos	13.3
juniper	junos	13.3:r1
juniper	junos	13.3:r2
juniper	junos	13.3:r3
juniper	junos	14.1
juniper	junos	14.1:r1
juniper	junos	14.1:r2
juniper	junos	14.2
juniper	junos	15.1
juniper	junos	15.1x49:x49

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

References

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10699

http://www.securitytracker.com/id/1033855

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10699

http://www.securitytracker.com/id/1033855