CVE-2014-0618CVE-2014-0618

Affected configuration(s):

cpe:/h:juniper:srx100:-
cpe:/h:juniper:srx110:-
cpe:/h:juniper:srx1400:-
cpe:/h:juniper:srx210:-
cpe:/h:juniper:srx220:-
cpe:/h:juniper:srx240:-
cpe:/h:juniper:srx3400:-
cpe:/h:juniper:srx3600:-
cpe:/h:juniper:srx550:-
cpe:/h:juniper:srx5600:-
cpe:/h:juniper:srx5800:-
cpe:/h:juniper:srx650:-
cpe:/o:juniper:junos:10.4
cpe:/o:juniper:junos:11.4
cpe:/o:juniper:junos:12.1r
cpe:/o:juniper:junos:12.1×44
cpe:/o:juniper:junos:12.1×45

Date published: 2014-01-10T23:44:42.617-05:00

Date last modified: 2017-08-28T21:34:13.090-04:00

CVSS Score: 7.8

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: http://www.securityfocus.com/bid/64769

Summary: Juniper Junos before 10.4 before 10.4R16, 11.4 before 11.4R8, 12.1R before 12.1R7, 12.1X44 before 12.1X44-D20, and 12.1X45 before 12.1X45-D10 on SRX Series service gateways, when used as a UAC enforcer and captive portal is enabled, allows remote attackers to cause a denial of service (flowd crash) via a crafted HTTP message.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *