// For flags

CVE-2014-0616

 

Severity Score

7.1
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Juniper Junos 10.4 before 10.4R16, 11.4 before 11.4R10, 12.1R before 12.1R8-S2, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, 12.1X46 before 12.1X46-D10, 12.2 before 12.2R7, 12.3 before 12.3R4-S2, 13.1 before 13.1R3-S1, 13.2 before 13.2R2, and 13.3 before 13.3R1 allows remote attackers to cause a denial of service (rdp crash) via a large BGP UPDATE message which immediately triggers a withdraw message to be sent, as demonstrated by a long AS_PATH and a large number of BGP Communities.

Juniper Junos 10.4 anteriores a 10.4R16, 11.4 anteriores a 11.4R10, 12.1R anteriores a 12.1R8-S2, 12.1X44 anteriores a 12.1X44-D30, 12.1X45 anteriores a 12.1X45-D20, 12.1X46 anteriores a 12.1X46-D10, 12.2 anteriores a 12.2R7, 12.3 anteriores a 12.3R4-S2, 13.1 anteriores a 13.1R3-S1, 13.2 anteriores a 13.2R2 y 13.3 anteriores a 13.3R1, permite a atacantes remotos causar denegación de servicio (caída de rdp) a través de un mensaje BGP_UPDATE largo que lanza inmediatamente un envío de retirada de mensaje, como se muestra con un AS_PATH largo y un gran número de "BGP Communities".

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
None
Integrity
None
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2013-12-31 CVE Reserved
  • 2014-01-14 CVE Published
  • 2023-03-07 EPSS Updated
  • 2024-08-06 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Juniper
Search vendor "Juniper"
 Junos
Search vendor "Juniper" for product "Junos"
 10.4
Search vendor "Juniper" for product "Junos" and version "10.4"
-
Affected
Juniper
Search vendor "Juniper"
 Junos
Search vendor "Juniper" for product "Junos"
 11.4
Search vendor "Juniper" for product "Junos" and version "11.4"
-
Affected
Juniper
Search vendor "Juniper"
 Junos
Search vendor "Juniper" for product "Junos"
 12.1r
Search vendor "Juniper" for product "Junos" and version "12.1r"
-
Affected
Juniper
Search vendor "Juniper"
 Junos
Search vendor "Juniper" for product "Junos"
 12.1x44
Search vendor "Juniper" for product "Junos" and version "12.1x44"
-
Affected
Juniper
Search vendor "Juniper"
 Junos
Search vendor "Juniper" for product "Junos"
 12.1x45
Search vendor "Juniper" for product "Junos" and version "12.1x45"
-
Affected
Juniper
Search vendor "Juniper"
 Junos
Search vendor "Juniper" for product "Junos"
 12.1x46
Search vendor "Juniper" for product "Junos" and version "12.1x46"
-
Affected
Juniper
Search vendor "Juniper"
 Junos
Search vendor "Juniper" for product "Junos"
 12.2
Search vendor "Juniper" for product "Junos" and version "12.2"
-
Affected
Juniper
Search vendor "Juniper"
 Junos
Search vendor "Juniper" for product "Junos"
 12.3
Search vendor "Juniper" for product "Junos" and version "12.3"
-
Affected
Juniper
Search vendor "Juniper"
 Junos
Search vendor "Juniper" for product "Junos"
 13.1
Search vendor "Juniper" for product "Junos" and version "13.1"
-
Affected
Juniper
Search vendor "Juniper"
 Junos
Search vendor "Juniper" for product "Junos"
 13.2
Search vendor "Juniper" for product "Junos" and version "13.2"
-
Affected
Juniper
Search vendor "Juniper"
 Junos
Search vendor "Juniper" for product "Junos"
 13.3
Search vendor "Juniper" for product "Junos" and version "13.3"
-
Affected