CVE-2014-0612 - OpenCVE

Unspecified vulnerability in Juniper Junos before 11.4R10-S1, before 11.4R11, 12.1X44 before 12.1X44-D26, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, and 12.1X46 before 12.1X46-D10, when Dynamic IPsec VPN is configured, allows remote attackers to cause a denial of service (new Dynamic VPN connection failures and CPU and disk consumption) via unknown vectors.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Juniper	Srx240 Srx210 Srx100 Srx650 Srx550 Srx110 Junos Srx220

Configuration 1 [-]

AND

OR	cpe:2.3:o:juniper:junos:11.4:::::::*
	cpe:2.3:o:juniper:junos:12.1:::::::*
	cpe:2.3:o:juniper:junos:12.1x44:::::::*
	cpe:2.3:o:juniper:junos:12.1x45:::::::*
	cpe:2.3:o:juniper:junos:12.1x46:::::::*

OR	cpe:2.3:h:juniper:srx100:-:::::::*
	cpe:2.3:h:juniper:srx110:-:::::::*
	cpe:2.3:h:juniper:srx210:-:::::::*
	cpe:2.3:h:juniper:srx220:-:::::::*
	cpe:2.3:h:juniper:srx240:-:::::::*
	cpe:2.3:h:juniper:srx550:-:::::::*
	cpe:2.3:h:juniper:srx650:-:::::::*

References

Link	Resource
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10620	Vendor Advisory
http://secunia.com/advisories/57845	Vendor Advisory
http://securitytracker.com/id?1030057
http://www.securityfocus.com/bid/66759

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2014-04-14T15:00:00

Updated: 2014-04-15T12:57:01

Reserved: 2013-12-31T00:00:00

Link: CVE-2014-0612

JSON object: View

NVD Information

Status : Modified

Published: 2014-04-14T15:09:06.273

Modified: 2014-04-19T04:46:35.330

Link: CVE-2014-0612

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-04-10T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Juniper Junos before 11.4R10-S1, before 11.4R11, 12.1X44 before 12.1X44-D26, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, and 12.1X46 before 12.1X46-D10, when Dynamic IPsec VPN is configured, allows remote attackers to cause a denial of service (new Dynamic VPN connection failures and CPU and disk consumption) via unknown vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2014-04-15T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10620"}, {"name": "66759", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/66759"}, {"name": "1030057", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1030057"}, {"name": "57845", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/57845"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-0612", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in Juniper Junos before 11.4R10-S1, before 11.4R11, 12.1X44 before 12.1X44-D26, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, and 12.1X46 before 12.1X46-D10, when Dynamic IPsec VPN is configured, allows remote attackers to cause a denial of service (new Dynamic VPN connection failures and CPU and disk consumption) via unknown vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10620", "refsource": "CONFIRM", "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10620"}, {"name": "66759", "refsource": "BID", "url": "http://www.securityfocus.com/bid/66759"}, {"name": "1030057", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1030057"}, {"name": "57845", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/57845"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-0612", "datePublished": "2014-04-14T15:00:00", "dateReserved": "2013-12-31T00:00:00", "dateUpdated": "2014-04-15T12:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:11.4:*:*:*:*:*:*:*", "matchCriteriaId": "41543223-0FA9-4CBE-8DEC-717CE5FFED79", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.1:*:*:*:*:*:*:*", "matchCriteriaId": "B40B8FD6-A597-4845-8E8E-63EFDF606006", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x44:*:*:*:*:*:*:*", "matchCriteriaId": "1B307477-C5F2-4D98-AF4C-640D326164C7", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x45:*:*:*:*:*:*:*", "matchCriteriaId": "8E747970-4C27-4B46-9163-964252CB98F6", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:12.1x46:*:*:*:*:*:*:*", "matchCriteriaId": "CFB89F64-16BB-4A14-9084-B338668D7FF1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*", "matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC", "vulnerable": true}, {"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*", "matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317", "vulnerable": true}, {"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*", "matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED", "vulnerable": true}, {"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*", "matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321", "vulnerable": true}, {"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*", "matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2", "vulnerable": true}, {"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*", "matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801", "vulnerable": true}, {"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*", "matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Juniper Junos before 11.4R10-S1, before 11.4R11, 12.1X44 before 12.1X44-D26, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, and 12.1X46 before 12.1X46-D10, when Dynamic IPsec VPN is configured, allows remote attackers to cause a denial of service (new Dynamic VPN connection failures and CPU and disk consumption) via unknown vectors."}, {"lang": "es", "value": "Vulnerabilidad no especificada en Juniper Junos anterior a versi\u00f3n 11.4R10-S1, anterior a versi\u00f3n 11.4R11, versiones 12.1X44 anteriores a 12.1X44-D26, versiones 12.1X44 anteriores a 12.1X44-D30, versiones12.1X45 anteriores a 12.1X45-D20, y versiones 12.1X46 anteriores 12.1X46-D10, cuando Dynamic IPsec VPN est\u00e1 configurada, permite a los atacantes remotos causar una denegaci\u00f3n de servicio (nuevas fallas de conexi\u00f3n de Dynamic VPN y consumo de CPU y disco) por medio de vectores desconocidos."}], "id": "CVE-2014-0612", "lastModified": "2014-04-19T04:46:35.330", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-04-14T15:09:06.273", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10620"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/57845"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1030057"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/66759"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}