5.4

CVE-2014-3822

Juniper Junos 11.4 before 11.4R8, 12.1 before 12.1R5, 12.1X44 before 12.1X44-D20, 12.1X45 before 12.1X45-D15, 12.1X46 before 12.1X46-D10, and 12.1X47 before 12.1X47-D10 on SRX Series devices, allows remote attackers to cause a denial of service (flowd crash) via a malformed packet, related to translating IPv6 to IPv4.

Data is provided by the National Vulnerability Database (NVD)
JuniperJunos Version11.4
JuniperJunos Version12.1
JuniperJunos Version12.1x44
JuniperJunos Version12.1x45
JuniperJunos Version12.1x46
JuniperJunos Version12.1x47
JuniperSrx100 Version-
JuniperSrx110 Version-
JuniperSrx1400 Version-
JuniperSrx210 Version-
JuniperSrx220 Version-
JuniperSrx240 Version-
JuniperSrx3400 Version-
JuniperSrx3600 Version-
JuniperSrx550 Version-
JuniperSrx5600 Version-
JuniperSrx5800 Version-
JuniperSrx650 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.49% 0.628
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 5.4 4.9 6.9
AV:N/AC:H/Au:N/C:N/I:N/A:C
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.