CVE-2014-3825

EPSS 0.77%
Published 14.10.2014 14:55:05
Last modified 12.04.2025 10:46:40
Source cve@mitre.org
Teams watchlist Login
Open Login

The Juniper SRX Series devices with Junos 11.4 before 11.4R12-S4, 12.1X44 before 12.1X44-D40, 12.1X45 before 12.1X45-D30, 12.1X46 before 12.1X46-D25, and 12.1X47 before 12.1X47-D10, when an Application Layer Gateway (ALG) is enabled, allows remote attackers to cause a denial of service (flowd crash) via a crafted packet.

Affected products Warnungen 0 Metrics 2 CWE 1 References 5

Data is provided by the National Vulnerability Database (NVD)

Juniper ≫ Junos Version11.4

Juniper ≫ Junos Version12.1

Juniper ≫ Junos Version12.1x44

Juniper ≫ Junos Version12.1x45

Juniper ≫ Junos Version12.1x46

Juniper ≫ Junos Version12.1x47

Juniper ≫ Srx100 Version-

Juniper ≫ Srx110 Version-

Juniper ≫ Srx1400 Version-

Juniper ≫ Srx210 Version-

Juniper ≫ Srx220 Version-

Juniper ≫ Srx240 Version-

Juniper ≫ Srx3400 Version-

Juniper ≫ Srx3600 Version-

Juniper ≫ Srx550 Version-

Juniper ≫ Srx5600 Version-

Juniper ≫ Srx5800 Version-

Juniper ≫ Srx650 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.77%	0.711

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://www.securitytracker.com/id/1031007

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10650

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2014-3825

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-3825

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-3825

EUVD