Vulnerability Description
Juniper JunosE before 13.3.3p0-1, 14.x before 14.3.2, and 15.x before 15.1.0, when DEBUG severity icmpTraffic logging is enabled, allows remote attackers to cause a denial of service (SRP reset) via a crafted ICMP packet to the (1) interface or (2) loopback IP address, which triggers a processor exception in ip_RxData_8.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Juniper | Junos E | <= 13.3.2 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/70368
- http://www.securitytracker.com/id/1031006
- https://exchange.xforce.ibmcloud.com/vulnerabilities/96907
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10651Vendor Advisory
- http://www.securityfocus.com/bid/70368
- http://www.securitytracker.com/id/1031006
- https://exchange.xforce.ibmcloud.com/vulnerabilities/96907
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10651Vendor Advisory
FAQ
What is CVE-2014-6377?
CVE-2014-6377 is a vulnerability with a CVSS score of 7.8 (HIGH). Juniper JunosE before 13.3.3p0-1, 14.x before 14.3.2, and 15.x before 15.1.0, when DEBUG severity icmpTraffic logging is enabled, allows remote attackers to cause a denial of service (SRP reset) via a...
How severe is CVE-2014-6377?
CVE-2014-6377 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-6377?
Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos E.