CVE-2014-3818

Juniper Junos OS 9.1 through 11.4 before 11.4R11, 12.1 before R10, 12.1X44 before D40, 12.1X46 before D30, 12.1X47 before D11 and 12.147-D15, 12.1X48 before D41 and D62, 12.2 before R8, 12.2X50 before D70, 12.3 before R6, 13.1 before R4-S2, 13.1X49 before D49, 13.1X50 before 30, 13.2 before R4, 13.2X50 before D20, 13.2X51 before D25, 13.2X52 before D15, 13.3 before R2, and 14.1 before R1, when supporting 4-byte AS numbers and a BGP peer does not, allows remote attackers to cause a denial of service (memory corruption and RDP routing process crash and restart) via crafted transitive attributes in a BGP UPDATE.

Published: Oct 14, 2014
Updated: Apr 13, 2023
CVE: CVE-2014-3818
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
juniper / junos	13.2x50	13.2x50.x
juniper / junos	14.1	14.1.x
juniper / junos	13.3	13.3.x
juniper / junos	11.0	11.0.x
juniper / junos	9.4	9.4.x
juniper / junos	9.6	9.6.x
juniper / junos	12.1x48	12.1x48.x
juniper / junos	10.4	10.4.x
juniper / junos	10.3	10.3.x
juniper / junos	11.2	11.2.x
juniper / junos	13.1	13.1.x
juniper / junos	10.2	10.2.x
juniper / junos	10.1	10.1.x
juniper / junos	10.4s	10.4s.x
juniper / junos	13.2x52	13.2x52.x
juniper / junos	12.2x50	12.2x50.x
juniper / junos	13.2	13.2.x
juniper / junos	11.1	11.1.x
juniper / junos	12.1x46	12.1x46.x
juniper / junos	12.1	12.1.x
juniper / junos	13.1x50	13.1x50.x
juniper / junos	13.1x49	13.1x49.x
juniper / junos	11.3	11.3.x
juniper / junos	9.5	9.5.x
juniper / junos	12.1x47	12.1x47.x
juniper / junos	10.4r	10.4r.x
juniper / junos	11.4	11.4.x
juniper / junos	12.3	12.3.x
juniper / junos	12.2	12.2.x
juniper / junos	12.1x44	12.1x44.x
juniper / junos	9.2	9.2.x
juniper / junos	9.1	9.1.x
juniper / junos	13.2x51	13.2x51.x
juniper / junos	10.0	10.0.x

Vulnerability Database

289,697

CVE-2014-3818