Vulnerability Name:

CVE-2014-6383 (CCN-100232)

Assigned:2014-09-11
Published:2015-01-15
Updated:2015-01-26
Summary:The stateless firewall in Juniper Junos 13.3R3, 14.1R1, and 14.1R2, when using Trio-based PFE modules, does not properly match ports, which might allow remote attackers to bypass firewall rule.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-17
Vulnerability Consequences:Bypass Security
References:Source: MITRE
Type: CNA
CVE-2014-6383

Source: CCN
Type: Juniper Networks Security Bulletin JSA10666
Firewall filter fails to match on port (CVE-2014-6383)

Source: BID
Type: UNKNOWN
72071

Source: CCN
Type: BID-72071
Juniper Junos CVE-2014-6383 Security Bypass Vulnerability

Source: SECTRACK
Type: UNKNOWN
1031549

Source: XF
Type: UNKNOWN
juniper-junos-cve20146383-sec-bypass(100232)

Source: CONFIRM
Type: Vendor Advisory
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10666

Vulnerable Configuration:Configuration 1:
  • cpe:/o:juniper:junos:13.3:r3:*:*:*:*:*:*
  • OR cpe:/o:juniper:junos:14.1:r1:*:*:*:*:*:*
  • OR cpe:/o:juniper:junos:14.2:r2:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    BACK
    juniper junos 13.3 r3
    juniper junos 14.1 r1
    juniper junos 14.2 r2