Vulnerabilities > CVE-2014-6383 - Code vulnerability in Juniper Junos 13.3/14.1/14.2

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
juniper
CWE-17
nessus
NVD
Published: 2015-01-16
Updated: 2015-01-26

Summary

The stateless firewall in Juniper Junos 13.3R3, 14.1R1, and 14.1R2, when using Trio-based PFE modules, does not properly match ports, which might allow remote attackers to bypass firewall rule.

Vulnerable Configurations

Part Description Count
OS
Juniper
3

Common Weakness Enumeration (CWE)

Nessus

NASL familyJunos Local Security Checks
NASL idJUNIPER_JSA10666.NASL
descriptionAccording to its self-reported version number, the remote Juniper Junos MX series device is affected by a security bypass vulnerability when processing stateless firewall filters on a device with Trio-based PFE modules with IPv4 filters. A remote attacker can exploit this issue to bypass stateless firewall filters.
last seen2019-10-28
modified2015-01-23
plugin id80954
published2015-01-23
reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/80954
titleJuniper Junos MX Series Trio-based PFE Modules Security Bypass (JSA10666)

References