14.2

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

juniper

CWE-17

nessus

NVD

Published: 2015-01-16

Updated: 2015-01-26

Summary

The stateless firewall in Juniper Junos 13.3R3, 14.1R1, and 14.1R2, when using Trio-based PFE modules, does not properly match ports, which might allow remote attackers to bypass firewall rule.

Vulnerable Configurations

Part	Description	Count
OS	Juniper Juniper Junos 13.3 Juniper Junos 14.1 Juniper Junos 14.2	3

Common Weakness Enumeration (CWE)

CWE-17 - Code

Nessus

NASL family	Junos Local Security Checks
NASL id	JUNIPER_JSA10666.NASL
description	According to its self-reported version number, the remote Juniper Junos MX series device is affected by a security bypass vulnerability when processing stateless firewall filters on a device with Trio-based PFE modules with IPv4 filters. A remote attacker can exploit this issue to bypass stateless firewall filters.
last seen	2019-10-28
modified	2015-01-23
plugin id	80954
published	2015-01-23
reporter	This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/80954
title	Juniper Junos MX Series Trio-based PFE Modules Security Bypass (JSA10666)

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Nessus

References