CVE-2013-4688

Published Jul 11, 2013

Last updated a month ago

CVSS info 7.8

Overview

Description: flowd in Juniper Junos 10.4 before 10.4R11 on SRX devices, when the MSRPC Application Layer Gateway (ALG) is enabled, allows remote attackers to cause a denial of service (daemon crash) via crafted MSRPC requests, aka PR 772834.
Source: cve@mitre.org
NVD status: Deferred

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.8
Impact score: 6.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:juniper:junos:10.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "45C2DA1E-12A7-4018-92CE-7621FC278025"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC"
          },
          {
            "criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317"
          },
          {
            "criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30"
          },
          {
            "criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED"
          },
          {
            "criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321"
          },
          {
            "criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2"
          },
          {
            "criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D"
          },
          {
            "criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC"
          },
          {
            "criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801"
          },
          {
            "criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710"
          },
          {
            "criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B"
          },
          {
            "criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References