CVE-2014-6382
Severity CVSS v4.0:
Pending analysis
Type:
CWE-20
Input Validation
Publication date:
16/01/2015
Last modified:
12/04/2025
Description
The Juniper MX Series routers with Junos 13.3R3 through 13.3Rx before 13.3R6, 14.1 before 14.1R4, 14.1X50 before 14.1X50-D70, and 14.2 before 14.2R2, when configured as a broadband edge (BBE) router, allows remote attackers to cause a denial of service (jpppd crash and restart) by sending a crafted PAP Authenticate-Request after the PPPoE Discovery and LCP phase are complete.
Impact
Base Score 2.0
7.10
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:juniper:junos:13.3:r3:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:13.3:r4:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:13.3:r5:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:14.1:*:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:14.1:r1:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:14.1:r2:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:14.1:r3:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:14.2:*:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:14.2:r1:*:*:*:*:*:* | ||
| cpe:2.3:h:juniper:mx10:*:*:*:*:*:*:*:* | ||
| cpe:2.3:h:juniper:mx104:*:*:*:*:*:*:*:* | ||
| cpe:2.3:h:juniper:mx2010:*:*:*:*:*:*:*:* | ||
| cpe:2.3:h:juniper:mx2020:*:*:*:*:*:*:*:* | ||
| cpe:2.3:h:juniper:mx240:*:*:*:*:*:*:*:* | ||
| cpe:2.3:h:juniper:mx40:*:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page