Junos DoS Vulnerability In XNM Command Processor Network Vulnerability

Summary

Denial of Service vulnerability in XNM command processor.

Impact

Remote attackers can cause a denial of service condition on the device.

Solution

New builds of Junos OS software are available from Juniper.

Insight

When xnm-ssl or xnm-clear-text is enabled within the hierarchy level of the Junos configuration, an unauthenticated, remote user could exploit the XNM command processor to consume excessive amounts of memory.

Affected

Junos OS 10.4, 11.4, 12.1, 12.2, 12.3, 13.1, 13.2

Detection

Check the OS build.

References

http://kb.juniper.net/JSA10607
http://www.securitytracker.com/id/1029586

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-0613
CVSS Base Score: 7.1
AV:N/AC:M/Au:N/C:N/I:N/A:C

Related Vulnerabilities

Junos JPPPD Denial of Service Vulnerability
Junos Multiple xml2 Vulnerabilities
Junos PIM Handling DoS Vulnerability
Junos Denial of Service Vulnerability in Flow Daemon
Junos GNU libc GLOB_LIMIT DoS Vulnerability

Junos DoS Vulnerability in XNM Command Processor

Take action and discover your vulnerabilities