This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Juniper First view 2013-07-11
Product srx210 Last view 2014-10-14
Version Type Hardware
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:* 11

Related : CVE

  Date Alert Description
6.8 2014-10-14 CVE-2014-3825

The Juniper SRX Series devices with Junos 11.4 before 11.4R12-S4, 12.1X44 before 12.1X44-D40, 12.1X45 before 12.1X45-D30, 12.1X46 before 12.1X46-D25, and 12.1X47 before 12.1X47-D10, when an Application Layer Gateway (ALG) is enabled, allows remote attackers to cause a denial of service (flowd crash) via a crafted packet.
5.4 2014-07-11 CVE-2014-3822

Juniper Junos 11.4 before 11.4R8, 12.1 before 12.1R5, 12.1X44 before 12.1X44-D20, 12.1X45 before 12.1X45-D15, 12.1X46 before 12.1X46-D10, and 12.1X47 before 12.1X47-D10 on SRX Series devices, allows remote attackers to cause a denial of service (flowd crash) via a malformed packet, related to translating IPv6 to IPv4.
7.8 2014-07-11 CVE-2014-3817

Juniper Junos 11.4 before 11.4R12, 12.1X44 before 12.1X44-D32, 12.1X45 before 12.1X45-D25, 12.1X46 before 12.1X46-D20, and 12.1X47 before 12.1X47-D10 on SRX Series devices, when NAT protocol translation from IPv4 to IPv6 is enabled, allows remote attackers to cause a denial of service (flowd hang or crash) via a crafted packet.
7.8 2014-07-11 CVE-2014-3815

Juniper Junos 12.1X46 before 12.1X46-D20 and 12.1X47 before 12.1X47-D10 on SRX Series devices allows remote attackers to cause a denial of service (flowd crash) via a crafted SIP packet.
5 2014-04-14 CVE-2014-0612

Unspecified vulnerability in Juniper Junos before 11.4R10-S1, before 11.4R11, 12.1X44 before 12.1X44-D26, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, and 12.1X46 before 12.1X46-D10, when Dynamic IPsec VPN is configured, allows remote attackers to cause a denial of service (new Dynamic VPN connection failures and CPU and disk consumption) via unknown vectors.
7.1 2014-01-15 CVE-2014-0617

Juniper Junos 10.4S before 10.4S15, 10.4R before 10.4R16, 11.4 before 11.4R9, and 12.1R before 12.1R7 on SRX Series service gateways allows remote attackers to cause a denial of service (flowd crash) via a crafted IP packet.
7.8 2014-01-10 CVE-2014-0618

Juniper Junos before 10.4 before 10.4R16, 11.4 before 11.4R8, 12.1R before 12.1R7, 12.1X44 before 12.1X44-D20, and 12.1X45 before 12.1X45-D10 on SRX Series service gateways, when used as a UAC enforcer and captive portal is enabled, allows remote attackers to cause a denial of service (flowd crash) via a crafted HTTP message.
7.8 2013-07-11 CVE-2013-4688

flowd in Juniper Junos 10.4 before 10.4R11 on SRX devices, when the MSRPC Application Layer Gateway (ALG) is enabled, allows remote attackers to cause a denial of service (daemon crash) via crafted MSRPC requests, aka PR 772834.
7.8 2013-07-11 CVE-2013-4687

flowd in Juniper Junos 10.4 before 10.4S14, 11.2 and 11.4 before 11.4R6-S2, and 12.1 before 12.1R6 on SRX devices, when certain Application Layer Gateways (ALGs) are enabled, allows remote attackers to cause a denial of service (daemon crash) via crafted TCP packets, aka PRs 727980, 806269, and 835593.
10 2013-07-11 CVE-2013-4685

Buffer overflow in flowd in Juniper Junos 10.4 before 10.4S14, 11.4 before 11.4R7, 12.1 before 12.1R6, and 12.1X44 before 12.1X44-D15 on SRX devices, when Captive Portal is enabled with the UAC enforcer role, allows remote attackers to execute arbitrary code via crafted HTTP requests, aka PR 849100.
7.8 2013-07-11 CVE-2013-4684

flowd in Juniper Junos 10.4 before 10.4S14, 11.4 before 11.4R8, 12.1 before 12.1R7, and 12.1X44 before 12.1X44-D15 on SRX devices, when PIM and NAT are enabled, allows remote attackers to cause a denial of service (daemon crash) via crafted PIM packets, aka PR 842253.

CWE : Common Weakness Enumeration

%idName
80% (4) CWE-20 Improper Input Validation
20% (1) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

Information Assurance Vulnerability Management (IAVM)

id Description
2014-A-0108 Multiple Vulnerabilities in Juniper Junos OS
Severity: Category I - VMSKEY: V0053185
2014-A-0053 Multiple Vulnerabilities in Juniper Network JUNOS
Severity: Category I - VMSKEY: V0049589
2014-A-0003 Multiple Vulnerabilities in Juniper Networks JUNOS
Severity: Category I - VMSKEY: V0043408

Nessus® Vulnerability Scanner

id Description
2014-10-14 Name: The remote device is missing a vendor-supplied security patch.
File: juniper_jsa10650.nasl - Type: ACT_GATHER_INFO
2014-07-15 Name: The remote device is missing a vendor-supplied security patch.
File: juniper_jsa10633.nasl - Type: ACT_GATHER_INFO
2014-07-15 Name: The remote device is missing a vendor-supplied security patch.
File: juniper_jsa10635.nasl - Type: ACT_GATHER_INFO
2014-07-15 Name: The remote device is missing a vendor-supplied security patch.
File: juniper_jsa10641.nasl - Type: ACT_GATHER_INFO
2014-04-14 Name: The remote device is missing a vendor-supplied security patch.
File: juniper_jsa10620.nasl - Type: ACT_GATHER_INFO
2014-01-16 Name: The remote device is missing a vendor-supplied security patch.
File: juniper_jsa10610.nasl - Type: ACT_GATHER_INFO
2014-01-16 Name: The remote device is missing a vendor-supplied security patch.
File: juniper_jsa10611.nasl - Type: ACT_GATHER_INFO
2013-07-16 Name: The remote device is missing a vendor-supplied security patch.
File: juniper_jsa10573.nasl - Type: ACT_GATHER_INFO
2013-07-16 Name: The remote device is missing a vendor-supplied security patch.
File: juniper_jsa10574.nasl - Type: ACT_GATHER_INFO
2013-07-16 Name: The remote device is missing a vendor-supplied security patch.
File: juniper_jsa10577.nasl - Type: ACT_GATHER_INFO
2013-07-16 Name: The remote device is missing a vendor-supplied security patch.
File: juniper_jsa10578.nasl - Type: ACT_GATHER_INFO