What is the severity of CVE-2014-6382?

CVE-2014-6382 is classified as a high severity vulnerability that allows remote attackers to cause a denial of service.

How do I fix CVE-2014-6382?

To fix CVE-2014-6382, upgrade your Junos version to 13.3R6, 14.1R4, 14.1X50-D70 or 14.2R2 or later.

Which devices are affected by CVE-2014-6382?

The affected devices are Juniper MX Series routers running Junos versions 13.3R3 through 14.2R1.

What type of attack does CVE-2014-6382 enable?

CVE-2014-6382 enables remote denial of service attacks that can crash and restart the jpppd service.

Is CVE-2014-6382 related to specific Junos configurations?

Yes, CVE-2014-6382 occurs when Juniper MX Series routers are configured as broadband edge (BBE) routers.

Vulnerability/
CVE-2014-6382

high

7.1

CWE

16/1/2015

6/8/2024

CVE-2014-6382: Input Validation

First published: Fri Jan 16 2015(Updated: )

The Juniper MX Series routers with Junos 13.3R3 through 13.3Rx before 13.3R6, 14.1 before 14.1R4, 14.1X50 before 14.1X50-D70, and 14.2 before 14.2R2, when configured as a broadband edge (BBE) router, allows remote attackers to cause a denial of service (jpppd crash and restart) by sending a crafted PAP Authenticate-Request after the PPPoE Discovery and LCP phase are complete.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Junos OS Evolved	=13.3-r3
Junos OS Evolved	=13.3-r4
Junos OS Evolved	=13.3-r5
Junos OS Evolved	=14.1
Junos OS Evolved	=14.1-r1
Junos OS Evolved	=14.1-r2
Junos OS Evolved	=14.1-r3
Junos OS Evolved	=14.2
Junos OS Evolved	=14.2-r1
Juniper MX10
Juniper MX104
Juniper MX2010
Juniper MX2020
Juniper MX240
Juniper MX40
Juniper MX480
Juniper MX80
Juniper MX960
Juniper vMX

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-6382?
CVE-2014-6382 is classified as a high severity vulnerability that allows remote attackers to cause a denial of service.
How do I fix CVE-2014-6382?
To fix CVE-2014-6382, upgrade your Junos version to 13.3R6, 14.1R4, 14.1X50-D70 or 14.2R2 or later.
Which devices are affected by CVE-2014-6382?
The affected devices are Juniper MX Series routers running Junos versions 13.3R3 through 14.2R1.
What type of attack does CVE-2014-6382 enable?
CVE-2014-6382 enables remote denial of service attacks that can crash and restart the jpppd service.
Is CVE-2014-6382 related to specific Junos configurations?
Yes, CVE-2014-6382 occurs when Juniper MX Series routers are configured as broadband edge (BBE) routers.

agent/type
agent/references
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/weakness
agent/author
agent/severity
agent/first-publish-date
agent/event
agent/description
agent/source
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
vendor/juniper
canonical/junos os evolved
version/junos os evolved/13.3-r3
version/junos os evolved/13.3-r4
version/junos os evolved/13.3-r5
version/junos os evolved/14.1
version/junos os evolved/14.1-r1
version/junos os evolved/14.1-r2
version/junos os evolved/14.1-r3
version/junos os evolved/14.2
version/junos os evolved/14.2-r1
canonical/juniper mx10
canonical/juniper mx104
canonical/juniper mx2010
canonical/juniper mx2020
canonical/juniper mx240
canonical/juniper mx40
canonical/juniper mx480
canonical/juniper mx80
canonical/juniper mx960
canonical/juniper vmx

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.