CyberSec.Space Logo
返回 CVE 浏览器

CVE-2013-4685

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1740%
EPSS Percentile21.95th
Published2013年7月11日
Last Modified2026年4月29日

Vulnerability Description

Buffer overflow in flowd in Juniper Junos 10.4 before 10.4S14, 11.4 before 11.4R7, 12.1 before 12.1R6, and 12.1X44 before 12.1X44-D15 on SRX devices, when Captive Portal is enabled with the UAC enforcer role, allows remote attackers to execute arbitrary code via crafted HTTP requests, aka PR 849100.

Affected Platforms (CPE)

💻
Juniper

Junos

= 10.4
💻
Juniper

Junos

= 11.4
💻
Juniper

Junos

= 12.1
💻
Juniper

Junos

= 12.1x44
🔌
Juniper

Srx100

All versions
🔌
Juniper

Srx110

All versions
🔌
Juniper

Srx1400

All versions
🔌
Juniper

Srx210

All versions
🔌
Juniper

Srx220

All versions
🔌
Juniper

Srx240

All versions
🔌
Juniper

Srx3400

All versions
🔌
Juniper

Srx3600

All versions
🔌
Juniper

Srx550

All versions
🔌
Juniper

Srx5600

All versions
🔌
Juniper

Srx5800

All versions
🔌
Juniper

Srx650

All versions

References & Advisories

🔗 http://kb.juniper.net/JSA10574
🔗 http://osvdb.org/95108
🔗 http://www.securityfocus.com/bid/61125
🔗 http://kb.juniper.net/JSA10574
🔗 http://osvdb.org/95108
🔗 http://www.securityfocus.com/bid/61125

相关漏洞威胁

CVE-2021-024810.0

This issue is not applicable to NFX NextGen Software. On NFX Series devices the use of Hard-coded Credentials in Juniper Networks ...

CVE-2014-341210.0

Unspecified vulnerability in Juniper Junos Space before 13.3R1.8, when the firewall in disabled, allows remote attackers to execut...

CVE-2021-021110.0

An improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved Routing Protocol Daemon ...

CVE-2017-234310.0

The Integrated User Firewall (UserFW) feature was introduced in Junos OS version 12.1X47-D10 on the Juniper SRX Series devices to ...