Vulnerability Details CVE-2013-4685
Buffer overflow in flowd in Juniper Junos 10.4 before 10.4S14, 11.4 before 11.4R7, 12.1 before 12.1R6, and 12.1X44 before 12.1X44-D15 on SRX devices, when Captive Portal is enabled with the UAC enforcer role, allows remote attackers to execute arbitrary code via crafted HTTP requests, aka PR 849100.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.094
EPSS Ranking 92.4%
CVSS Severity
CVSS v2 Score 10.0
References
Products affected by CVE-2013-4685
-
cpe:2.3:h:juniper:srx100:-
-
cpe:2.3:h:juniper:srx110:-
-
cpe:2.3:h:juniper:srx1400:-
-
cpe:2.3:h:juniper:srx210:-
-
cpe:2.3:h:juniper:srx220:-
-
cpe:2.3:h:juniper:srx240:-
-
cpe:2.3:h:juniper:srx3400:-
-
cpe:2.3:h:juniper:srx3600:-
-
cpe:2.3:h:juniper:srx550:-
-
cpe:2.3:h:juniper:srx5600:-
-
cpe:2.3:h:juniper:srx5800:-
-
cpe:2.3:h:juniper:srx650:-
-
cpe:2.3:o:juniper:junos:10.4
-
cpe:2.3:o:juniper:junos:11.4
-
cpe:2.3:o:juniper:junos:12.1
-
cpe:2.3:o:juniper:junos:12.1x44