Description
The Juniper MX Series routers with Junos 13.3R3 through 13.3Rx before 13.3R6, 14.1 before 14.1R4, 14.1X50 before 14.1X50-D70, and 14.2 before 14.2R2, when configured as a broadband edge (BBE) router, allows remote attackers to cause a denial of service (jpppd crash and restart) by sending a crafted PAP Authenticate-Request after the PPPoE Discovery and LCP phase are complete.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/72070
Vendor Advisory x_refsource_confirm
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10665
Scores
EPSS
0.0046
EPSS Percentile
64.3%
Details
CWE
CWE-20
Status
published
Products (3)
juniper/junos
13.3 r3 (3 CPE variants)
juniper/junos
14.1 (4 CPE variants)
juniper/junos
14.2 (2 CPE variants)
Published
Jan 16, 2015
Tracked Since
Feb 18, 2026