CVE-2013-4688

high

Published 2013-07-11 · Modified 2026-04-29

CVSS v3

—

CVSS v2

7.8

VIR risk

7.8

Description

flowd in Juniper Junos 10.4 before 10.4R11 on SRX devices, when the MSRPC Application Layer Gateway (ALG) is enabled, allows remote attackers to cause a denial of service (daemon crash) via crafted MSRPC requests, aka PR 772834.

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — http://kb.juniper.net/JSA10578

References

http://kb.juniper.net/JSA10578
http://www.securityfocus.com/bid/61124
http://kb.juniper.net/JSA10578
http://www.securityfocus.com/bid/61124

Verify integrity in audit chain (admin only). AS-IS.