CVE-2013-6014

Juniper Junos 10.4 before 10.4S15, 11.4 before 11.4R9, 11.4X27 before 11.4X27.44, 12.1 before 12.1R7, 12.1X44 before 12.1X44-D20, 12.1X45 before 12.1X45-D15, 12.2 before 12.2R6, 12.3 before 12.3R3, 13.1 before 13.1R3, and 13.2 before 13.2R1, when Proxy ARP is enabled on an unnumbered interface, allows remote attackers to perform ARP poisoning attacks and possibly obtain sensitive information via a crafted ARP message.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.3 CRITICAL
ADJACENT_NETWORK
LOW
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 64%
VendorProductVersion
juniperjunos
10.4
juniperjunos
11.4
juniperjunos
11.4x27:x27
juniperjunos
12.1
juniperjunos
12.1x44:x44
juniperjunos
12.1x45:x45
juniperjunos
12.2
juniperjunos
12.3
juniperjunos
13.1
juniperjunos
13.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10595
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10595