CVE-2013-6014Sensitive Information Exposure in Juniper Junos

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
9.3CRITICALNVD
EPSS
0.5%
top 34.81%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper JunosJuniper Junos OS
Timeline
PublishedOct 28
Latest updateMay 13

Description

Juniper Junos 10.4 before 10.4S15, 11.4 before 11.4R9, 11.4X27 before 11.4X27.44, 12.1 before 12.1R7, 12.1X44 before 12.1X44-D20, 12.1X45 before 12.1X45-D15, 12.2 before 12.2R6, 12.3 before 12.3R3, 13.1 before 13.1R3, and 13.2 before 13.2R1, when Proxy ARP is enabled on an unnumbered interface, allows remote attackers to perform ARP poisoning attacks and possibly obtain sensitive information via a crafted ARP message.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:HExploitability: 2.8 | Impact: 5.8

Affected Packages2 packages

NVDjuniper/junos10 versions+9

🔴Vulnerability Details

1
GHSA
GHSA-xhh5-q96h-2g92: Juniper Junos 102022-05-13

📋Vendor Advisories

1
Juniper
CVE-2013-6014: Juniper Junos 10.4 before 10.4S15, 11.4 before 11.4R9, 11.4X27 before 11.4X27.44, 12.1 before 12.1R7, 12.1X44 before 12.1X44-D20, 12.1X45 before 12.1X2013-10-28