CVE-2013-6014 Information

Description

Juniper Junos 10.4 before 10.4S15 11.4 before 11.4R9 11.4X27 before 11.4X27.44 12.1 before 12.1R7 12.1X44 before 12.1X44-D20 12.1X45 before 12.1X45-D15 12.2 before 12.2R6 12.3 before 12.3R3 13.1 before 13.1R3 and 13.2 before 13.2R1 when Proxy ARP is enabled on an unnumbered interface allows remote attackers to perform ARP poisoning attacks and possibly obtain sensitive information via a crafted ARP message.

CVSS Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:H

Reference

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10595

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

CHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

HIGH

Base Severity

9.3