CVE-2013-6014
Description
Juniper Junos 10.4 before 10.4S15, 11.4 before 11.4R9, 11.4X27 before 11.4X27.44, 12.1 before 12.1R7, 12.1X44 before 12.1X44-D20, 12.1X45 before 12.1X45-D15, 12.2 before 12.2R6, 12.3 before 12.3R3, 13.1 before 13.1R3, and 13.2 before 13.2R1, when Proxy ARP is enabled on an unnumbered interface, allows remote attackers to perform ARP poisoning attacks and possibly obtain sensitive information via a crafted ARP message.
Risk Information
Base Score
9.3
MODERATE
Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:H
EPSS Score
Exploitation Probability
0.485
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2013-6014,CVE-2014-0617 are fixed in junos 10.4s15 | NCM |
| Vulnerabilities CVE-2013-6014,CVE-2014-0617,CVE-2014-2714 are fixed in junos 11.4r9 | NCM |
| Multiple Vulnerabilities are fixed in junos 12.1r7 | NCM |
| Vulnerabilities CVE-2013-6014 are fixed in junos 12.2r6 | NCM |
| Vulnerabilities CVE-2013-6014 are fixed in junos 12.3r3 | NCM |
| Vulnerabilities CVE-2013-4689,CVE-2013-6014 are fixed in junos 13.1r3 | NCM |
| Vulnerabilities CVE-2013-6014,CVE-2014-6386 are fixed in junos 13.2r1 | NCM |
| Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-6014) | NCM |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234