Rapid7 Vulnerability & Exploit Database

Juniper Junos OS: Security issue with Proxy ARP enabled on unnumbered interface (JSA10595) (CVE-2013-6014)

Back to Search

Juniper Junos OS: Security issue with Proxy ARP enabled on unnumbered interface (JSA10595) (CVE-2013-6014)

Severity
6
CVSS
(AV:A/AC:L/Au:N/C:N/I:C/A:N)
Published
10/28/2013
Created
07/25/2018
Added
05/07/2014
Modified
10/01/2019

Description

Juniper Junos 10.4 before 10.4S15, 11.4 before 11.4R9, 11.4X27 before 11.4X27.44, 12.1 before 12.1R7, 12.1X44 before 12.1X44-D20, 12.1X45 before 12.1X45-D15, 12.2 before 12.2R6, 12.3 before 12.3R3, 13.1 before 13.1R3, and 13.2 before 13.2R1, when Proxy ARP is enabled on an unnumbered interface, allows remote attackers to perform ARP poisoning attacks and possibly obtain sensitive information via a crafted ARP message.

Solution(s)

  • juniper-junos-os-upgrade-latest

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;