CVE-2013-6014

Name of the Vulnerable Software and Affected Versions Juniper Junos versions 10.4 before 10.4S15 Juniper Junos versions 11.4 before 11.4R9 Juniper Junos versions 11.4X27 before 11.4X27.44 Juniper Junos versions 12.1 before 12.1R7 Juniper Junos versions 12.1X44 before 12.1X44-D20 Juniper Junos versions 12.1X45 before 12.1X45-D15 Juniper Junos versions 12.2 before 12.2R6 Juniper Junos versions 12.3 before 12.3R3 Juniper Junos versions 13.1 before 13.1R3 Juniper Junos versions 13.2 before 13.2R1

Description The issue allows remote attackers to perform ARP poisoning attacks and possibly obtain sensitive information via a crafted ARP message when Proxy ARP is enabled on an unnumbered interface.

Recommendations For Juniper Junos versions 10.4 before 10.4S15, update to version 10.4S15 or later. For Juniper Junos versions 11.4 before 11.4R9, update to version 11.4R9 or later. For Juniper Junos versions 11.4X27 before 11.4X27.44, update to version 11.4X27.44 or later. For Juniper Junos versions 12.1 before 12.1R7, update to version 12.1R7 or later. For Juniper Junos versions 12.1X44 before 12.1X44-D20, update to version 12.1X44-D20 or later. For Juniper Junos versions 12.1X45 before 12.1X45-D15, update to version 12.1X45-D15 or later. For Juniper Junos versions 12.2 before 12.2R6, update to version 12.2R6 or later. For Juniper Junos versions 12.3 before 12.3R3, update to version 12.3R3 or later. For Juniper Junos versions 13.1 before 13.1R3, update to version 13.1R3 or later. For Juniper Junos versions 13.2 before 13.2R1, update to version 13.2R1 or later.