VIR Vulnerability Intelligence Relay

CVE-2013-6014

critical
Published 2013-10-28 · Modified 2026-04-29
CVSS v3
9.3
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:H
VIR risk
9.3

Description

Juniper Junos 10.4 before 10.4S15, 11.4 before 11.4R9, 11.4X27 before 11.4X27.44, 12.1 before 12.1R7, 12.1X44 before 12.1X44-D20, 12.1X45 before 12.1X45-D15, 12.2 before 12.2R6, 12.3 before 12.3R3, 13.1 before 13.1R3, and 13.2 before 13.2R1, when Proxy ARP is enabled on an unnumbered interface, allows remote attackers to perform ARP poisoning attacks and possibly obtain sensitive information via a crafted ARP message.

Predictions

Exploit likelihood
85%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

References

CWEs

CWE-200

💬 Discuss CVE-2013-6014 on VIR Community →

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.