Lucene search

[email protected]CVE-2013-7307

HistoryOct 03, 2022 - 4:14 p.m.

CVE-2013-7307

2022-10-0316:14:53

[email protected]

web.nvd.nist.gov

brocade

vyatta

vrouter

ospf

implementation

denial of service

sensitive information

lsa packet

routing disruption

cve-2013-7307

5.4 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:M/Au:N/C:P/I:P/A:P

6.3 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

55.9%

JSON

The OSPF implementation on the Brocade Vyatta vRouter with software before 6.6R1 does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149.

Affected configurations

NVD

Node

brocadevyatta_vrouter_softwareRange≤6.6

AND

brocadevyatta_vrouterMatch-

CPENameOperatorVersion
brocade:vyatta_vrouter_softwarebrocade vyatta vrouter softwarele6.6
brocade:vyatta_vrouterbrocade vyatta vroutereq-

CPE	Name	Operator	Version
brocade:vyatta_vrouter_software	brocade vyatta vrouter software	le	6.6
brocade:vyatta_vrouter	brocade vyatta vrouter	eq	-

References

www.kb.cert.org/vuls/id/229804

www.kb.cert.org/vuls/id/BLUU-97KQ2C

5.4 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:M/Au:N/C:P/I:P/A:P

6.3 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

55.9%

JSON

Related for CVE-2013-7307

cvelist12 nvd12 prion12 cve11 nessus8 ibm2 openvas3 checkpoint_advisories1 debiancve1 cert1 cisco1 securityvulns2 checkpoint_security1 oracle1