Lucene search

[email protected]CVE-2013-7309

HistoryJan 23, 2014 - 5:55 p.m.

CVE-2013-7309

2014-01-2317:55:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

extreme networks

exos

ospf

cve-2013-7309

denial of service

routing disruption

sensitive packet information

6.3 Medium

AI Score

Confidence

Low

5.4 Medium

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:M/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

51.5%

JSON

The OSPF implementation in Extreme Networks EXOS does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149.

CPENameOperatorVersion
extremenetworks:exosextremenetworks exoseq-

CPE	Name	Operator	Version
extremenetworks:exos	extremenetworks exos	eq	-

References

www.kb.cert.org/vuls/id/229804

www.kb.cert.org/vuls/id/BLUU-985QSE

6.3 Medium

AI Score

Confidence

Low

5.4 Medium

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:M/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

51.5%

JSON

Related for CVE-2013-7309

cvelist12 prion12 debiancve1 nessus8 cert1 securityvulns2 cisco1 ibm2 cve11 checkpoint_advisories1 openvas3 checkpoint_security1 oracle1