CVE-2013-7308

2014-01-2317:55:05

[email protected]

web.nvd.nist.gov

CVSS2

5.4

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.3

Confidence

Low

EPSS

0.003

Percentile

69.9%

JSON

The OSPF implementation on the D-Link DES-3810-28 switch with firmware R2.20.B017 does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149.

Affected configurations

Nvd

Node

dlinkdes-3810-28_firmwareMatchr2.20.b017

AND

dlinkdes-3810-28Match-

VendorProductVersionCPE
dlinkdes-3810-28_firmwarer2.20.b017cpe:2.3:o:dlink:des-3810-28_firmware:r2.20.b017:*:*:*:*:*:*:*
dlinkdes-3810-28-cpe:2.3:h:dlink:des-3810-28:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
dlink	des-3810-28_firmware	r2.20.b017	cpe:2.3:o:dlink:des-3810-28_firmware:r2.20.b017:::::::*
dlink	des-3810-28	-	cpe:2.3:h:dlink:des-3810-28:-:::::::*