5.4

CVE-2013-7312

EPSS 1.08%
Published 23.01.2014 17:55:05
Last modified 11.04.2025 00:51:21
Source cve@mitre.org
Teams watchlist Login
Open Login

The OSPF implementation on Enterasys switches and routers does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149.

Affected products Warnungen 0 Metrics 2 CWE 0 References 7

Data is provided by the National Vulnerability Database (NVD)

Enterasys ≫ C5 Version-

Enterasys ≫ G3 Version-

Enterasys ≫ K10 Version-

Enterasys ≫ K6 Version-

Enterasys ≫ S130 Version-

Enterasys ≫ S140 Version-

Enterasys ≫ S150 Version-

Enterasys ≫ S155 Version-

Enterasys ≫ S180 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	1.08%	0.771

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.4	5.5	6.4	AV:A/AC:M/Au:N/C:P/I:P/A:P

http://www.kb.cert.org/vuls/id/229804

US Government Resource

http://www.kb.cert.org/vuls/id/BLUU-985QS8

US Government Resource

https://community.enterasys.com/enterasys/topics/ensrt_product_advisory_vu_229804_ospf_lsa_lookup_identifers-il4n3

https://cp-enterasys.kb.net/article.aspx?article=15134&p=1

https://nvd.nist.gov/vuln/detail/CVE-2013-7312

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2013-7312

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2013-7312

EUVD