1. CVE-Search
  2. CVE-2013-4806
ID CVE-2013-4806
Summary The OSPF implementation on HP JD9##A routers; HP J4###A, J484#B, J8###A, JD3##A, JE###A, and JF55#A switches; HP 3COM routers and switches; and HP H3C routers and switches does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote authenticated users to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149.
References
Vulnerable Configurations
  • cpe:2.3:h:hp:3com_router:3012:*:*:*:*:*:*:*
    cpe:2.3:h:hp:3com_router:3012:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:3com_router:3018:*:*:*:*:*:*:*
    cpe:2.3:h:hp:3com_router:3018:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:3com_router:5012:*:*:*:*:*:*:*
    cpe:2.3:h:hp:3com_router:5012:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:3com_router:5232:*:*:*:*:*:*:*
    cpe:2.3:h:hp:3com_router:5232:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:3com_router:5642:*:*:*:*:*:*:*
    cpe:2.3:h:hp:3com_router:5642:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:3com_router:5642_taa:*:*:*:*:*:*:*
    cpe:2.3:h:hp:3com_router:5642_taa:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:3com_router:5682:*:*:*:*:*:*:*
    cpe:2.3:h:hp:3com_router:5682:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:5500-24g-4sfp_hi_switch_with_2_interface_slots:jg311a:*:*:*:*:*:*:*
    cpe:2.3:h:hp:5500-24g-4sfp_hi_switch_with_2_interface_slots:jg311a:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:5500-24g-poe_ei_switch:jd378a:*:*:*:*:*:*:*
    cpe:2.3:h:hp:5500-24g-poe_ei_switch:jd378a:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:5500-24g-poe_si_switch:jd371a:*:*:*:*:*:*:*
    cpe:2.3:h:hp:5500-24g-poe_si_switch:jd371a:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:5500-24g-sfp_dc_ei_switch:jd379a:*:*:*:*:*:*:*
    cpe:2.3:h:hp:5500-24g-sfp_dc_ei_switch:jd379a:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:5500-24g-sfp_ei_switch:jd374a:*:*:*:*:*:*:*
    cpe:2.3:h:hp:5500-24g-sfp_ei_switch:jd374a:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:5500-24g_dc_ei_switch:jd373a:*:*:*:*:*:*:*
    cpe:2.3:h:hp:5500-24g_dc_ei_switch:jd373a:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:5500-24g_ei_switch:jd377a:*:*:*:*:*:*:*
    cpe:2.3:h:hp:5500-24g_ei_switch:jd377a:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:5500-24g_si_switch:jd369a:*:*:*:*:*:*:*
    cpe:2.3:h:hp:5500-24g_si_switch:jd369a:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:5500-48g-poe_ei_switch:jd376a:*:*:*:*:*:*:*
    cpe:2.3:h:hp:5500-48g-poe_ei_switch:jd376a:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:5500-48g-poe_si_switch:jd372a:*:*:*:*:*:*:*
    cpe:2.3:h:hp:5500-48g-poe_si_switch:jd372a:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:5500-48g_ei_switch:jd375a:*:*:*:*:*:*:*
    cpe:2.3:h:hp:5500-48g_ei_switch:jd375a:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:5500-48g_si_switch:jd370a:*:*:*:*:*:*:*
    cpe:2.3:h:hp:5500-48g_si_switch:jd370a:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:5500g-24_ei_10\/100\/1000_no_power_supply_unit_switch:jf551a:*:*:*:*:*:*:*
    cpe:2.3:h:hp:5500g-24_ei_10\/100\/1000_no_power_supply_unit_switch:jf551a:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:5500g-24_ei_sfp_no_power_supply_unit_switch:jf553a:*:*:*:*:*:*:*
    cpe:2.3:h:hp:5500g-24_ei_sfp_no_power_supply_unit_switch:jf553a:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:5500g-48_ei_10\/100\/1000_no_power_supply_unit_switch:jf552a:*:*:*:*:*:*:*
    cpe:2.3:h:hp:5500g-48_ei_10\/100\/1000_no_power_supply_unit_switch:jf552a:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:h3c_ethernet_switch:s5600-26c:*:*:*:*:*:*:*
    cpe:2.3:h:hp:h3c_ethernet_switch:s5600-26c:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:h3c_ethernet_switch:s5600-26c-pwr:*:*:*:*:*:*:*
    cpe:2.3:h:hp:h3c_ethernet_switch:s5600-26c-pwr:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:h3c_ethernet_switch:s5600-26f:*:*:*:*:*:*:*
    cpe:2.3:h:hp:h3c_ethernet_switch:s5600-26f:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:h3c_ethernet_switch:s5600-50c:*:*:*:*:*:*:*
    cpe:2.3:h:hp:h3c_ethernet_switch:s5600-50c:*:*:*:*:*:*:*
  • cpe:2.3:h:hp:h3c_ethernet_switch:s5600-50c-pwr:*:*:*:*:*:*:*
    cpe:2.3:h:hp:h3c_ethernet_switch:s5600-50c-pwr:*:*:*:*:*:*:*
CVSS
Base: 7.0 (as of 04-01-2014 - 04:49)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM SINGLE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:S/C:P/I:N/A:C
refmap via4
cert-vn VU#229804
hp
  • HPSBHF02912
  • SSRT101224
Last major update 04-01-2014 - 04:49
Published 12-08-2013 - 10:58
Last modified 04-01-2014 - 04:49
Back to Top