CVE-2013-4806

The OSPF implementation on HP JD9##A routers; HP J4###A, J484#B, J8###A, JD3##A, JE###A, and JF55#A switches; HP 3COM routers and switches; and HP H3C routers and switches does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote authenticated users to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149.
Configurations

Configuration 1 (hide)

OR cpe:2.3:h:hp:3com_router:3012:*:*:*:*:*:*:*
cpe:2.3:h:hp:3com_router:3018:*:*:*:*:*:*:*
cpe:2.3:h:hp:3com_router:5012:*:*:*:*:*:*:*
cpe:2.3:h:hp:3com_router:5232:*:*:*:*:*:*:*
cpe:2.3:h:hp:3com_router:5642:*:*:*:*:*:*:*
cpe:2.3:h:hp:3com_router:5642_taa:*:*:*:*:*:*:*
cpe:2.3:h:hp:3com_router:5682:*:*:*:*:*:*:*
cpe:2.3:h:hp:5500-24g-4sfp_hi_switch_with_2_interface_slots:jg311a:*:*:*:*:*:*:*
cpe:2.3:h:hp:5500-24g-poe_ei_switch:jd378a:*:*:*:*:*:*:*
cpe:2.3:h:hp:5500-24g-poe_si_switch:jd371a:*:*:*:*:*:*:*
cpe:2.3:h:hp:5500-24g-sfp_dc_ei_switch:jd379a:*:*:*:*:*:*:*
cpe:2.3:h:hp:5500-24g-sfp_ei_switch:jd374a:*:*:*:*:*:*:*
cpe:2.3:h:hp:5500-24g_dc_ei_switch:jd373a:*:*:*:*:*:*:*
cpe:2.3:h:hp:5500-24g_ei_switch:jd377a:*:*:*:*:*:*:*
cpe:2.3:h:hp:5500-24g_si_switch:jd369a:*:*:*:*:*:*:*
cpe:2.3:h:hp:5500-48g-poe_ei_switch:jd376a:*:*:*:*:*:*:*
cpe:2.3:h:hp:5500-48g-poe_si_switch:jd372a:*:*:*:*:*:*:*
cpe:2.3:h:hp:5500-48g_ei_switch:jd375a:*:*:*:*:*:*:*
cpe:2.3:h:hp:5500-48g_si_switch:jd370a:*:*:*:*:*:*:*
cpe:2.3:h:hp:5500g-24_ei_10\/100\/1000_no_power_supply_unit_switch:jf551a:*:*:*:*:*:*:*
cpe:2.3:h:hp:5500g-24_ei_sfp_no_power_supply_unit_switch:jf553a:*:*:*:*:*:*:*
cpe:2.3:h:hp:5500g-48_ei_10\/100\/1000_no_power_supply_unit_switch:jf552a:*:*:*:*:*:*:*
cpe:2.3:h:hp:h3c_ethernet_switch:s5600-26c:*:*:*:*:*:*:*
cpe:2.3:h:hp:h3c_ethernet_switch:s5600-26c-pwr:*:*:*:*:*:*:*
cpe:2.3:h:hp:h3c_ethernet_switch:s5600-26f:*:*:*:*:*:*:*
cpe:2.3:h:hp:h3c_ethernet_switch:s5600-50c:*:*:*:*:*:*:*
cpe:2.3:h:hp:h3c_ethernet_switch:s5600-50c-pwr:*:*:*:*:*:*:*

History

21 Nov 2024, 01:56

Type Values Removed Values Added
References () http://www.kb.cert.org/vuls/id/229804 - US Government Resource () http://www.kb.cert.org/vuls/id/229804 - US Government Resource
References () https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03880910 - Vendor Advisory () https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03880910 - Vendor Advisory

Information

Published : 2013-08-12 10:58

Updated : 2024-11-21 01:56


NVD link : CVE-2013-4806

Mitre link : CVE-2013-4806

CVE.ORG link : CVE-2013-4806


JSON object : View

Products Affected

hp

  • 5500g-24_ei_10\/100\/1000_no_power_supply_unit_switch
  • 5500-48g_ei_switch
  • 5500g-48_ei_10\/100\/1000_no_power_supply_unit_switch
  • 5500g-24_ei_sfp_no_power_supply_unit_switch
  • 5500-24g-sfp_dc_ei_switch
  • 3com_router
  • 5500-24g-poe_ei_switch
  • 5500-24g-sfp_ei_switch
  • 5500-24g_ei_switch
  • 5500-24g_si_switch
  • 5500-48g-poe_ei_switch
  • 5500-24g-4sfp_hi_switch_with_2_interface_slots
  • 5500-48g-poe_si_switch
  • 5500-24g-poe_si_switch
  • 5500-24g_dc_ei_switch
  • 5500-48g_si_switch
  • h3c_ethernet_switch