CVE-2013-4806
HP/H3C Routers and Switches OSPF - Duplicate LSA Denial of Service
Title source: manualDescription
The OSPF implementation on HP JD9##A routers; HP J4###A, J484#B, J8###A, JD3##A, JE###A, and JF55#A switches; HP 3COM routers and switches; and HP H3C routers and switches does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote authenticated users to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149.
References (2)
Core 2
Core References
Vendor Advisory vendor-advisory
x_refsource_hp
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03880910
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/229804
Scores
EPSS
0.0024
EPSS Percentile
47.5%
Details
Status
published
Products (27)
hp/3com_router
3012
hp/3com_router
3018
hp/3com_router
5012
hp/3com_router
5232
hp/3com_router
5642
hp/3com_router
5642_taa
hp/3com_router
5682
hp/5500-24g-4sfp_hi_switch_with_2_interface_slots
jg311a
hp/5500-24g-poe_ei_switch
jd378a
hp/5500-24g-poe_si_switch
jd371a
... and 17 more
Published
Aug 12, 2013
Tracked Since
Feb 18, 2026