CVE-2013-3595 — MEDIUM (6.8)

Vulnerability Description

The OpenManage web application 2.5 build 1.19 on Dell PowerConnect 3348 1.2.1.3, 3524p 2.0.0.48, and 5324 2.0.1.4 switches allows remote authenticated users to cause a denial of service (device reset) via a direct request to an unspecified OSPF URL.

CVSS Score

6.8

MEDIUM

AV:N/AC:L/Au:S/C:N/I:N/A:C

Confidentiality

NONE

Integrity

NONE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Dell	Powerconnect 3348	1.2.1.3
Dell	Powerconnect 3524P	2.0.0.48
Dell	Powerconnect 5324	2.0.1.4

Related Weaknesses (CWE)

CWE-20

References

http://www.kb.cert.org/vuls/id/122582Third Party AdvisoryUS Government Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/90597
http://www.kb.cert.org/vuls/id/122582Third Party AdvisoryUS Government Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/90597

FAQ

What is CVE-2013-3595?

CVE-2013-3595 is a vulnerability with a CVSS score of 6.8 (MEDIUM). The OpenManage web application 2.5 build 1.19 on Dell PowerConnect 3348 1.2.1.3, 3524p 2.0.0.48, and 5324 2.0.1.4 switches allows remote authenticated users to cause a denial of service (device reset)...

How severe is CVE-2013-3595?

CVE-2013-3595 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2013-3595?

Check the references section above for vendor advisories and patch information. Affected products include: Dell Powerconnect 3348, Dell Powerconnect 3524P, Dell Powerconnect 5324.