1. Home
  2. CVE Database
  3. CVE-2013-7314
MEDIUM · 6.8

CVE-2013-7314

The OSPF implementation on NEC IP38X, IX1000, IX2000, and IX3000 routers does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing...

Vulnerability Description

The OSPF implementation on NEC IP38X, IX1000, IX2000, and IX3000 routers does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149.

CVSS Score

6.8

MEDIUM

AV:N/AC:M/Au:N/C:P/I:P/A:P
Confidentiality
PARTIAL
Integrity
PARTIAL
Availability
PARTIAL

Affected Products

VendorProductVersions
NecIp38X 1000-
NecIp38X 105-
NecIp38X 107E-
NecIp38X 1100-
NecIp38X 1200-
NecIp38X 140-
NecIp38X 1500-
NecIp38X 2000-
NecIp38X 250I-
NecIp38X 300-
NecIp38X 3000-
NecIp38X 810-

References

FAQ

What is CVE-2013-7314?

CVE-2013-7314 is a vulnerability with a CVSS score of 6.8 (MEDIUM). The OSPF implementation on NEC IP38X, IX1000, IX2000, and IX3000 routers does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing...

How severe is CVE-2013-7314?

CVE-2013-7314 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2013-7314?

Check the references section above for vendor advisories and patch information. Affected products include: Nec Ip38X 1000, Nec Ip38X 105, Nec Ip38X 107E, Nec Ip38X 1100, Nec Ip38X 1200.