CVE-2013-7306

Published: Jan 23, 2014Modified: Apr 29, 2026

5.4

Vector

AV:A/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 5.5 / Impact: 6.4

Source: NVD

Description

The OSPF implementation on Brocade routers does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149.

Affected (11)

Products: Brocade: Adx, Bigiron Rx, Fastiron, Icx, Mlx, Netiron Cer, Netiron Ces, Netiron Xmr, Turboiron, Vdx, Vyatta

11 products

Configuration A

11 vulnerable

Vulnerable Software	Affected Versions
Brocade Adx	All versions
Brocade Bigiron Rx	All versions
Brocade Fastiron	All versions
Brocade Icx	All versions
Brocade Mlx	All versions
Brocade Netiron Cer	All versions
Brocade Netiron Ces	All versions
Brocade Netiron Xmr	All versions
Brocade Turboiron	All versions
Brocade Vdx	All versions
Brocade Vyatta	All versions

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (4)

http://www.kb.cert.org/vuls/id/229804

Source: cve@mitre.org

Third Party AdvisoryUS Government Resource

http://www.kb.cert.org/vuls/id/BLUU-98MS25

Source: cve@mitre.org

http://www.kb.cert.org/vuls/id/229804

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government Resource

http://www.kb.cert.org/vuls/id/BLUU-98MS25

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.