MEDIUM🇵🇱 Wersja polska

CVE-2013-7309

CVSS 5.4v2.0pub. 2014-01-23upd. 2026-04-29

The OSPF implementation in Extreme Networks EXOS does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149.

CVSS Vector
AV:A/AC:M/Au:N/C:P/I:P/A:P
  • Extremenetworks Exos

    OS
    Extremenetworks
    wszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
DoS
CWE
References

Related vulnerabilities

CVE-2023-43119CRITICAL9.8ten sam produkt

An Access Control issue discovered in Extreme Networks Switch Engine (EXOS) before 32.5.1.5, also fixed in 22....

CVE-2023-43118HIGH8.8ten sam produkt

Cross Site Request Forgery (CSRF) vulnerability in Chalet application in Extreme Networks Switch Engine (EXOS)...

CVE-2023-43120HIGH8.8ten sam produkt

An issue discovered in Extreme Networks Switch Engine (EXOS) before 32.5.1.5, before 22.7 and before 31.7.1 al...

CVE-2023-43121HIGH7.5ten sam produkt

A Directory Traversal vulnerability discovered in Chalet application in Extreme Networks Switch Engine (EXOS) ...

CVE-2024-38292CRITICAL9.8PL ✓ten sam vendor

Path traversal w Extreme Networks XIQ-SE umożliwiający privilege escalation