Lucene search

[email protected]CVE-2013-7310

HistoryOct 03, 2022 - 4:14 p.m.

CVE-2013-7310

2022-10-0316:14:53

[email protected]

web.nvd.nist.gov

yamaha routers

ospf

implementation

vulnerability

denial of service

routing disruption

sensitive packet information

nvd

cve-2013-7310

cve-2013-0149

5.4 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:M/Au:N/C:P/I:P/A:P

6.3 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

56.7%

JSON

The OSPF implementation on Yamaha routers does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149.

Affected configurations

NVD

Node

yamahafwx120Match-

yamahart105Match-

yamahart107eMatch-

yamahart140Match-

yamahart250iMatch-

yamahart300iMatch-

yamahartx1000Match-

yamahartx1100Match-

yamahartx1200Match-

yamahartx1500Match-

yamahartx2000Match-

yamahartx3000Match-

yamahartx810Match-

yamahasrt100Match-

CPENameOperatorVersion
yamaha:fwx120yamaha fwx120eq-
yamaha:rt105yamaha rt105eq-
yamaha:rt107eyamaha rt107eeq-
yamaha:rt140yamaha rt140eq-
yamaha:rt250iyamaha rt250ieq-
yamaha:rt300iyamaha rt300ieq-
yamaha:rtx1000yamaha rtx1000eq-
yamaha:rtx1100yamaha rtx1100eq-
yamaha:rtx1200yamaha rtx1200eq-
yamaha:rtx1500yamaha rtx1500eq-

CPE	Name	Operator	Version
yamaha:fwx120	yamaha fwx120	eq	-
yamaha:rt105	yamaha rt105	eq	-
yamaha:rt107e	yamaha rt107e	eq	-
yamaha:rt140	yamaha rt140	eq	-
yamaha:rt250i	yamaha rt250i	eq	-
yamaha:rt300i	yamaha rt300i	eq	-
yamaha:rtx1000	yamaha rtx1000	eq	-
yamaha:rtx1100	yamaha rtx1100	eq	-
yamaha:rtx1200	yamaha rtx1200	eq	-
yamaha:rtx1500	yamaha rtx1500	eq	-