CVE-2013-7311

2022-10-0316:14:53

[email protected]

web.nvd.nist.gov

check point

gaia

ospf

ipso

r75.x

r76

cve-2013-7311

denial of service

routing disruption

sensitive packet information

5.4 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:M/Au:N/C:P/I:P/A:P

6.3 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

55.6%

JSON

The OSPF implementation in Check Point Gaia OS R75.X and R76 and IPSO OS 6.2 R75.X and R76 does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149.

Affected configurations

NVD

Node

checkpointgaia_osMatchr75.0

checkpointgaia_osMatchr76.0

checkpointipso_osMatch6.2

CPENameOperatorVersion
checkpoint:gaia_oscheckpoint gaia oseqr75.0
checkpoint:gaia_oscheckpoint gaia oseqr76.0
checkpoint:ipso_oscheckpoint ipso oseq6.2