OSPF Protocol Vulnerability in VMware NSX-V Edge
CVE-2017-4920
5.9MEDIUM
Summary
The OSPF protocol implementation within VMware NSX-V Edge versions 6.2.x and 6.3.x has a significant issue when processing link-state advertisements (LSAs). This flaw allows a rogue LSA to be exploited, causing a loop or a loss of connectivity between routers as they continuously send LSAs to each other. This can lead to network instability and connectivity issues, affecting overall service reliability.
Affected Version(s)
NSX-V Edge 6.2.x prior to 6.2.8
NSX-V Edge 6.3.x prior to 6.3.3
References
CVSS V3.1
Score:
5.9
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved