OSPF Protocol Vulnerability in VMware NSX-V Edge
CVE-2017-4920

5.9MEDIUM

Key Information:

Vendor
Vmware
Vendor
CVE Published:
10 August 2017

Summary

The OSPF protocol implementation within VMware NSX-V Edge versions 6.2.x and 6.3.x has a significant issue when processing link-state advertisements (LSAs). This flaw allows a rogue LSA to be exploited, causing a loop or a loss of connectivity between routers as they continuously send LSAs to each other. This can lead to network instability and connectivity issues, affecting overall service reliability.

Affected Version(s)

NSX-V Edge 6.2.x prior to 6.2.8

NSX-V Edge 6.3.x prior to 6.3.3

References

CVSS V3.1

Score:
5.9
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.