CVE-2017-3752 Information

Description

An industry-wide vulnerability has been identified in the implementation of the Open Shortest Path First (OSPF) routing protocol used on some Lenovo switches. Exploitation of these implementation flaws may result in attackers being able to erase or alter the routing tables of one or many routers switches or other devices that support OSPF within a routing domain.

CVSS Vector

CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:H

Reference

http://www.securityfocus.com/bid/99995 https://support.lenovo.com/us/en/product_security/LEN-14078

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

CHANGED

Integrity Impact

LOW

Availability Impact

HIGH

Base Score

HIGH

Base Severity

8.2