CVE-2017-3752
Severity Score
8.2
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
An industry-wide vulnerability has been identified in the implementation of the Open Shortest Path First (OSPF) routing protocol used on some Lenovo switches. Exploitation of these implementation flaws may result in attackers being able to erase or alter the routing tables of one or many routers, switches, or other devices that support OSPF within a routing domain.
Se ha identificado una vulnerabilidad que afecta a toda la industria en la implementación del protocolo de enrutamiento Open Shortest Path First (OSPF) empleado en algunos switches Lenovo. La explotación de estos fallos de implementación puede dar lugar a que los atacantes consigan borrar o alterar las tablas de de enrutamiento de uno o muchos routers, switches u otros dispositivos que son compatibles con OSPF en un dominio de enrutamiento.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2016-12-16 CVE Reserved
- 2017-08-09 CVE Published
- 2023-06-19 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/99995 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://support.lenovo.com/us/en/product_security/LEN-14078 | 2017-08-30 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Ibm Search vendor "Ibm" | 1g L2-7 Slb Search vendor "Ibm" for product "1g L2-7 Slb" | <= 21.0.24.0 Search vendor "Ibm" for product "1g L2-7 Slb" and version " <= 21.0.24.0" | - |
Affected
| in | Ibm Search vendor "Ibm" | Flex System Search vendor "Ibm" for product "Flex System" | - | - |
Safe
|
| Ibm Search vendor "Ibm" | 1:10g Firmware Search vendor "Ibm" for product "1:10g Firmware" | <= 7.4.16.0 Search vendor "Ibm" for product "1:10g Firmware" and version " <= 7.4.16.0" | - |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | - | - |
Safe
|
| Ibm Search vendor "Ibm" | Layer 2\/3 Copper Firmware Search vendor "Ibm" for product "Layer 2\/3 Copper Firmware" | <= 5.3.10.0 Search vendor "Ibm" for product "Layer 2\/3 Copper Firmware" and version " <= 5.3.10.0" | - |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | - | - |
Safe
|
| Ibm Search vendor "Ibm" | Virtual Fabric 10gb Search vendor "Ibm" for product "Virtual Fabric 10gb" | <= 7.8.12.0 Search vendor "Ibm" for product "Virtual Fabric 10gb" and version " <= 7.8.12.0" | - |
Affected
| in | Ibm Search vendor "Ibm" | Bladecenter Search vendor "Ibm" for product "Bladecenter" | - | - |
Safe
|
| Ibm Search vendor "Ibm" | En2092 1gb Firmware Search vendor "Ibm" for product "En2092 1gb Firmware" | <= 7.8.16.0 Search vendor "Ibm" for product "En2092 1gb Firmware" and version " <= 7.8.16.0" | - |
Affected
| in | Ibm Search vendor "Ibm" | Flex System Search vendor "Ibm" for product "Flex System" | - | - |
Safe
|
| Ibm Search vendor "Ibm" | Fabric Cn4093 10gb Firmware Search vendor "Ibm" for product "Fabric Cn4093 10gb Firmware" | <= 7.8.16.0 Search vendor "Ibm" for product "Fabric Cn4093 10gb Firmware" and version " <= 7.8.16.0" | - |
Affected
| in | Ibm Search vendor "Ibm" | Flex System Search vendor "Ibm" for product "Flex System" | - | - |
Safe
|
| Ibm Search vendor "Ibm" | Fabric En4093\/en4093r 10gb Firmware Search vendor "Ibm" for product "Fabric En4093\/en4093r 10gb Firmware" | <= 7.8.16.0 Search vendor "Ibm" for product "Fabric En4093\/en4093r 10gb Firmware" and version " <= 7.8.16.0" | - |
Affected
| in | Ibm Search vendor "Ibm" | Flex System Search vendor "Ibm" for product "Flex System" | - | - |
Safe
|
| Ibm Search vendor "Ibm" | G8052 Firmware Search vendor "Ibm" for product "G8052 Firmware" | <= 7.9.19.0 Search vendor "Ibm" for product "G8052 Firmware" and version " <= 7.9.19.0" | - |
Affected
| in | Ibm Search vendor "Ibm" | Rackswitch Search vendor "Ibm" for product "Rackswitch" | - | - |
Safe
|
| Ibm Search vendor "Ibm" | G8124 Firmware Search vendor "Ibm" for product "G8124 Firmware" | <= 7.11.9.0 Search vendor "Ibm" for product "G8124 Firmware" and version " <= 7.11.9.0" | - |
Affected
| in | Ibm Search vendor "Ibm" | Rackswitch Search vendor "Ibm" for product "Rackswitch" | - | - |
Safe
|
| Ibm Search vendor "Ibm" | G8124e Firmware Search vendor "Ibm" for product "G8124e Firmware" | <= 7.11.9.0 Search vendor "Ibm" for product "G8124e Firmware" and version " <= 7.11.9.0" | - |
Affected
| in | Ibm Search vendor "Ibm" | Rackswitch Search vendor "Ibm" for product "Rackswitch" | - | - |
Safe
|
| Ibm Search vendor "Ibm" | G8264 Firmware Search vendor "Ibm" for product "G8264 Firmware" | <= 7.9.19.0 Search vendor "Ibm" for product "G8264 Firmware" and version " <= 7.9.19.0" | - |
Affected
| in | Ibm Search vendor "Ibm" | Rackswitch Search vendor "Ibm" for product "Rackswitch" | - | - |
Safe
|
| Ibm Search vendor "Ibm" | G8264cs Firmware Search vendor "Ibm" for product "G8264cs Firmware" | <= 7.8.16.0 Search vendor "Ibm" for product "G8264cs Firmware" and version " <= 7.8.16.0" | - |
Affected
| in | Ibm Search vendor "Ibm" | Rackswitch Search vendor "Ibm" for product "Rackswitch" | - | - |
Safe
|
| Ibm Search vendor "Ibm" | G8264t Firmware Search vendor "Ibm" for product "G8264t Firmware" | <= 7.9.19.0 Search vendor "Ibm" for product "G8264t Firmware" and version " <= 7.9.19.0" | - |
Affected
| in | Ibm Search vendor "Ibm" | Rackswitch Search vendor "Ibm" for product "Rackswitch" | - | - |
Safe
|
| Ibm Search vendor "Ibm" | G8316 Firmware Search vendor "Ibm" for product "G8316 Firmware" | <= 7.9.19.0 Search vendor "Ibm" for product "G8316 Firmware" and version " <= 7.9.19.0" | - |
Affected
| in | Ibm Search vendor "Ibm" | Rackswitch Search vendor "Ibm" for product "Rackswitch" | - | - |
Safe
|
| Ibm Search vendor "Ibm" | G8332 Firmware Search vendor "Ibm" for product "G8332 Firmware" | <= 7.7.25.0 Search vendor "Ibm" for product "G8332 Firmware" and version " <= 7.7.25.0" | - |
Affected
| in | Ibm Search vendor "Ibm" | Rackswitch Search vendor "Ibm" for product "Rackswitch" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Fabric Cn4093 10gb Firmware Search vendor "Lenovo" for product "Fabric Cn4093 10gb Firmware" | <= 8.4.3.0 Search vendor "Lenovo" for product "Fabric Cn4093 10gb Firmware" and version " <= 8.4.3.0" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Flex System Search vendor "Lenovo" for product "Flex System" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Fabric En4093r 10gb Firmware Search vendor "Lenovo" for product "Fabric En4093r 10gb Firmware" | <= 8.4.3.0 Search vendor "Lenovo" for product "Fabric En4093r 10gb Firmware" and version " <= 8.4.3.0" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Flex System Search vendor "Lenovo" for product "Flex System" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | Si4091 Firmware Search vendor "Lenovo" for product "Si4091 Firmware" | <= 8.4.3.0 Search vendor "Lenovo" for product "Si4091 Firmware" and version " <= 8.4.3.0" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Flex System Search vendor "Lenovo" for product "Flex System" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | G8052 Firmware Search vendor "Lenovo" for product "G8052 Firmware" | <= 8.4.3.0 Search vendor "Lenovo" for product "G8052 Firmware" and version " <= 8.4.3.0" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Rackswitch Search vendor "Lenovo" for product "Rackswitch" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | G8124e Firmware Search vendor "Lenovo" for product "G8124e Firmware" | <= 8.4.3.0 Search vendor "Lenovo" for product "G8124e Firmware" and version " <= 8.4.3.0" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Rackswitch Search vendor "Lenovo" for product "Rackswitch" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | G8264 Firmware Search vendor "Lenovo" for product "G8264 Firmware" | <= 8.4.3.0 Search vendor "Lenovo" for product "G8264 Firmware" and version " <= 8.4.3.0" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Rackswitch Search vendor "Lenovo" for product "Rackswitch" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | G8264cs Firmware Search vendor "Lenovo" for product "G8264cs Firmware" | <= 8.4.3.0 Search vendor "Lenovo" for product "G8264cs Firmware" and version " <= 8.4.3.0" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Rackswitch Search vendor "Lenovo" for product "Rackswitch" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | G8272 Firmware Search vendor "Lenovo" for product "G8272 Firmware" | <= 8.4.3.0 Search vendor "Lenovo" for product "G8272 Firmware" and version " <= 8.4.3.0" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Rackswitch Search vendor "Lenovo" for product "Rackswitch" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | G8296 Firmware Search vendor "Lenovo" for product "G8296 Firmware" | <= 8.4.3.0 Search vendor "Lenovo" for product "G8296 Firmware" and version " <= 8.4.3.0" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Rackswitch Search vendor "Lenovo" for product "Rackswitch" | - | - |
Safe
|
| Lenovo Search vendor "Lenovo" | G8332 Firmware Search vendor "Lenovo" for product "G8332 Firmware" | <= 8.4.3.0 Search vendor "Lenovo" for product "G8332 Firmware" and version " <= 8.4.3.0" | - |
Affected
| in | Lenovo Search vendor "Lenovo" | Rackswitch Search vendor "Lenovo" for product "Rackswitch" | - | - |
Safe
|