CVE-2017-3752

An industry-wide vulnerability has been identified in the implementation of the Open Shortest Path First (OSPF) routing protocol used on some Lenovo switches. Exploitation of these implementation flaws may result in attackers being able to erase or alter the routing tables of one or many routers, switches, or other devices that support OSPF within a routing domain.

CVSS v3.0 8.2 HIGH
CVSS v2.0 4.3 MEDIUM

8.2^/10

CVSS v3.0 : HIGH

Vector : AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:H

Exploitability : 1.6 / Impact : 6.0

Attack Vector ADJACENT_NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

4.3^/10

CVSS v2.0 : MEDIUM

Vector : AV:A/AC:M/Au:N/C:N/I:P/A:P

Exploitability : 5.5 / Impact : 4.9

Access Vector ADJACENT_NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://support.lenovo.com/us/en/product_security/LEN-14078	Vendor Advisory
http://www.securityfocus.com/bid/99995	Third Party Advisory VDB Entry

Advertisement

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:ibm:1g_l2-7_slb:*:*:*:*:*:*:*:*

cpe:2.3:h:ibm:flex_system:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:ibm:1\:10g_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ibm:bladecenter:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:ibm:layer_2\/3_copper_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ibm:bladecenter:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:ibm:virtual_fabric_10gb:*:*:*:*:*:*:*:*

cpe:2.3:h:ibm:bladecenter:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:ibm:en2092_1gb_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ibm:flex_system:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:ibm:fabric_cn4093_10gb_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ibm:flex_system:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:ibm:fabric_en4093\/en4093r_10gb_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ibm:flex_system:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:ibm:g8052_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ibm:rackswitch:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:ibm:g8124_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ibm:rackswitch:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:ibm:g8124e_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ibm:rackswitch:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:ibm:g8264_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ibm:rackswitch:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:ibm:g8264cs_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ibm:rackswitch:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:ibm:g8264t_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ibm:rackswitch:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:ibm:g8316_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ibm:rackswitch:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:ibm:g8332_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ibm:rackswitch:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:lenovo:fabric_cn4093_10gb_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lenovo:flex_system:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:lenovo:fabric_en4093r_10gb_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lenovo:flex_system:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:lenovo:si4091_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lenovo:flex_system:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:lenovo:g8052_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lenovo:rackswitch:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND

cpe:2.3:o:lenovo:g8124e_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lenovo:rackswitch:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND

cpe:2.3:o:lenovo:g8264_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lenovo:rackswitch:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND

cpe:2.3:o:lenovo:g8264cs_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lenovo:rackswitch:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND

cpe:2.3:o:lenovo:g8272_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lenovo:rackswitch:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND

cpe:2.3:o:lenovo:g8296_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lenovo:rackswitch:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND

cpe:2.3:o:lenovo:g8332_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:lenovo:rackswitch:-:*:*:*:*:*:*:*

Information

Published : 2017-08-09 14:29

Updated : 2017-08-30 10:50

NVD link : CVE-2017-3752

Mitre link : CVE-2017-3752

JSON object : View

CWE

CWE-20

Improper Input Validation

Advertisement

Products Affected

lenovo

g8296_firmware
rackswitch
g8264cs_firmware
g8272_firmware
g8332_firmware
si4091_firmware
g8124e_firmware
flex_system
g8052_firmware
fabric_en4093r_10gb_firmware
fabric_cn4093_10gb_firmware
g8264_firmware

ibm

1\
flex_system
fabric_en4093\/en4093r_10gb_firmware
rackswitch
fabric_cn4093_10gb_firmware
g8332_firmware
en2092_1gb_firmware
g8264t_firmware
g8124_firmware
g8316_firmware
layer_2\/3_copper_firmware
g8124e_firmware
bladecenter
virtual_fabric_10gb
g8264cs_firmware
g8264_firmware
1g_l2-7_slb
g8052_firmware

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://support.lenovo.com/us/en/product_security/LEN-14078", "name": "https://support.lenovo.com/us/en/product_security/LEN-14078", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/99995", "name": "99995", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "BID"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "An industry-wide vulnerability has been identified in the implementation of the Open Shortest Path First (OSPF) routing protocol used on some Lenovo switches. Exploitation of these implementation flaws may result in attackers being able to erase or alter the routing tables of one or many routers, switches, or other devices that support OSPF within a routing domain."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-20"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2017-3752", "ASSIGNER": "psirt@lenovo.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 4.3, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "severity": "MEDIUM", "impactScore": 4.9, "obtainAllPrivilege": false, "exploitabilityScore": 5.5, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "baseMetricV3": {"cvssV3": {"scope": "CHANGED", "version": "3.0", "baseScore": 8.2, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 6.0, "exploitabilityScore": 1.6}}, "publishedDate": "2017-08-09T21:29Z", "configurations": {"nodes": [{"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:ibm:1g_l2-7_slb:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "21.0.24.0"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:ibm:flex_system:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:ibm:1\\:10g_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "7.4.16.0"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:ibm:bladecenter:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:ibm:layer_2\\/3_copper_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "5.3.10.0"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:ibm:bladecenter:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:ibm:virtual_fabric_10gb:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "7.8.12.0"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:ibm:bladecenter:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:ibm:en2092_1gb_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "7.8.16.0"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:ibm:flex_system:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:ibm:fabric_cn4093_10gb_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "7.8.16.0"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:ibm:flex_system:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:ibm:fabric_en4093\\/en4093r_10gb_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "7.8.16.0"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:ibm:flex_system:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:ibm:g8052_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "7.9.19.0"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:ibm:rackswitch:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:ibm:g8124_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "7.11.9.0"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:ibm:rackswitch:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:ibm:g8124e_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "7.11.9.0"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:ibm:rackswitch:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:ibm:g8264_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "7.9.19.0"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:ibm:rackswitch:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:ibm:g8264cs_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "7.8.16.0"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:ibm:rackswitch:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:ibm:g8264t_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "7.9.19.0"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:ibm:rackswitch:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:ibm:g8316_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "7.9.19.0"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:ibm:rackswitch:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:ibm:g8332_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "7.7.25.0"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:ibm:rackswitch:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:lenovo:fabric_cn4093_10gb_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "8.4.3.0"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:lenovo:flex_system:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:lenovo:fabric_en4093r_10gb_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "8.4.3.0"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:lenovo:flex_system:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:lenovo:si4091_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "8.4.3.0"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:lenovo:flex_system:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:lenovo:g8052_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "8.4.3.0"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:lenovo:rackswitch:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:lenovo:g8124e_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "8.4.3.0"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:lenovo:rackswitch:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:lenovo:g8264_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "8.4.3.0"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:lenovo:rackswitch:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:lenovo:g8264cs_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "8.4.3.0"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:lenovo:rackswitch:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:lenovo:g8272_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "8.4.3.0"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:lenovo:rackswitch:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:lenovo:g8296_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "8.4.3.0"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:lenovo:rackswitch:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:lenovo:g8332_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "8.4.3.0"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:lenovo:rackswitch:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-08-30T17:50Z"}