CVE-2013-4806

Name: CVE-2013-4806
Creator: NVD / NIST
Published: 2013-08-12T10:58:49.527+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 1.92%

Last modified Jun 16, 2026

CVE-2013-4806 is a vulnerability of currently unknown severity. The OSPF implementation on HP JD9##A routers; HP J4###A, J484#B, J8###A, JD3##A, JE###A, and JF55#A switches; HP 3COM routers and switches; and HP H3C routers and switches does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote authenticated users to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149.. EPSS estimates a 1.92% chance of exploitation in the next 30 days.

Description

The OSPF implementation on HP JD9##A routers; HP J4###A, J484#B, J8###A, JD3##A, JE###A, and JF55#A switches; HP 3COM routers and switches; and HP H3C routers and switches does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote authenticated users to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149.

Metrics

EPSS Probability

1.92%

77.2th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Hp	3com Router	3012
Hp	3com Router	3018
Hp	3com Router	5012
Hp	3com Router	5232
Hp	3com Router	5642
Hp	3com Router	5642_taa
Hp	3com Router	5682
Hp	5500-24g-4sfp Hi Switch With 2 Interface Slots	jg311a
Hp	5500-24g-Poe Ei Switch	jd378a
Hp	5500-24g-Poe Si Switch	jd371a
Hp	5500-24g-Sfp Dc Ei Switch	jd379a
Hp	5500-24g-Sfp Ei Switch	jd374a
Hp	5500-24g Dc Ei Switch	jd373a
Hp	5500-24g Ei Switch	jd377a
Hp	5500-24g Si Switch	jd369a
Hp	5500-48g-Poe Ei Switch	jd376a
Hp	5500-48g-Poe Si Switch	jd372a
Hp	5500-48g Ei Switch	jd375a
Hp	5500-48g Si Switch	jd370a
Hp	5500g-24 Ei 10\/100\/1000 No Power Supply Unit Switch	jf551a
Hp	5500g-24 Ei Sfp No Power Supply Unit Switch	jf553a
Hp	5500g-48 Ei 10\/100\/1000 No Power Supply Unit Switch	jf552a
Hp	H3c Ethernet Switch	s5600-26c
Hp	H3c Ethernet Switch	s5600-26c-pwr
Hp	H3c Ethernet Switch	s5600-26f
Hp	H3c Ethernet Switch	s5600-50c
Hp	H3c Ethernet Switch	s5600-50c-pwr

References

http://www.kb.cert.org/vuls/id/229804US Government Resource
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03880910Vendor Advisory
http://www.kb.cert.org/vuls/id/229804US Government Resource
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03880910Vendor Advisory

Timeline

Published: Aug 12, 2013
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2013-4806?

How severe is CVE-2013-4806?

Severity scoring for CVE-2013-4806 is pending analysis. The EPSS model estimates a 1.92% probability of exploitation in the next 30 days.

How do I fix CVE-2013-4806?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2013-4806?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST