CVE-2017-4920

CVE Database · CVE-2017-4920

CVE-2017-4920

· N/AModified

CVSS v3.1

N/A

EPSS

1.13%

Published

Dec 5, 2017

Modified

May 12, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The implementation of the OSPF protocol in VMware NSX-V Edge 6.2.x prior to 6.2.8 and NSX-V Edge 6.3.x prior to 6.3.3 doesn't correctly handle the link-state advertisement (LSA). A rogue LSA may exploit this issue resulting in continuous sending of LSAs between two routers eventually going in loop or loss of connectivity.

Weaknesses (CWE)

CWE-400

Affected Products (2)

vmware · nsx-v_edge (up to 6.2.8)vulnerable

vmware · nsx-v_edge (up to 6.3.3)vulnerable

References (4)

http://www.securityfocus.com/bid/100277

Third Party AdvisoryVDB Entry

https://www.vmware.com/security/advisories/VMSA-2017-0014.html

Vendor Advisory

http://www.securityfocus.com/bid/100277

Third Party AdvisoryVDB Entry

https://www.vmware.com/security/advisories/VMSA-2017-0014.html

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs