CVE-2013-3595

Name of the Vulnerable Software and Affected Versions Dell PowerConnect switches, including: OpenManage web application version 2.5 build 1.19 Dell PowerConnect 3348 version 1.2.1.3 Dell PowerConnect 3524p version 2.0.0.48 Dell PowerConnect 5324 version 2.0.1.4

Description The issue allows remote authenticated users to cause a denial of service, resulting in a device reset, by sending a direct request to an unspecified OSPF URL.

Recommendations For OpenManage web application version 2.5 build 1.19, restrict access to the OSPF URL to minimize the risk of exploitation. For Dell PowerConnect 3348 version 1.2.1.3, consider disabling remote access until a fix is available. For Dell PowerConnect 3524p version 2.0.0.48, limit user privileges to reduce the impact of a potential denial of service. For Dell PowerConnect 5324 version 2.0.1.4, avoid using the OSPF protocol until the issue is resolved.