High severity8.2NVD Advisory· Published Aug 9, 2017· Updated May 13, 2026

CVE-2017-3752

Description

An industry-wide vulnerability has been identified in the implementation of the Open Shortest Path First (OSPF) routing protocol used on some Lenovo switches. Exploitation of these implementation flaws may result in attackers being able to erase or alter the routing tables of one or many routers, switches, or other devices that support OSPF within a routing domain.

Affected products

IBM/1\
cpe:2.3:o:ibm:1\:10g_firmware:*:*:*:*:*:*:*:*
Range: <=7.4.16.0
IBM/1g L2 7 Slb
cpe:2.3:o:ibm:1g_l2-7_slb:*:*:*:*:*:*:*:*
Range: <=21.0.24.0
IBM/En2092 1gb Firmware
cpe:2.3:o:ibm:en2092_1gb_firmware:*:*:*:*:*:*:*:*
Range: <=7.8.16.0
IBM/Fabric Cn4093 10gb Firmware
cpe:2.3:o:ibm:fabric_cn4093_10gb_firmware:*:*:*:*:*:*:*:*
Range: <=7.8.16.0
IBM/Fabric En4093\/en4093r 10gb Firmware
cpe:2.3:o:ibm:fabric_en4093\/en4093r_10gb_firmware:*:*:*:*:*:*:*:*
Range: <=7.8.16.0
IBM/G8052 Firmware
cpe:2.3:o:ibm:g8052_firmware:*:*:*:*:*:*:*:*
Range: <=7.9.19.0
IBM/G8124e Firmware
cpe:2.3:o:ibm:g8124e_firmware:*:*:*:*:*:*:*:*
Range: <=7.11.9.0
IBM/G8124 Firmware
cpe:2.3:o:ibm:g8124_firmware:*:*:*:*:*:*:*:*
Range: <=7.11.9.0
IBM/G8264cs Firmware
cpe:2.3:o:ibm:g8264cs_firmware:*:*:*:*:*:*:*:*
Range: <=7.8.16.0
IBM/G8264 Firmware
cpe:2.3:o:ibm:g8264_firmware:*:*:*:*:*:*:*:*
Range: <=7.9.19.0
IBM/G8264t Firmware
cpe:2.3:o:ibm:g8264t_firmware:*:*:*:*:*:*:*:*
Range: <=7.9.19.0
IBM/G8316 Firmware
cpe:2.3:o:ibm:g8316_firmware:*:*:*:*:*:*:*:*
Range: <=7.9.19.0
IBM/G8332 Firmware
cpe:2.3:o:ibm:g8332_firmware:*:*:*:*:*:*:*:*
Range: <=7.7.25.0
IBM/Layer 2\/3 Copper Firmware
cpe:2.3:o:ibm:layer_2\/3_copper_firmware:*:*:*:*:*:*:*:*
Range: <=5.3.10.0
IBM/Virtual Fabric 10gb
cpe:2.3:o:ibm:virtual_fabric_10gb:*:*:*:*:*:*:*:*
Range: <=7.8.12.0
Lenovo/Fabric Cn4093 10gb Firmware
cpe:2.3:o:lenovo:fabric_cn4093_10gb_firmware:*:*:*:*:*:*:*:*
Range: <=8.4.3.0
Lenovo/Fabric En4093r 10gb Firmware
cpe:2.3:o:lenovo:fabric_en4093r_10gb_firmware:*:*:*:*:*:*:*:*
Range: <=8.4.3.0
Lenovo/G8052 Firmware
cpe:2.3:o:lenovo:g8052_firmware:*:*:*:*:*:*:*:*
Range: <=8.4.3.0
Lenovo/G8124e Firmware
cpe:2.3:o:lenovo:g8124e_firmware:*:*:*:*:*:*:*:*
Range: <=8.4.3.0
Lenovo/G8264cs Firmware
cpe:2.3:o:lenovo:g8264cs_firmware:*:*:*:*:*:*:*:*
Range: <=8.4.3.0
Lenovo/G8264 Firmware
cpe:2.3:o:lenovo:g8264_firmware:*:*:*:*:*:*:*:*
Range: <=8.4.3.0
Lenovo/G8272 Firmware
cpe:2.3:o:lenovo:g8272_firmware:*:*:*:*:*:*:*:*
Range: <=8.4.3.0
Lenovo/G8296 Firmware
cpe:2.3:o:lenovo:g8296_firmware:*:*:*:*:*:*:*:*
Range: <=8.4.3.0
Lenovo/G8332 Firmware
cpe:2.3:o:lenovo:g8332_firmware:*:*:*:*:*:*:*:*
Range: <=8.4.3.0
Lenovo/Si4091 Firmware
cpe:2.3:o:lenovo:si4091_firmware:*:*:*:*:*:*:*:*
Range: <=8.4.3.0
Lenovo Group Ltd./Lenovo and IBM Switch Productsv5
Range: Various

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/99995nvdThird Party AdvisoryVDB Entry
support.lenovo.com/us/en/product_security/LEN-14078nvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.533
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000