Описание
Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers to cause a denial of service (peering reset) via a crafted prefix announcement, as demonstrated in the wild in August 2010 with attribute type code 99, aka Bug ID CSCti62211.
Ссылки
- Mailing List
- Broken Link
- Broken Link
- Broken LinkVendor Advisory
- Broken LinkThird Party AdvisoryVDB Entry
- Broken Link
- VDB EntryVendor Advisory
- Mailing List
- Broken Link
- Broken Link
- Broken LinkVendor Advisory
- Broken LinkThird Party AdvisoryVDB Entry
- Broken Link
- VDB EntryVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 3.4.0 (включая) до 3.9.1 (включая)
cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*
EPSS
Процентиль: 87%
0.03262
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers to cause a denial of service (peering reset) via a crafted prefix announcement, as demonstrated in the wild in August 2010 with attribute type code 99, aka Bug ID CSCti62211.
EPSS
Процентиль: 87%
0.03262
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
NVD-CWE-noinfo