Описание
The BGP implementation in Cisco IOS 15.2, IOS XE 3.5.xS before 3.5.2S, and IOS XR 4.1.0 through 4.2.2 allows remote attackers to cause a denial of service (multiple connection resets) by leveraging a peer relationship and sending a malformed attribute, aka Bug IDs CSCtt35379, CSCty58300, CSCtz63248, and CSCtz62914.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:cisco:ios:15.2:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:3.5.0s:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:3.5.1s:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xr:4.1:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xr:4.1.1:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xr:4.1.2:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xr:4.2.0:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xr:4.2.1:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xr:4.2.2:*:*:*:*:*:*:*
EPSS
Процентиль: 68%
0.00563
Низкий
7.1 High
CVSS2
Дефекты
CWE-20
Связанные уязвимости
github
больше 3 лет назад
The BGP implementation in Cisco IOS 15.2, IOS XE 3.5.xS before 3.5.2S, and IOS XR 4.1.0 through 4.2.2 allows remote attackers to cause a denial of service (multiple connection resets) by leveraging a peer relationship and sending a malformed attribute, aka Bug IDs CSCtt35379, CSCty58300, CSCtz63248, and CSCtz62914.
EPSS
Процентиль: 68%
0.00563
Низкий
7.1 High
CVSS2
Дефекты
CWE-20