Lucene search

K
cve[email protected]CVE-2023-41360
HistoryAug 29, 2023 - 4:15 a.m.

CVE-2023-41360

2023-08-2904:15:16
CWE-125
web.nvd.nist.gov
109
cve-2023-41360
frrouting
nvd
bgpd
security issue
orf header
ahead-of-stream

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

8.8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

30.0%

An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c can read the initial byte of the ORF header in an ahead-of-stream situation.

Affected configurations

NVD
Node
frroutingfrroutingRange9.0
Node
debiandebian_linuxMatch10.0
Node
fedoraprojectfedoraMatch37
OR
fedoraprojectfedoraMatch38
OR
fedoraprojectfedoraMatch39
CPENameOperatorVersion
frrouting:frroutingfrroutingle9.0

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

8.8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

30.0%