CVE-2023-31489

2023-05-0916:15:14

Google

osv.dev

frrouting bgpd v.8.4.2

denial of service

remote attacker

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

7.1 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

34.7%

JSON

An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_capability_llgr() function.

CPENameOperatorVersion
frreqbase_8.4
frreqfrr-5.1-de
frreqfrr-7.5-de
frreqfrr-3.0-rc1
frreqbase_8.3
frreqfrr-7.3-de
frreqfrr-8.4.2
frreqreindent-master-after
frreqfrr-7.1-de
frreqbase_8.0

Name	Operator	Version
frr	eq	base_8.4
frr	eq	frr-5.1-de
frr	eq	frr-7.5-de
frr	eq	frr-3.0-rc1
frr	eq	base_8.3
frr	eq	frr-7.3-de
frr	eq	frr-8.4.2
frr	eq	reindent-master-after
frr	eq	frr-7.1-de
frr	eq	base_8.0