Lucene search

PRIOn knowledge basePRION:CVE-2010-3035

HistoryAug 30, 2010 - 9:00 p.m.

Code injection

2010-08-3021:00:00

PRIOn knowledge base

www.prio-n.com

7.1 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.024 Low

EPSS

Percentile

89.7%

JSON

Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers to cause a denial of service (peering reset) via a crafted prefix announcement, as demonstrated in the wild in August 2010 with attribute type code 99, aka Bug ID CSCti62211.

CPENameOperatorVersion
ios_xreq3.6.1
ios_xreq3.6.2
ios_xreq3.8.4
ios_xreq3.9.0
ios_xreq3.4.0
ios_xreq3.9.1
ios_xreq3.5.2
ios_xreq3.8.1
ios_xreq3.4.2
ios_xreq3.8.2

Name	Operator	Version
ios_xr	eq	3.6.1
ios_xr	eq	3.6.2
ios_xr	eq	3.8.4
ios_xr	eq	3.9.0
ios_xr	eq	3.4.0
ios_xr	eq	3.9.1
ios_xr	eq	3.5.2
ios_xr	eq	3.8.1
ios_xr	eq	3.4.2
ios_xr	eq	3.8.2

Rows per page:

1-10 of 221

References

mailman.nanog.org/pipermail/nanog/2010-August/024837.html

osvdb.org/67696

secunia.com/advisories/41190

www.cisco.com/en/US/products/products_security_advisory09186a0080b4411f.shtml

www.securitytracker.com/id?1024371

www.vupen.com/english/advisories/2010/2227

exchange.xforce.ibmcloud.com/vulnerabilities/61443

7.1 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.024 Low

EPSS

Percentile

89.7%

JSON

Related for PRION:CVE-2010-3035