CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
50.4%
A vulnerability in the bgpd/bgp_attr.c file of a software tool for implementing network routing on Unix-like
FRRouting systems is related to read outside bgp_attr_aigp_valid bounds, as there are no
AIGP checks. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of
denial of service
Vulnerability in the bgpd/bgp_label.c file of a software tool for implementing network routing on Unix-like FRRR systems.
Unix-like systems FRRouting is related to torture to read beyond the end of a stream while analyzing a
of a labeled unicast. Exploitation of the vulnerability could allow an attacker acting
remotely to cause a denial of service
Vulnerability in the bgpd/bgp_flowspec.c file of a software tool for implementing network routing on Unix-like FRRR systems.
Unix-like systems FRRouting is related to handling invalid requests without attributes. Exploitation of the
The vulnerability could allow a remote attacker to cause a denial of service
Vulnerability in the software tool for implementing network routing on Unix-like systems FRRouting
is related to sending specially crafted hello messages with a unicast flag, an interval field, and an interval field.
distribution, an interval field equal to 0, or any TLV containing a sub-TLV with the Mandatory flag set,
to enter an infinite loop. Exploitation of the vulnerability could allow an attacker acting
remotely, to cause a denial of service
A vulnerability in the bgpd/bgp_open.c file of a software tool for implementing network routing on Unix-like
FRRouting is related to the lack of verification of the rcv software version length.
Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service
Vulnerability in the software tool for implementing network routing on Unix-like systems FRRouting
is related to incorrect processing of a generated BGP UPDATE message with the MP_UNREACH_NLRI attribute and additional NLRI data.
additional NLRI data. Exploitation of the vulnerability could allow an attacker acting remotely,
cause a denial of service
Vulnerability in the software tool for implementing network routing on Unix-like systems FRRouting
is related to incorrect processing of a generated BGP UPDATE message with EOR. Exploitation of the vulnerability
could allow an attacker acting remotely to cause a denial of service
Vulnerability in the software tool for implementing network routing on Unix-like systems FRRouting
is associated with uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker,
acting remotely, to cause a denial of service using a specially crafted file
Vulnerability in the bgpd/bgp_packet.c file of a software tool for implementing network routing on Unix-like FRRRouting systems.
Unix-like systems FRRouting is related to reading the initial byte of the ORF header in a flow precedence situation.
flow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of
denial of service
Vulnerability in the software tool for implementing network routing on Unix-like systems FRRouting
is related to insufficient validation of entered data. Exploitation of the vulnerability could allow an attacker,
acting remotely, to cause a denial of service