6.1 Medium
AI Score
Confidence
Low
3.5 Low
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:N/I:N/A:P
0.004 Low
EPSS
Percentile
73.1%
It was discovered that Quagga did not correctly verify OPEN messages or
COMMUNITY attributes sent from configured peers. Malicious authenticated
remote peers could send a specially crafted message which would cause
bgpd to abort, leading to a denial of service.