Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:43801
HistoryOct 12, 2023 - 3:27 p.m.

Denial Of Service

2023-10-1215:27:14
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12
denial of service
libfrr.so
vulnerability
bgp open message

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

26.1%

libfrr.so is vulnerable to Denial Of Service attack. This is possible because of an inconsistent boundary check. Attackers can cause an out of bound read by BGP OPEN message with an option of type 0xff.

CPENameOperatorVersion
libfrr.sole0.0.0
libfrr.sole0.0.0

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

26.1%