3.3 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
MULTIPLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:M/C:N/I:N/A:P
6.8 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
44.2%
Cisco IOS XR 3.8.1 and earlier allows remote attackers to cause a denial of service (process crash) via a long BGP UPDATE message, as demonstrated by a message with many AS numbers in the AS Path Attribute.