Lucene search

[email protected]CVE-2009-2055

HistoryOct 03, 2022 - 4:24 p.m.

CVE-2009-2055

2022-10-0316:24:06

CWE-20

[email protected]

web.nvd.nist.gov

822

In Wild

cisco

ios xr

denial of service

bgp

cve-2009-2055

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.5 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

77.2%

JSON

Cisco IOS XR 3.4.0 through 3.8.1 allows remote attackers to cause a denial of service (session reset) via a BGP UPDATE message with an invalid attribute, as demonstrated in the wild on 17 August 2009.

Affected configurations

NVD

Node

ciscoios_xrMatch3.4

ciscoios_xrMatch3.4.0

ciscoios_xrMatch3.4.1

ciscoios_xrMatch3.4.2

ciscoios_xrMatch3.4.3

ciscoios_xrMatch3.5

ciscoios_xrMatch3.5.2

ciscoios_xrMatch3.5.3

ciscoios_xrMatch3.5.4

ciscoios_xrMatch3.6.0

ciscoios_xrMatch3.6.1

ciscoios_xrMatch3.6.2

ciscoios_xrMatch3.6.3

ciscoios_xrMatch3.7.0

ciscoios_xrMatch3.7.1

ciscoios_xrMatch3.7.2

ciscoios_xrMatch3.7.3

ciscoios_xrMatch3.8.0

ciscoios_xrMatch3.8.1

CPENameOperatorVersion
cisco:ios_xrcisco ios xreq3.4
cisco:ios_xrcisco ios xreq3.4.0
cisco:ios_xrcisco ios xreq3.4.1
cisco:ios_xrcisco ios xreq3.4.2
cisco:ios_xrcisco ios xreq3.4.3
cisco:ios_xrcisco ios xreq3.5
cisco:ios_xrcisco ios xreq3.5.2
cisco:ios_xrcisco ios xreq3.5.3
cisco:ios_xrcisco ios xreq3.5.4
cisco:ios_xrcisco ios xreq3.6.0

CPE	Name	Operator	Version
cisco:ios_xr	cisco ios xr	eq	3.4
cisco:ios_xr	cisco ios xr	eq	3.4.0
cisco:ios_xr	cisco ios xr	eq	3.4.1
cisco:ios_xr	cisco ios xr	eq	3.4.2
cisco:ios_xr	cisco ios xr	eq	3.4.3
cisco:ios_xr	cisco ios xr	eq	3.5
cisco:ios_xr	cisco ios xr	eq	3.5.2
cisco:ios_xr	cisco ios xr	eq	3.5.3
cisco:ios_xr	cisco ios xr	eq	3.5.4
cisco:ios_xr	cisco ios xr	eq	3.6.0