Lucene search

[email protected]CVE-2009-2056

HistoryOct 03, 2022 - 4:24 p.m.

CVE-2009-2056

2022-10-0316:24:05

CWE-264

[email protected]

web.nvd.nist.gov

cisco

ios xr

cve-2009-2056

denial of service

nvd

as path

bgp_update

process crash

3.3 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

MULTIPLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:M/C:N/I:N/A:P

6.3 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

41.9%

JSON

Cisco IOS XR 3.8.1 and earlier allows remote authenticated users to cause a denial of service (process crash) via vectors involving a BGP UPDATE message with many AS numbers prepended to the AS path.

Affected configurations

NVD

Node

ciscoios_xrRange≤3.8.1

ciscoios_xrMatch3.0

ciscoios_xrMatch3.0.1

ciscoios_xrMatch3.1

ciscoios_xrMatch3.1.0

ciscoios_xrMatch3.2

ciscoios_xrMatch3.2.1

ciscoios_xrMatch3.2.2

ciscoios_xrMatch3.2.3crs-1

ciscoios_xrMatch3.2.3prp

ciscoios_xrMatch3.2.4

ciscoios_xrMatch3.2.50

ciscoios_xrMatch3.3

ciscoios_xrMatch3.4

ciscoios_xrMatch3.4.0

ciscoios_xrMatch3.4.1

ciscoios_xrMatch3.4.2

ciscoios_xrMatch3.4.3

ciscoios_xrMatch3.5

ciscoios_xrMatch3.5.2

ciscoios_xrMatch3.5.3

ciscoios_xrMatch3.5.4

ciscoios_xrMatch3.6

ciscoios_xrMatch3.6.0

ciscoios_xrMatch3.6.1

ciscoios_xrMatch3.6.2

ciscoios_xrMatch3.6.3

ciscoios_xrMatch3.7

ciscoios_xrMatch3.7.0

ciscoios_xrMatch3.7.1

ciscoios_xrMatch3.7.2

ciscoios_xrMatch3.7.3

ciscoios_xrMatch3.8.0

CPENameOperatorVersion
cisco:ios_xrcisco ios xrle3.8.1
cisco:ios_xrcisco ios xreq3.0
cisco:ios_xrcisco ios xreq3.0.1
cisco:ios_xrcisco ios xreq3.1
cisco:ios_xrcisco ios xreq3.1.0
cisco:ios_xrcisco ios xreq3.2
cisco:ios_xrcisco ios xreq3.2.1
cisco:ios_xrcisco ios xreq3.2.2
cisco:ios_xrcisco ios xreq3.2.3
cisco:ios_xrcisco ios xreq3.2.4

CPE	Name	Operator	Version
cisco:ios_xr	cisco ios xr	le	3.8.1
cisco:ios_xr	cisco ios xr	eq	3.0
cisco:ios_xr	cisco ios xr	eq	3.0.1
cisco:ios_xr	cisco ios xr	eq	3.1
cisco:ios_xr	cisco ios xr	eq	3.1.0
cisco:ios_xr	cisco ios xr	eq	3.2
cisco:ios_xr	cisco ios xr	eq	3.2.1
cisco:ios_xr	cisco ios xr	eq	3.2.2
cisco:ios_xr	cisco ios xr	eq	3.2.3
cisco:ios_xr	cisco ios xr	eq	3.2.4