Lucene search

[email protected]NVD:CVE-2019-16018

HistoryJan 26, 2020 - 5:15 a.m.

CVE-2019-16018

2020-01-2605:15:14

CWE-399

CWE-400

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

AI Score

6.8

Confidence

High

EPSS

0.001

Percentile

50.4%

JSON

A vulnerability in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of a BGP update message that contains crafted EVPN attributes. An attacker could indirectly exploit the vulnerability by sending BGP EVPN update messages with a specific, malformed attribute to an affected system and waiting for a user on the device to display the EVPN operational routes’ status. If successful, the attacker could cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim’s BGP network on an existing, valid TCP connection to a BGP peer.

Affected configurations

Nvd

Node

ciscoios_xrMatch6.6.1

AND

ciscoasr_9000vMatch-x64

ciscoasr_9001Match-x64

ciscoasr_9006Match-x64

ciscoasr_9010Match-x64

ciscoasr_9901Match-x64

ciscoasr_9904Match-x64

ciscoasr_9906Match-x64

ciscoasr_9910Match-x64

ciscoasr_9912Match-x64

ciscoasr_9922Match-x64

cisconcs_540Match-

cisconcs_5501Match-

cisconcs_5501-seMatch-

cisconcs_5502Match-

cisconcs_5502-seMatch-

cisconcs_5508Match-

cisconcs_5516Match-

cisconcs_6000Match-

Node

ciscoios_xrMatch6.6.2

AND

ciscoasr_9000vMatch-

ciscoasr_9000vMatch-x64

ciscoasr_9001Match-

ciscoasr_9001Match-x64

ciscoasr_9006Match-

ciscoasr_9006Match-x64

ciscoasr_9010Match-

ciscoasr_9010Match-x64

ciscoasr_9901Match-

ciscoasr_9901Match-x64

ciscoasr_9904Match-

ciscoasr_9904Match-x64

ciscoasr_9906Match-

ciscoasr_9906Match-x64

ciscoasr_9910Match-

ciscoasr_9910Match-x64

ciscoasr_9912Match-

ciscoasr_9912Match-x64

ciscoasr_9922Match-

ciscoasr_9922Match-x64

ciscocrsMatch-

cisconcs_5501Match-

cisconcs_5501-seMatch-

cisconcs_5502Match-

cisconcs_5502-seMatch-

cisconcs_5508Match-

cisconcs_5516Match-

ciscoxrv_9000Match-

Node

ciscoios_xrMatch6.6.25

AND

cisconcs_540Match-

cisconcs_540lMatch-

cisconcs_5501Match-

cisconcs_5501-seMatch-

cisconcs_5502Match-

cisconcs_5502-seMatch-

cisconcs_5508Match-

cisconcs_5516Match-

cisconcs_560Match-

cisconcs_6000Match-

Node

ciscoios_xrMatch7.0.1

AND

ciscoasr_9000vMatch-x64

ciscoasr_9001Match-x64

ciscoasr_9006Match-x64

ciscoasr_9010Match-x64

ciscoasr_9901Match-x64

ciscoasr_9904Match-x64

ciscoasr_9906Match-x64

ciscoasr_9910Match-x64

ciscoasr_9912Match-x64

ciscoasr_9922Match-x64

cisconcs_1001Match-

cisconcs_1002Match-

cisconcs_1004Match-

cisconcs_5001Match-

cisconcs_5002Match-

cisconcs_540Match-

cisconcs_540lMatch-

cisconcs_5501Match-

cisconcs_5501-seMatch-

cisconcs_5502Match-

cisconcs_5502-seMatch-

cisconcs_5508Match-

cisconcs_5516Match-

cisconcs_560Match-

cisconcs_6000Match-

ciscoxrv_9000Match-

VendorProductVersionCPE
ciscoios_xr6.6.1cpe:2.3:o:cisco:ios_xr:6.6.1:*:*:*:*:*:*:*
ciscoasr_9000v-cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:x64:*
ciscoasr_9001-cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:x64:*
ciscoasr_9006-cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:x64:*
ciscoasr_9010-cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*
ciscoasr_9901-cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:x64:*
ciscoasr_9904-cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*
ciscoasr_9906-cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:x64:*
ciscoasr_9910-cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*
ciscoasr_9912-cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*

Vendor	Product	Version	CPE
cisco	ios_xr	6.6.1	cpe:2.3:o:cisco:ios_xr:6.6.1:::::::*
cisco	asr_9000v	-	cpe:2.3:h:cisco:asr_9000v:-::::::x64:
cisco	asr_9001	-	cpe:2.3:h:cisco:asr_9001:-::::::x64:
cisco	asr_9006	-	cpe:2.3:h:cisco:asr_9006:-::::::x64:
cisco	asr_9010	-	cpe:2.3:h:cisco:asr_9010:-::::::x64:
cisco	asr_9901	-	cpe:2.3:h:cisco:asr_9901:-::::::x64:
cisco	asr_9904	-	cpe:2.3:h:cisco:asr_9904:-::::::x64:
cisco	asr_9906	-	cpe:2.3:h:cisco:asr_9906:-::::::x64:
cisco	asr_9910	-	cpe:2.3:h:cisco:asr_9910:-::::::x64:
cisco	asr_9912	-	cpe:2.3:h:cisco:asr_9912:-::::::x64:

Rows per page:

1-10 of 411

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-routes

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

AI Score

6.8

Confidence

High

EPSS

0.001

Percentile

50.4%

JSON

Related for NVD:CVE-2019-16018

prion1 nessus1 cvelist1 cisco1 cve1