cisco ios_xr 未加控制的资源消耗(资源穷尽)
CVE编号
CVE-2019-16023利用情况
暂无补丁情况
N/A披露时间
2020-09-23漏洞描述
Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.解决建议
建议您更新当前系统或软件至最新版,完成漏洞的修复。
参考链接 |
|
|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-s... |
受影响软件情况
| # | 类型 | 厂商 | 产品 | 版本 | 影响面 | ||||
| 1 | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| 运行在以下环境 | |||||||||
| 系统 | cisco | ios_xr | 6.6.1 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | cisco | ios_xr | 6.6.2 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | cisco | ios_xr | 6.6.25 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | cisco | ios_xr | 7.0.1 | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | cisco | asr_9000 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | cisco | asr_9010 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | cisco | asr_9904 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | cisco | asr_9910 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | cisco | asr_9912 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | cisco | asr_9922 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | cisco | carrier_routing_system | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | cisco | ios_xrv_9000 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | cisco | ncs_1001 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | cisco | ncs_1002 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | cisco | ncs_1004 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | cisco | ncs_5001 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | cisco | ncs_5002 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | cisco | ncs_5011 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | cisco | ncs_540 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | cisco | ncs_540l | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | cisco | ncs_5500 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | cisco | ncs_560 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | cisco | ncs_6000 | - | - | |||||
- 攻击路径 网络
- 攻击复杂度 低
- 权限要求 无
- 影响范围 未更改
- 用户交互 无
- 可用性 高
- 保密性 无
- 完整性 无
| CWE-ID | 漏洞类型 |
| CWE-400 | 未加控制的资源消耗(资源穷尽) |
| NVD-CWE-noinfo |
Exp相关链接
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
评论