CVE-2019-16019

EPSS 1.63%
Veröffentlicht 23.09.2020 01:15:13
Zuletzt bearbeitet 21.11.2024 04:29:56
Quelle psirt@cisco.com
Teams Watchlist Login
Unerledigt Login

Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 0 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cisco ≫ Ios Xr Version6.6.1

Cisco ≫ Ios Xr Version6.6.2

   Cisco ≫ Asr 9000 Version- HwPlatform-
   Cisco ≫ Asr 9000 Version- HwPlatformx64
   Cisco ≫ Asr 9010 Version- HwPlatform-
   Cisco ≫ Asr 9010 Version- HwPlatformx64
   Cisco ≫ Asr 9904 Version- HwPlatform-
   Cisco ≫ Asr 9904 Version- HwPlatformx64
   Cisco ≫ Asr 9910 Version- HwPlatform-
   Cisco ≫ Asr 9910 Version- HwPlatformx64
   Cisco ≫ Asr 9912 Version- HwPlatform-
   Cisco ≫ Asr 9912 Version- HwPlatformx64
   Cisco ≫ Asr 9922 Version- HwPlatform-
   Cisco ≫ Asr 9922 Version- HwPlatformx64
   Cisco ≫ Carrier Routing System Version-
   Cisco ≫ Ios Xrv 9000 Version-
   Cisco ≫ Ncs 5001 Version-
   Cisco ≫ Ncs 5002 Version-
   Cisco ≫ Ncs 5011 Version-
   Cisco ≫ Ncs 540 Version-
   Cisco ≫ Ncs 5500 Version-
   Cisco ≫ Ncs 6000 Version-

Cisco ≫ Ios Xr Version6.6.25

   Cisco ≫ Ncs 540 Version-
   Cisco ≫ Ncs 540l Version-
   Cisco ≫ Ncs 5500 Version-
   Cisco ≫ Ncs 560 Version-

Cisco ≫ Ios Xr Version7.0.1

   Cisco ≫ Asr 9000 Version- HwPlatformx64
   Cisco ≫ Asr 9010 Version- HwPlatformx64
   Cisco ≫ Asr 9904 Version- HwPlatformx64
   Cisco ≫ Asr 9910 Version- HwPlatformx64
   Cisco ≫ Asr 9912 Version- HwPlatformx64
   Cisco ≫ Asr 9922 Version- HwPlatformx64
   Cisco ≫ Ios Xrv 9000 Version-
   Cisco ≫ Ncs 1001 Version-
   Cisco ≫ Ncs 1002 Version-
   Cisco ≫ Ncs 1004 Version-
   Cisco ≫ Ncs 5001 Version-
   Cisco ≫ Ncs 5002 Version-
   Cisco ≫ Ncs 5011 Version-
   Cisco ≫ Ncs 540 Version-
   Cisco ≫ Ncs 540l Version-
   Cisco ≫ Ncs 5500 Version-
   Cisco ≫ Ncs 560 Version-
   Cisco ≫ Ncs 6000 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.63%	0.812

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8.6	3.9	4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P
psirt@cisco.com	8.6	3.9	4	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2019-16019

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-16019

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-16019

EUVD