7.5
CVE-2023-45886
- EPSS 1.43%
- Veröffentlicht 21.11.2023 06:15:42
- Zuletzt bearbeitet 21.11.2024 08:27:33
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
The BGP daemon (bgpd) in IP Infusion ZebOS through 7.10.6 allow remote attackers to cause a denial of service by sending crafted BGP update messages containing a malformed attribute.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
F5 ≫ Big-ip Next Version20.0.1
F5 ≫ Big-ip Next Service Proxy For Kubernetes Version >= 1.5.0 <= 1.8.2
F5 ≫ Big-ip Next Cloud-native Network Functions Version >= 1.1.0 <= 1.1.1
F5 ≫ Big-ip Local Traffic Manager Version >= 13.1.0 <= 13.1.5
F5 ≫ Big-ip Local Traffic Manager Version >= 14.1.0 <= 14.1.5
F5 ≫ Big-ip Local Traffic Manager Version >= 15.1.0 <= 15.1.10
F5 ≫ Big-ip Local Traffic Manager Version >= 16.1.0 <= 16.1.4
F5 ≫ Big-ip Local Traffic Manager Version >= 17.1.0 <= 17.1.1
F5 ≫ Big-ip Global Traffic Manager Version >= 13.1.0 <= 13.1.5
F5 ≫ Big-ip Global Traffic Manager Version >= 14.1.0 <= 14.1.5
F5 ≫ Big-ip Global Traffic Manager Version >= 15.1.0 <= 15.1.10
F5 ≫ Big-ip Global Traffic Manager Version >= 16.1.0 <= 16.1.4
F5 ≫ Big-ip Global Traffic Manager Version >= 17.1.0 <= 17.1.1
Ipinfusion ≫ Zebos Version <= 7.10.6
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.43% | 0.694 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
https://blog.benjojo.co.uk/post/bgp-path-attributes-grave-error-handling
https://my.f5.com/manage/s/article/K000137315
https://www.ipinfusion.com/doc_prod_cat/zebos/
https://www.kb.cert.org/vuls/id/347067