CVE-2018-15428

A vulnerability in the implementation of Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain BGP update messages. An attacker could exploit this vulnerability by sending BGP update messages that include a specific, malformed attribute to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
ciscoCNA
---
---
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 66%
VendorProductVersion
ciscoios_xr
6.0.1
ciscoios_xr
6.0.2
ciscoios_xr
6.1.1
ciscoios_xr
6.1.2
ciscoios_xr
6.1.3
ciscoios_xr
6.1.4
ciscoios_xr
6.2.1
ciscoios_xr
6.2.2
ciscoios_xr
6.2.3
ciscoios_xr
6.4.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securitytracker.com/id/1041790
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-iosxr-dos
http://www.securitytracker.com/id/1041790
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-iosxr-dos