漏洞标题
Cisco IOS XE 软件边界网关协议资源公共密钥基础设施拒绝服务漏洞
漏洞描述信息
Cisco IOS XE软件边界网关协议资源公钥基础设施拒绝服务漏洞
CVSS信息
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
漏洞类别
N/A
漏洞标题
Cisco IOS XE Software Border Gateway Protocol Resource Public Key Infrastructure Denial of Service Vulnerability
漏洞描述信息
A vulnerability in the implementation of the Resource Public Key Infrastructure (RPKI) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the Border Gateway Protocol (BGP) process to crash, resulting in a denial of service (DoS) condition. This vulnerability is due to the incorrect handling of a specific RPKI to Router (RTR) Protocol packet header. An attacker could exploit this vulnerability by compromising the RPKI validator server and sending a specifically crafted RTR packet to an affected device. Alternatively, the attacker could use man-in-the-middle techniques to impersonate the RPKI validator server and send a crafted RTR response packet over the established RTR TCP connection to the affected device. A successful exploit could allow the attacker to cause a DoS condition because the BGP process could constantly restart and BGP routing could become unstable.
CVSS信息
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
漏洞类别
可达断言
漏洞标题
Cisco IOS XR安全漏洞
漏洞描述信息
Cisco IOS XR是美国思科(Cisco)公司的一套为其网络设备开发的操作系统。 Cisco IOS XR存在安全漏洞,该漏洞源于RPKI导致Cisco IOS XR致命错误,从而触发拒绝服务。
CVSS信息
N/A
漏洞类别
其他