CVE-2009-2055

CVSS 5.9 MEDIUMEPSS 3.3%● KEVCWE-20

In short

Cisco IOS XR is vulnerable to a denial of service attack when it receives a specially crafted BGP UPDATE message with an invalid attribute. An attacker can remotely reset user sessions without needing special access.

Technical detail

The vulnerability exists in Cisco IOS XR versions 3.4.0 through 3.8.1 in the BGP protocol handler, where insufficient validation (CWE-20) of UPDATE message attributes allows remote attackers to trigger a session reset. Attack vector is network-based via BGP, with no authentication required; impact is session termination and temporary unavailability.

Summary generated and translated by AI from the official description.

Cisco IOS XR 3.4.0 through 3.8.1 allows remote attackers to cause a denial of service (session reset) via a BGP UPDATE message with an invalid attribute, as demonstrated in the wild on 17 August 2009.

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://mailman.nanog.org/pipermail/nanog/2009-August/012719.html http://securitytracker.com/id?1022739 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2009-2055 http://www.cisco.com/en/US/products/products_security_advisory09186a0080af150f.shtml