CVE-2019-15989

CVSS v3 8.6 HIGH
CVSS v2.0 5.0 MEDIUM

8.6^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 4.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope CHANGED

5.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

vulnerability in the implementation of the Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of a BGP update message that contains a specific BGP attribute. An attacker could exploit this vulnerability by sending BGP update messages that include a specific, malformed attribute to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer or would need to be injected by the attacker into the victim’s BGP network on an existing, valid TCP connection to a BGP peer.

References

Link	Resource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-bgp-dos	Vendor Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-bgp-dos	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:cisco:ios_xr:6.6.1:*:*:*:*:*:*:*

OR	cpe:2.3:h:cisco:asr_9000v:-::::::x64:
	cpe:2.3:h:cisco:asr_9001:-::::::x64:
	cpe:2.3:h:cisco:asr_9006:-::::::x64:
	cpe:2.3:h:cisco:asr_9010:-::::::x64:
	cpe:2.3:h:cisco:asr_9901:-::::::x64:
	cpe:2.3:h:cisco:asr_9904:-::::::x64:
	cpe:2.3:h:cisco:asr_9906:-::::::x64:
	cpe:2.3:h:cisco:asr_9910:-::::::x64:
	cpe:2.3:h:cisco:asr_9912:-::::::x64:
	cpe:2.3:h:cisco:asr_9922:-::::::x64:
	cpe:2.3:h:cisco:ncs_540:-:::::::*
	cpe:2.3:h:cisco:ncs_5501:-:::::::*
	cpe:2.3:h:cisco:ncs_5501-se:-:::::::*
	cpe:2.3:h:cisco:ncs_5502:-:::::::*
	cpe:2.3:h:cisco:ncs_5502-se:-:::::::*
	cpe:2.3:h:cisco:ncs_5508:-:::::::*
	cpe:2.3:h:cisco:ncs_5516:-:::::::*
	cpe:2.3:h:cisco:ncs_6000:-:::::::*

Configuration 2 (hide)

AND

cpe:2.3:o:cisco:ios_xr:6.6.2:*:*:*:*:*:*:*

OR	cpe:2.3:h:cisco:asr_9000v:-:::::::*
	cpe:2.3:h:cisco:asr_9000v:-::::::x64:
	cpe:2.3:h:cisco:asr_9001:-:::::::*
	cpe:2.3:h:cisco:asr_9001:-::::::x64:
	cpe:2.3:h:cisco:asr_9006:-:::::::*
	cpe:2.3:h:cisco:asr_9006:-::::::x64:
	cpe:2.3:h:cisco:asr_9010:-:::::::*
	cpe:2.3:h:cisco:asr_9010:-::::::x64:
	cpe:2.3:h:cisco:asr_9901:-:::::::*
	cpe:2.3:h:cisco:asr_9901:-::::::x64:
	cpe:2.3:h:cisco:asr_9904:-:::::::*
	cpe:2.3:h:cisco:asr_9904:-::::::x64:
	cpe:2.3:h:cisco:asr_9906:-:::::::*
	cpe:2.3:h:cisco:asr_9906:-::::::x64:
	cpe:2.3:h:cisco:asr_9910:-:::::::*
	cpe:2.3:h:cisco:asr_9910:-::::::x64:
	cpe:2.3:h:cisco:asr_9912:-:::::::*
	cpe:2.3:h:cisco:asr_9912:-::::::x64:
	cpe:2.3:h:cisco:asr_9922:-:::::::*
	cpe:2.3:h:cisco:asr_9922:-::::::x64:
	cpe:2.3:h:cisco:crs:-:::::::*
	cpe:2.3:h:cisco:ncs_5501:-:::::::*
	cpe:2.3:h:cisco:ncs_5501-se:-:::::::*
	cpe:2.3:h:cisco:ncs_5502:-:::::::*
	cpe:2.3:h:cisco:ncs_5502-se:-:::::::*
	cpe:2.3:h:cisco:ncs_5508:-:::::::*
	cpe:2.3:h:cisco:ncs_5516:-:::::::*
	cpe:2.3:h:cisco:xrv_9000:-:::::::*

Configuration 3 (hide)

AND

cpe:2.3:o:cisco:ios_xr:6.6.25:*:*:*:*:*:*:*

OR	cpe:2.3:h:cisco:ncs_540:-:::::::*
	cpe:2.3:h:cisco:ncs_540l:-:::::::*
	cpe:2.3:h:cisco:ncs_5501:-:::::::*
	cpe:2.3:h:cisco:ncs_5501-se:-:::::::*
	cpe:2.3:h:cisco:ncs_5502:-:::::::*
	cpe:2.3:h:cisco:ncs_5502-se:-:::::::*
	cpe:2.3:h:cisco:ncs_5508:-:::::::*
	cpe:2.3:h:cisco:ncs_5516:-:::::::*
	cpe:2.3:h:cisco:ncs_560:-:::::::*
	cpe:2.3:h:cisco:ncs_6000:-:::::::*

Configuration 4 (hide)

AND

cpe:2.3:o:cisco:ios_xr:7.0.1:*:*:*:*:*:*:*

OR	cpe:2.3:h:cisco:asr_9000v:-::::::x64:
	cpe:2.3:h:cisco:asr_9001:-::::::x64:
	cpe:2.3:h:cisco:asr_9006:-::::::x64:
	cpe:2.3:h:cisco:asr_9010:-::::::x64:
	cpe:2.3:h:cisco:asr_9901:-::::::x64:
	cpe:2.3:h:cisco:asr_9904:-::::::x64:
	cpe:2.3:h:cisco:asr_9906:-::::::x64:
	cpe:2.3:h:cisco:asr_9910:-::::::x64:
	cpe:2.3:h:cisco:asr_9912:-::::::x64:
	cpe:2.3:h:cisco:asr_9922:-::::::x64:
	cpe:2.3:h:cisco:ncs_1001:-:::::::*
	cpe:2.3:h:cisco:ncs_1002:-:::::::*
	cpe:2.3:h:cisco:ncs_1004:-:::::::*
	cpe:2.3:h:cisco:ncs_5001:-:::::::*
	cpe:2.3:h:cisco:ncs_5002:-:::::::*
	cpe:2.3:h:cisco:ncs_540:-:::::::*
	cpe:2.3:h:cisco:ncs_540l:-:::::::*
	cpe:2.3:h:cisco:ncs_5501:-:::::::*
	cpe:2.3:h:cisco:ncs_5501-se:-:::::::*
	cpe:2.3:h:cisco:ncs_5502:-:::::::*
	cpe:2.3:h:cisco:ncs_5502-se:-:::::::*
	cpe:2.3:h:cisco:ncs_5508:-:::::::*
	cpe:2.3:h:cisco:ncs_5516:-:::::::*
	cpe:2.3:h:cisco:ncs_560:-:::::::*
	cpe:2.3:h:cisco:ncs_6000:-:::::::*
	cpe:2.3:h:cisco:xrv_9000:-:::::::*

History

21 Nov 2024, 04:29

Type	Values Removed	Values Added
References	~~() https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-bgp-dos - Vendor Advisory~~	() https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-bgp-dos - Vendor Advisory

Information

Published : 2020-01-26 05:15

Updated : 2024-11-21 04:29

NVD link : CVE-2019-15989

Mitre link : CVE-2019-15989

CVE.ORG link : CVE-2019-15989

JSON object : View

Products Affected

cisco

CWE

CWE-754

Improper Check for Unusual or Exceptional Conditions

8.6 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope CHANGED

5.0 /10

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

JSON object

Attach tags to CVE-2019-15989

8.6^/10

5.0^/10

Attach tags to `CVE-2019-15989`