CVE-2019-16023
Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities
Severity Score
7.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.
Múltiples vulnerabilidades en la implementación de la funcionalidad de Border Gateway Protocol (BGP) Ethernet VPN (EVPN) en Cisco IOS XR Software, podrían permitir a un atacante no autenticado remoto causar una condición de denegación de servicio (DoS). Las vulnerabilidades son debido al procesamiento incorrecto de los mensajes de actualización de BGP que contienen atributos EVPN diseñados. Un atacante podría explotar estas vulnerabilidades mediante el envío de mensajes de actualización de BGP EVPN con atributos malformados para que sean procesados por un sistema afectado. Una explotación con éxito podría permitir a un atacante causar que el proceso BGP se reiniciara inesperadamente, resultando en una condición DoS. La implementación de Cisco de BGP acepta tráfico BGP entrante solo de peers definidos explícitamente. Para explotar estas vulnerabilidades, el mensaje de actualización de BGP malicioso debería provenir de un peer BGP válido configurado, o necesitaría ser inyectado por el atacante en la red BGP de la víctima en una conexión TCP válida existente a un peer BGP
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2019-09-06 CVE Reserved
- 2020-09-23 CVE Published
- 2023-06-08 EPSS Updated
- 2024-09-17 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-399: Resource Management Errors
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 6.6.1 Search vendor "Cisco" for product "Ios Xr" and version "6.6.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 9000 Search vendor "Cisco" for product "Asr 9000" | - | x64 |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 6.6.1 Search vendor "Cisco" for product "Ios Xr" and version "6.6.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 9010 Search vendor "Cisco" for product "Asr 9010" | - | x64 |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 6.6.1 Search vendor "Cisco" for product "Ios Xr" and version "6.6.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 9904 Search vendor "Cisco" for product "Asr 9904" | - | x64 |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 6.6.1 Search vendor "Cisco" for product "Ios Xr" and version "6.6.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 9910 Search vendor "Cisco" for product "Asr 9910" | - | x64 |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 6.6.1 Search vendor "Cisco" for product "Ios Xr" and version "6.6.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 9912 Search vendor "Cisco" for product "Asr 9912" | - | x64 |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 6.6.1 Search vendor "Cisco" for product "Ios Xr" and version "6.6.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 9922 Search vendor "Cisco" for product "Asr 9922" | - | x64 |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 6.6.1 Search vendor "Cisco" for product "Ios Xr" and version "6.6.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ncs 540 Search vendor "Cisco" for product "Ncs 540" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 6.6.1 Search vendor "Cisco" for product "Ios Xr" and version "6.6.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ncs 5500 Search vendor "Cisco" for product "Ncs 5500" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 6.6.1 Search vendor "Cisco" for product "Ios Xr" and version "6.6.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ncs 6000 Search vendor "Cisco" for product "Ncs 6000" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 6.6.2 Search vendor "Cisco" for product "Ios Xr" and version "6.6.2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 9000 Search vendor "Cisco" for product "Asr 9000" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 6.6.2 Search vendor "Cisco" for product "Ios Xr" and version "6.6.2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 9000 Search vendor "Cisco" for product "Asr 9000" | - | x64 |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 6.6.2 Search vendor "Cisco" for product "Ios Xr" and version "6.6.2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 9010 Search vendor "Cisco" for product "Asr 9010" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 6.6.2 Search vendor "Cisco" for product "Ios Xr" and version "6.6.2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 9010 Search vendor "Cisco" for product "Asr 9010" | - | x64 |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 6.6.2 Search vendor "Cisco" for product "Ios Xr" and version "6.6.2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 9904 Search vendor "Cisco" for product "Asr 9904" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 6.6.2 Search vendor "Cisco" for product "Ios Xr" and version "6.6.2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 9904 Search vendor "Cisco" for product "Asr 9904" | - | x64 |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 6.6.2 Search vendor "Cisco" for product "Ios Xr" and version "6.6.2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 9910 Search vendor "Cisco" for product "Asr 9910" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 6.6.2 Search vendor "Cisco" for product "Ios Xr" and version "6.6.2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 9910 Search vendor "Cisco" for product "Asr 9910" | - | x64 |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 6.6.2 Search vendor "Cisco" for product "Ios Xr" and version "6.6.2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 9912 Search vendor "Cisco" for product "Asr 9912" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 6.6.2 Search vendor "Cisco" for product "Ios Xr" and version "6.6.2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 9912 Search vendor "Cisco" for product "Asr 9912" | - | x64 |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 6.6.2 Search vendor "Cisco" for product "Ios Xr" and version "6.6.2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 9922 Search vendor "Cisco" for product "Asr 9922" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 6.6.2 Search vendor "Cisco" for product "Ios Xr" and version "6.6.2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 9922 Search vendor "Cisco" for product "Asr 9922" | - | x64 |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 6.6.2 Search vendor "Cisco" for product "Ios Xr" and version "6.6.2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Carrier Routing System Search vendor "Cisco" for product "Carrier Routing System" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 6.6.2 Search vendor "Cisco" for product "Ios Xr" and version "6.6.2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ios Xrv 9000 Search vendor "Cisco" for product "Ios Xrv 9000" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 6.6.2 Search vendor "Cisco" for product "Ios Xr" and version "6.6.2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ncs 5001 Search vendor "Cisco" for product "Ncs 5001" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 6.6.2 Search vendor "Cisco" for product "Ios Xr" and version "6.6.2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ncs 5002 Search vendor "Cisco" for product "Ncs 5002" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 6.6.2 Search vendor "Cisco" for product "Ios Xr" and version "6.6.2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ncs 5011 Search vendor "Cisco" for product "Ncs 5011" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 6.6.2 Search vendor "Cisco" for product "Ios Xr" and version "6.6.2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ncs 540 Search vendor "Cisco" for product "Ncs 540" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 6.6.2 Search vendor "Cisco" for product "Ios Xr" and version "6.6.2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ncs 5500 Search vendor "Cisco" for product "Ncs 5500" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 6.6.2 Search vendor "Cisco" for product "Ios Xr" and version "6.6.2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ncs 6000 Search vendor "Cisco" for product "Ncs 6000" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 6.6.25 Search vendor "Cisco" for product "Ios Xr" and version "6.6.25" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ncs 540 Search vendor "Cisco" for product "Ncs 540" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 6.6.25 Search vendor "Cisco" for product "Ios Xr" and version "6.6.25" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ncs 540l Search vendor "Cisco" for product "Ncs 540l" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 6.6.25 Search vendor "Cisco" for product "Ios Xr" and version "6.6.25" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ncs 5500 Search vendor "Cisco" for product "Ncs 5500" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 6.6.25 Search vendor "Cisco" for product "Ios Xr" and version "6.6.25" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ncs 560 Search vendor "Cisco" for product "Ncs 560" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 7.0.1 Search vendor "Cisco" for product "Ios Xr" and version "7.0.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 9000 Search vendor "Cisco" for product "Asr 9000" | - | x64 |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 7.0.1 Search vendor "Cisco" for product "Ios Xr" and version "7.0.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 9010 Search vendor "Cisco" for product "Asr 9010" | - | x64 |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 7.0.1 Search vendor "Cisco" for product "Ios Xr" and version "7.0.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 9904 Search vendor "Cisco" for product "Asr 9904" | - | x64 |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 7.0.1 Search vendor "Cisco" for product "Ios Xr" and version "7.0.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 9910 Search vendor "Cisco" for product "Asr 9910" | - | x64 |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 7.0.1 Search vendor "Cisco" for product "Ios Xr" and version "7.0.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 9912 Search vendor "Cisco" for product "Asr 9912" | - | x64 |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 7.0.1 Search vendor "Cisco" for product "Ios Xr" and version "7.0.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 9922 Search vendor "Cisco" for product "Asr 9922" | - | x64 |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 7.0.1 Search vendor "Cisco" for product "Ios Xr" and version "7.0.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ios Xrv 9000 Search vendor "Cisco" for product "Ios Xrv 9000" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 7.0.1 Search vendor "Cisco" for product "Ios Xr" and version "7.0.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ncs 1001 Search vendor "Cisco" for product "Ncs 1001" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 7.0.1 Search vendor "Cisco" for product "Ios Xr" and version "7.0.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ncs 1002 Search vendor "Cisco" for product "Ncs 1002" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 7.0.1 Search vendor "Cisco" for product "Ios Xr" and version "7.0.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ncs 1004 Search vendor "Cisco" for product "Ncs 1004" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 7.0.1 Search vendor "Cisco" for product "Ios Xr" and version "7.0.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ncs 5001 Search vendor "Cisco" for product "Ncs 5001" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 7.0.1 Search vendor "Cisco" for product "Ios Xr" and version "7.0.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ncs 5002 Search vendor "Cisco" for product "Ncs 5002" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 7.0.1 Search vendor "Cisco" for product "Ios Xr" and version "7.0.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ncs 5011 Search vendor "Cisco" for product "Ncs 5011" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 7.0.1 Search vendor "Cisco" for product "Ios Xr" and version "7.0.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ncs 540 Search vendor "Cisco" for product "Ncs 540" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 7.0.1 Search vendor "Cisco" for product "Ios Xr" and version "7.0.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ncs 540l Search vendor "Cisco" for product "Ncs 540l" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 7.0.1 Search vendor "Cisco" for product "Ios Xr" and version "7.0.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ncs 5500 Search vendor "Cisco" for product "Ncs 5500" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 7.0.1 Search vendor "Cisco" for product "Ios Xr" and version "7.0.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ncs 560 Search vendor "Cisco" for product "Ncs 560" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 7.0.1 Search vendor "Cisco" for product "Ios Xr" and version "7.0.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ncs 6000 Search vendor "Cisco" for product "Ncs 6000" | - | - |
Safe
|