⚠ Actively exploited

Added to CISA KEV on 2022-03-25. Federal agencies required to patch by 2022-04-15. Required action: Apply updates per vendor instructions..

CVE-2010-3035 — Improper Input Validation in Cisco IOS XR

CWE-399 CWE-20 — Improper Input Validation6 documents6 sources

Severity

7.5HIGHNVD

EPSS

3.2%

top 12.88%

CISA KEV

KEV

Added 2022-03-25

Due 2022-04-15

Exploit

Exploited in wild

Active exploitation observed

Affected products

Cisco IOS XR

Timeline

PublishedAug 30

KEV addedMar 25

KEV dueApr 15

Latest updateMay 17

CISA Required Action: Apply updates per vendor instructions.

Description

Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers to cause a denial of service (peering reset) via a crafted prefix announcement, as demonstrated in the wild in August 2010 with attribute type code 99, aka Bug ID CSCti62211.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

▶NVDcisco/ios_xr3.4.0 — 3.9.1

🔴Vulnerability Details

GHSA

GHSA-9q29-g37m-5wmp: Cisco IOS XR 3↗2022-05-17

▶

CVEList

CVE-2010-3035: Cisco IOS XR 3↗2010-08-30

▶

VulnCheck

Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vulnerability↗2010

▶

📋Vendor Advisories

CISA

Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vulnerability↗2022-03-25

▶

Cisco

Cisco IOS XR Software Border Gateway Protocol Vulnerability↗2010-08-28

▶