CVE-2010-3035
published 2010-08-30CVE-2010-3035: Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers to cause a…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2022-04-15
Exploited in the wild
Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers to cause a denial of service (peering reset) via a crafted prefix announcement, as demonstrated in the wild in August 2010 with attribute type code 99, aka Bug ID CSCti62211.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | ios_xr | — | — |
| cisco | ios_xr | 3.4.0 – 3.9.1 | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
vulncheck7.5HIGH
cisa7.5HIGH