CVE-2010-3035

Sažetak

Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers to cause a denial of service (peering reset) via a crafted prefix announcement, as demonstrated in the wild in August 2010 with attribute type code 99, aka Bug ID CSCti62211.

Reference

http://mailman.nanog.org/pipermail/nanog/2010-August/024837.html
http://osvdb.org/67696
http://secunia.com/advisories/41190
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4411f.shtml
http://www.securitytracker.com/id?1024371
http://www.vupen.com/english/advisories/2010/2227
https://exchange.xforce.ibmcloud.com/vulnerabilities/61443
http://mailman.nanog.org/pipermail/nanog/2010-August/024837.html
http://osvdb.org/67696
http://secunia.com/advisories/41190
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4411f.shtml
http://www.securitytracker.com/id?1024371
http://www.vupen.com/english/advisories/2010/2227
https://exchange.xforce.ibmcloud.com/vulnerabilities/61443
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-3035

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:N/I:N/A:P

Zadnje važnije ažuriranje

12-01-2026 - 21:15

Objavljeno

30-08-2010 - 21:00