Back to KEVs

CVE-2009-2055

Cisco IOS XR 3.4.0 through 3.8.1 allows remote attackers to cause a denial of service (session reset) via a BGP UPDATE message with an invalid...

Basic Information

CVE State
PUBLISHED
Reserved Date
June 12, 2009
Published Date
August 19, 2009
Last Updated
November 15, 2024
Vendor
n/a
Product
n/a
Description
Cisco IOS XR 3.4.0 through 3.8.1 allows remote attackers to cause a denial of service (session reset) via a BGP UPDATE message with an invalid attribute, as demonstrated in the wild on 17 August 2009.

CVSS Scores

SSVC Information

Exploitation
active
Technical Impact
partial

Exploit Status

Exploited in the Wild
Yes (added 2022-03-25 00:00:00 UTC) Source

References

http://mailman.nanog.org/pipermail/nanog/2009-August/012719.html http://securitytracker.com/id?1022739 http://www.cisco.com/en/US/products/products_security_advisory09186a0080af150f.shtml

Known Exploited Vulnerability Information

Source Added Date
CISA 2022-03-25 00:00:00 UTC