CyberSec.Space Logo
返回 CVE 浏览器

CVE-2009-2055

Known Exploited (CISA KEV)MEDIUM
5.9
CVSS Severity Score
EPSS Score39.6470%
EPSS Percentile94.27th
Published2009年8月19日
Last Modified2026年4月22日

Vulnerability Description

Cisco IOS XR 3.4.0 through 3.8.1 allows remote attackers to cause a denial of service (session reset) via a BGP UPDATE message with an invalid attribute, as demonstrated in the wild on 17 August 2009.

Affected Platforms (CPE)

💻
Cisco

Ios Xr

= 3.4
💻
Cisco

Ios Xr

= 3.4.0
💻
Cisco

Ios Xr

= 3.4.1
💻
Cisco

Ios Xr

= 3.4.2
💻
Cisco

Ios Xr

= 3.4.3
💻
Cisco

Ios Xr

= 3.5
💻
Cisco

Ios Xr

= 3.5.2
💻
Cisco

Ios Xr

= 3.5.3
💻
Cisco

Ios Xr

= 3.5.4
💻
Cisco

Ios Xr

= 3.6.0
💻
Cisco

Ios Xr

= 3.6.1
💻
Cisco

Ios Xr

= 3.6.2
💻
Cisco

Ios Xr

= 3.6.3
💻
Cisco

Ios Xr

= 3.7.0
💻
Cisco

Ios Xr

= 3.7.1
💻
Cisco

Ios Xr

= 3.7.2
💻
Cisco

Ios Xr

= 3.7.3
💻
Cisco

Ios Xr

= 3.8.0
💻
Cisco

Ios Xr

= 3.8.1

References & Advisories

🔗 http://mailman.nanog.org/pipermail/nanog/2009-August/012719.html
🔗 http://securitytracker.com/id?1022739
🔗 http://www.cisco.com/en/US/products/products_security_advisory09186a0080af150f.shtml
🔗 http://mailman.nanog.org/pipermail/nanog/2009-August/012719.html
🔗 http://securitytracker.com/id?1022739
🔗 http://www.cisco.com/en/US/products/products_security_advisory09186a0080af150f.shtml
🔗 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2009-2055

相关漏洞威胁

CVE-2019-1264310.0

A vulnerability in the Cisco REST API virtual service container for Cisco IOS XE Software could allow an unauthenticated, remote a...

CVE-2018-431010.0

An access issue was addressed with additional sandbox restrictions. This issue affected versions prior to iOS 12, macOS Mojave 10....

CVE-2019-623510.0

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12...

CVE-2019-1106310.0

A broken access control vulnerability in SmartHome app (Android versions up to 3.0.42_190515, ios versions up to 2.0.22) allows an...