CVE-2023-38283

Published Aug 29, 2023

Last updated a year ago

CVSS medium 5.3

Overview

Description: In OpenBGPD before 8.1, incorrect handling of BGP update data (length of path attributes) set by a potentially distant remote actor may cause the system to incorrectly reset a session. This is fixed in OpenBSD 7.3 errata 006.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 5.3
Impact score: 1.4
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Severity: MEDIUM

Weaknesses

nvd@nist.gov: CWE-754

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:openbgpd:openbgpd:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E100F828-9002-4B76-902C-49345579AAA7",
            "versionEndExcluding": "8.1"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "131B4208-6843-40D3-8818-159D1204BD0E",
            "versionEndExcluding": "7.3"
          },
          {
            "criteria": "cpe:2.3:o:openbsd:openbsd:7.3:-:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7BAA0C9B-7CEA-4647-809F-027EB34C142E"
          },
          {
            "criteria": "cpe:2.3:o:openbsd:openbsd:7.3:errata_001:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B3CC37B8-46C0-407B-8DE4-2B5BC36BA969"
          },
          {
            "criteria": "cpe:2.3:o:openbsd:openbsd:7.3:errata_002:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D53FE3CA-1A90-4783-8AC2-C0B4CF6F052D"
          },
          {
            "criteria": "cpe:2.3:o:openbsd:openbsd:7.3:errata_003:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9C32DD2B-BBE0-4031-B105-743E4058B4A1"
          },
          {
            "criteria": "cpe:2.3:o:openbsd:openbsd:7.3:errata_004:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3F481F84-81C2-4E5F-BD60-4C46CD3DD603"
          },
          {
            "criteria": "cpe:2.3:o:openbsd:openbsd:7.3:errata_005:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DCAE527B-1176-4759-B903-59A72245517B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References