CVE-2023-40457
Published Nov 11, 2024
Last updated 5 days ago
Overview
- Description
- The BGP daemon in Extreme Networks ExtremeXOS (aka EXOS) 30.7.1.1 allows an attacker (who is not on a directly connected network) to cause a denial of service (BGP session reset) because of BGP attribute error mishandling (for attribute 21 and 25). NOTE: the vendor disputes this because it is "evaluating support for RFC 7606 as a future feature" and believes that "customers that have chosen to not require or implement RFC 7606 have done so willingly and with knowledge of what is needed to defend against these types of attacks."
- Source
- cve@mitre.org
- NVD status
- Awaiting Analysis
- CNA Tags
- disputed
Weaknesses
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-209
Social media
- Hype score
- Not currently trending
CVE-2023-40457 Denial of Service via BGP Attribute Error in ExtremeXOS Extreme Networks ExtremeXOS (EXOS) 30.7.1.1 has a problem in its BGP daemon. This issue lets an attacker, who isn’t on a directly connected n... https://t.co/UGyzjzJqJC
@VulmonFeeds
11 Nov 2024
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2023-40457 The BGP daemon in Extreme Networks ExtremeXOS (aka EXOS) 30.7.1.1 allows an attacker (who is not on a directly connected network) to cause a denial of service (BGP se… https://t.co/M4dq8VXjMP
@CVEnew
11 Nov 2024
610 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes