CVE-2023-45886

Published Nov 21, 2023

Last updated a year ago

CVSS high 7.5

Overview

Description: The BGP daemon (bgpd) in IP Infusion ZebOS through 7.10.6 allow remote attackers to cause a denial of service by sending crafted BGP update messages containing a malformed attribute.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_next:20.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "969C4F14-F6D6-46D6-B348-FC1463877680"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_next_service_proxy_for_kubernetes:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "41AD5040-1250-45F5-AB63-63F333D49BCC",
            "versionEndIncluding": "1.8.2",
            "versionStartIncluding": "1.5.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_next_cloud-native_network_functions:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "79F284A9-C17F-4230-B1B9-2F5F96784ABB",
            "versionEndIncluding": "1.1.1",
            "versionStartIncluding": "1.1.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0360F76D-E75E-4B05-A294-B47012323ED9",
            "versionEndIncluding": "13.1.5",
            "versionStartIncluding": "13.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7A4607BF-41AC-4E84-A110-74E085FF0445",
            "versionEndIncluding": "14.1.5",
            "versionStartIncluding": "14.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "441CC945-7CA3-49C0-AE10-94725301E31D",
            "versionEndIncluding": "15.1.10",
            "versionStartIncluding": "15.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "46BA8E8A-6ED5-4FB2-8BBC-586AA031085A",
            "versionEndIncluding": "16.1.4",
            "versionStartIncluding": "16.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "820076A8-F163-4471-8B1E-5290BD1D6D93",
            "versionEndIncluding": "17.1.1",
            "versionStartIncluding": "17.1.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E6018B01-048C-43BB-A78D-66910ED60CA9",
            "versionEndIncluding": "13.1.5",
            "versionStartIncluding": "13.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3A6A5686-5A8B-45D5-9165-BC99D2CCAC47",
            "versionEndIncluding": "14.1.5",
            "versionStartIncluding": "14.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5D2A121F-5BD2-4263-8ED3-1DDE25B5C306",
            "versionEndIncluding": "15.1.10",
            "versionStartIncluding": "15.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0A4F7BAD-3EDD-4DE0-AAB7-DE5ACA34DD79",
            "versionEndIncluding": "16.1.4",
            "versionStartIncluding": "16.1.0"
          },
          {
            "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DF43CD3A-2C94-4663-B5D5-0327FD3E1F3D",
            "versionEndIncluding": "17.1.1",
            "versionStartIncluding": "17.1.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ipinfusion:zebos:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3C3498D8-B387-4E26-AF1D-80D43DDC5E47",
            "versionEndIncluding": "7.10.6"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References