CVE-2019-15989
Description
A vulnerability in the implementation of the Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of a BGP update message that contains a specific BGP attribute. An attacker could exploit this vulnerability by sending BGP update messages that include a specific, malformed attribute to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer or would need to be injected by the attacker into the victim’s BGP network on an existing, valid TCP connection to a BGP peer.
Risk Information
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Cisco IOS XR Software Border Gateway Protocol Attribute Denial of Service Vulnerability For Cisco Carrier Routing System | NCM |
| Cisco IOS XR Software Border Gateway Protocol Attribute Denial of Service Vulnerability For Cisco ASR 9000 Series Aggregation Services Routers | NCM |
| Cisco IOS XR Software Border Gateway Protocol Attribute Denial of Service Vulnerability For Cisco Network Convergence System 6000 Series Routers | NCM |
| Cisco IOS XR Software Border Gateway Protocol Attribute Denial of Service Vulnerability For Cisco IOS XRv 9000 Router | NCM |
| Cisco IOS XR Software Border Gateway Protocol Attribute Denial of Service Vulnerability For Cisco Network Convergence System 5000 Series | NCM |
| Cisco IOS XR Software Border Gateway Protocol Attribute Denial of Service Vulnerability For Cisco Network Convergence System 5500 Series | NCM |
| Cisco IOS XR Software Border Gateway Protocol Attribute Denial of Service Vulnerability For Cisco Network Convergence System 1000 Series | NCM |
| Cisco IOS XR Software Border Gateway Protocol Attribute Denial of Service Vulnerability For Cisco Network Convergence System 500 Series Routers | NCM |
| Cisco IOS XR Software Border Gateway Protocol Attribute Denial of Service Vulnerability For Cisco 8000 Series Routers | NCM |
| Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2019-15989) | NCM |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-1705675 | Security Update for Cisco Carrier Routing System 5.3.1 |
| PATCH-1705564 | Security Update for Cisco ASR 9000 Series Aggregation Services Routers 5.3.0.1i.BASE |
| PATCH-1705630 | Security Update for Cisco Network Convergence System 6000 Series Routers 6.1.4 |
| PATCH-1705219 | Security Update for Cisco IOS XRv 9000 Router 7.1.2.1i.BASE |
| PATCH-1706021 | Security Update for Cisco Network Convergence System 5000 Series 6.2.1.21i.BASE |
| PATCH-1705220 | Security Update for Cisco Network Convergence System 5500 Series 7.1.2.1i.BASE |
| PATCH-1705124 | Security Update for Cisco Network Convergence System 1000 Series 7.2.1.9i.ROUT |
| PATCH-1705229 | Security Update for Cisco Network Convergence System 500 Series Routers 7.2.1.21i.BASE |
| PATCH-1705230 | Security Update for Cisco 8000 Series Routers 7.2.1.21i.BASE |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234