CVE-2019-16023
Summary
| CVE | CVE-2019-16023 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2020-09-23 01:15:00 UTC |
| Updated | 2021-11-02 19:17:00 UTC |
| Description | Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer. |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Cisco | Asr 9000 | - | All | All | All |
| Hardware | Cisco | Asr 9000 | - | All | All | All |
| Hardware | Cisco | Asr 9000 | - | All | All | All |
| Hardware | Cisco | Asr 9000 | - | All | All | All |
| Hardware | Cisco | Asr 9010 | - | All | All | All |
| Hardware | Cisco | Asr 9010 | - | All | All | All |
| Hardware | Cisco | Asr 9010 | - | All | All | All |
| Hardware | Cisco | Asr 9010 | - | All | All | All |
| Hardware | Cisco | Asr 9904 | - | All | All | All |
| Hardware | Cisco | Asr 9904 | - | All | All | All |
| Hardware | Cisco | Asr 9904 | - | All | All | All |
| Hardware | Cisco | Asr 9904 | - | All | All | All |
| Hardware | Cisco | Asr 9910 | - | All | All | All |
| Hardware | Cisco | Asr 9910 | - | All | All | All |
| Hardware | Cisco | Asr 9910 | - | All | All | All |
| Hardware | Cisco | Asr 9910 | - | All | All | All |
| Hardware | Cisco | Asr 9912 | - | All | All | All |
| Hardware | Cisco | Asr 9912 | - | All | All | All |
| Hardware | Cisco | Asr 9912 | - | All | All | All |
| Hardware | Cisco | Asr 9912 | - | All | All | All |
| Hardware | Cisco | Asr 9922 | - | All | All | All |
| Hardware | Cisco | Asr 9922 | - | All | All | All |
| Hardware | Cisco | Asr 9922 | - | All | All | All |
| Hardware | Cisco | Asr 9922 | - | All | All | All |
| Hardware | Cisco | Carrier Routing System | - | All | All | All |
| Hardware | Cisco | Carrier Routing System | - | All | All | All |
| Operating System | Cisco | Ios Xr | 6.6.1 | All | All | All |
| Operating System | Cisco | Ios Xr | 6.6.2 | All | All | All |
| Operating System | Cisco | Ios Xr | 6.6.25 | All | All | All |
| Operating System | Cisco | Ios Xr | 7.0.1 | All | All | All |
| Operating System | Cisco | Ios Xr | 6.6.1 | All | All | All |
| Operating System | Cisco | Ios Xr | 6.6.2 | All | All | All |
| Operating System | Cisco | Ios Xr | 6.6.25 | All | All | All |
| Operating System | Cisco | Ios Xr | 7.0.1 | All | All | All |
| Hardware | Cisco | Ios Xrv 9000 | - | All | All | All |
| Hardware | Cisco | Ios Xrv 9000 | - | All | All | All |
| Hardware | Cisco | Ncs 1001 | - | All | All | All |
| Hardware | Cisco | Ncs 1001 | - | All | All | All |
| Hardware | Cisco | Ncs 1002 | - | All | All | All |
| Hardware | Cisco | Ncs 1002 | - | All | All | All |
| Hardware | Cisco | Ncs 1004 | - | All | All | All |
| Hardware | Cisco | Ncs 1004 | - | All | All | All |
| Hardware | Cisco | Ncs 5001 | - | All | All | All |
| Hardware | Cisco | Ncs 5001 | - | All | All | All |
| Hardware | Cisco | Ncs 5002 | - | All | All | All |
| Hardware | Cisco | Ncs 5002 | - | All | All | All |
| Hardware | Cisco | Ncs 5011 | - | All | All | All |
| Hardware | Cisco | Ncs 5011 | - | All | All | All |
| Hardware | Cisco | Ncs 540 | - | All | All | All |
| Hardware | Cisco | Ncs 540 | - | All | All | All |
| Hardware | Cisco | Ncs 540l | - | All | All | All |
| Hardware | Cisco | Ncs 540l | - | All | All | All |
| Hardware | Cisco | Ncs 5500 | - | All | All | All |
| Hardware | Cisco | Ncs 5500 | - | All | All | All |
| Hardware | Cisco | Ncs 560 | - | All | All | All |
| Hardware | Cisco | Ncs 560 | - | All | All | All |
| Hardware | Cisco | Ncs 6000 | - | All | All | All |
| Hardware | Cisco | Ncs 6000 | - | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities | CISCO | tools.cisco.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.