← Back

CVE-2009-2055

nvd nist
Published: Aug 19, 2009Modified: Apr 22, 2026CISA KEV

JSON object

Loading...
5.9
Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 2.2 / Impact: 3.6
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

Cisco IOS XR 3.4.0 through 3.8.1 allows remote attackers to cause a denial of service (session reset) via a BGP UPDATE message with an invalid attribute, as demonstrated in the wild on 17 August 2009.

Affected (19)

Products: Cisco: Ios Xr
1 product
Ios Xr
Configuration A
19 vulnerable
Vulnerable SoftwareAffected Versions
Cisco
Version 3.4.0
Version 3.4.1
Version 3.4.2
Version 3.4.3
Version 3.4
Version 3.5.2
Version 3.5.3
Version 3.5.4
Version 3.5
Version 3.6.0
Version 3.6.1
Version 3.6.2
Version 3.6.3
Version 3.7.0
Version 3.7.1
Version 3.7.2
Version 3.7.3
Version 3.8.0
Version 3.8.1

References (7)

Source: psirt@cisco.com
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
US Government Resource

Timeline

No history available yet.