← Back

CVE-2023-38283

nvd nist
Published: Aug 29, 2023Modified: Nov 21, 2024

JSON object

Loading...
5.3
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Exploitability: 3.9 / Impact: 1.4
Source: NVD

Description

In OpenBGPD before 8.1, incorrect handling of BGP update data (length of path attributes) set by a potentially distant remote actor may cause the system to incorrectly reset a session. This is fixed in OpenBSD 7.3 errata 006.

Affected (1)

Products: Openbgpd: Openbgpd
Openbgpd
1 product
Openbgpd
Configuration A
1 vulnerable · 7 platform
Vulnerable SoftwareAffected Versions
Openbgpd
Before 8.1
Running on/withPlatform Versions
Openbsd
Openbsd
Before 7.3
Openbsd
Openbsd
Version 7.3
Openbsd
Openbsd
Version 7.3 errata_001
Openbsd
Openbsd
Version 7.3 errata_002
Openbsd
Openbsd
Version 7.3 errata_003
Openbsd
Openbsd
Version 7.3 errata_004
Openbsd
Openbsd
Version 7.3 errata_005

Related CWEs

CWE-754
Improper Check for Unusual or Exceptional Conditions
The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

References (10)

Source: cve@mitre.org
ExploitThird Party Advisory
Source: cve@mitre.org
Patch
Source: cve@mitre.org
Release Notes
Source: cve@mitre.org
Mailing List
Source: cve@mitre.org
Release Notes
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Release Notes
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List
Source: af854a3a-2127-422b-91ae-364da2661108
Release Notes

Timeline

No history available yet.