Detections
Analytics

Cisco IOS XR Software BGP EVPN DoS (cisco-sa-20200122-ios-xr-evpn)

high Nessus Plugin ID 133409

Language:

Synopsis

The remote device is missing a vendor-supplied security patch

Description

According to its self-reported version, Cisco IOS XR Software is affected by multiple denial of service (DoS) vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality. These are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An unauthenticated, remote attacker can exploit these, by sending BGP EVPN update messages with malformed attributes to be processed by an affected system.
A successful exploit allows the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition.

To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.

Please see the included Cisco BIDs and Cisco Security Advisory for more information

Solution

Upgrade to the relevant fixed version referenced in Cisco bug IDs CSCvr74413, CSCvr74986, CSCvr80793, CSCvr83742, CSCvr84254.

See Also

http://www.nessus.org/u?9ecf9b5c

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvr74413

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvr74986

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvr80793

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvr83742

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvr84254

Plugin Details

Severity: High

ID: 133409

File Name: cisco-sa-20200122-ios-xr-evpn.nasl

Version: 1.16

Type: combined

Family: CISCO

Published: 1/31/2020

Updated: 5/18/2022

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2019-16023

CVSS v3

Risk Factor: High

Base Score: 8.6

Temporal Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

CVSS Score Source: CVE-2019-16022

Vulnerability Information

CPE: cpe:/o:cisco:ios_xr

Required KB Items: Host/Cisco/IOS-XR/Version

Exploit Ease: No known exploits are available

Patch Publication Date: 1/22/2020

Vulnerability Publication Date: 1/22/2020

Reference Information

CVE: CVE-2019-16019, CVE-2019-16020, CVE-2019-16021, CVE-2019-16022, CVE-2019-16023