CVE-2012-4617

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 15.2 Cisco IOS XE versions 3.5.xS through 3.5.2S Cisco IOS XR versions 4.1.0 through 4.2.2

Description The vulnerability can be triggered when the router receives a malformed attribute from a peer on an existing BGP session. Successful exploitation of this issue can cause all BGP sessions to reset. Repeated exploitation may result in an inability to route packets to BGP neighbors during reconvergence times.

Recommendations For Cisco IOS version 15.2, update to a fixed version to address the vulnerability. For Cisco IOS XE versions 3.5.xS through 3.5.2S, update to version 3.5.2S or later to address the vulnerability. For Cisco IOS XR versions 4.1.0 through 4.2.2, update to a version later than 4.2.2 to address the vulnerability. As a temporary workaround, consider restricting the BGP session to trusted peers until a patch is available.