CVE-2019-1909

Name of the Vulnerable Software and Affected Versions Cisco IOS XR Software (affected versions not specified)

Description The issue is due to incorrect processing of certain BGP update messages, which could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected system. An attacker could exploit this by sending BGP update messages that include a specific set of attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic from explicitly defined peers only, so the malicious BGP update message would need to come from a configured, valid BGP peer or be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.

Recommendations To resolve the issue, apply the software updates released by Cisco that address this vulnerability. At the moment, there is no additional information about other versions that may contain a fix for this vulnerability.