VDB

CVE-2017-15865

CVE-2017-15865 PUBLISHED

Reported by mitre · Published November 8, 2017

bgpd in FRRouting (FRR) before 2.0.2 and 3.x before 3.0.2, as used in Cumulus Linux before 3.4.3 and other products, allows remote attackers to obtain sensitive information via a malformed BGP UPDATE packet from a connected peer, which triggers transmission of up to a few thousand unintended bytes because of a mishandled attribute length, aka RN-690 (CM-18492).

Affected Products

VendorProductVersions
n/an/an/a
n/an/an/a, n/a

Timeline

  • Nov 8, 2017 CVE Published
  • Apr 14, 2021 EPSS Score
  • Jun 23, 2021 EPSS Score
  • Aug 24, 2021 EPSS Score
  • Oct 26, 2021 EPSS Score
  • Dec 27, 2021 EPSS Score
  • Feb 28, 2022 EPSS Score
  • May 2, 2022 EPSS Score
  • Jul 3, 2022 EPSS Score
  • Sep 5, 2022 EPSS Score
  • Nov 6, 2022 EPSS Score
  • Jan 8, 2023 EPSS Score

References

  • x_refsource_CONFIRM
  • x_refsource_CONFIRM
  • x_refsource_CONFIRM
  • 101794 vdb-entryx_refsource_BID
  • x_refsource_CONFIRM
Open in Interactive Console →
$ Console Community · 100/wk Open console ›