FRR Dynamic Routing Denial of Service Vulenrabilities
Advisory ID
WGSA-2023-00010
CVE
CVE-2023-38802, CVE-2023-41358
Impact
High
Status
Acknowledged
Product Family
Firebox
Published Date
Updated Date
Workaround Available
True
CVSS Score
7.5
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
BGP software such as FRRRouting FRR and Quagga included as part of Fireware OS enable a remote attacker to incorrectly reset network sessions through an invalid BGP update. This vulnerability is only applicable to Firebox appliances with BGP routing features enabled.
Affected
| Product Version | Affected Version(s) | Note |
|---|---|---|
| Firebox | Fireware OS 12.2.1 up to and including 12.10 | The version of FRR (previously Quagga) used in Fireware OS 12.2.1 through 12.10 is vulnerable |
Resolution
Fireware OS 12.10.1
Workaround
No workaround available
References
Advisory Product List
| Product Family | Product Branch | Product List |
|---|---|---|
Firebox
|
Fireware OS 12.x | T20, T25, T40, T45, T55, T70, T80, T85, M270, M290, M370, M390, M470, M570, M590, M670, M690, M440, M4600, M4800, M5600, M5800, Firebox Cloud, Firebox NV5, FireboxV |
Firebox
|
Fireware OS 12.5.x | T15, T35 |