cvelistv5 - CVE-2010-3035

CVE-2010-3035 (GCVE-0-2010-3035)

Vulnerability from cvelistv5 – Published: 2010-08-30 20:00 – Updated: 2025-10-22 00:05

CISA

Summary

Severity ?

No CVSS data available.

CWE

Assigner

cisco

References

URL

Tags

	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securitytracker.com/id?1024371	vdb-entryx_refsource_SECTRACK
	http://www.cisco.com/en/US/products/products_secu…	vendor-advisoryx_refsource_CISCO
	http://mailman.nanog.org/pipermail/nanog/2010-Aug…	mailing-listx_refsource_MLIST
	http://secunia.com/advisories/41190	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2010/2227	vdb-entryx_refsource_VUPEN
	http://osvdb.org/67696	vdb-entryx_refsource_OSVDB

CISA Known Exploited Vulnerability

Data from the CISA Known Exploited Vulnerabilities Catalog

Date added: 2022-03-25

Due date: 2022-04-15

Required action: Apply updates per vendor instructions.

Used in ransomware: Unknown

Notes: https://nvd.nist.gov/vuln/detail/CVE-2010-3035

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T02:55:46.474Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ciscoiosxr-bgp-packet-dos(61443)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61443"
          },
          {
            "name": "1024371",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1024371"
          },
          {
            "name": "20100827 Cisco IOS XR Software Border Gateway Protocol Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4411f.shtml"
          },
          {
            "name": "[nanog] 20100827 Did your BGP crash today?",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://mailman.nanog.org/pipermail/nanog/2010-August/024837.html"
          },
          {
            "name": "41190",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/41190"
          },
          {
            "name": "ADV-2010-2227",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/2227"
          },
          {
            "name": "67696",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/67696"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2010-3035",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-08T17:40:14.918410Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2022-03-25",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-3035"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-22T00:05:51.586Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-3035"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2022-03-25T00:00:00+00:00",
            "value": "CVE-2010-3035 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-08-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers to cause a denial of service (peering reset) via a crafted prefix announcement, as demonstrated in the wild in August 2010 with attribute type code 99, aka Bug ID CSCti62211."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01.000Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "ciscoiosxr-bgp-packet-dos(61443)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61443"
        },
        {
          "name": "1024371",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1024371"
        },
        {
          "name": "20100827 Cisco IOS XR Software Border Gateway Protocol Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4411f.shtml"
        },
        {
          "name": "[nanog] 20100827 Did your BGP crash today?",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://mailman.nanog.org/pipermail/nanog/2010-August/024837.html"
        },
        {
          "name": "41190",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/41190"
        },
        {
          "name": "ADV-2010-2227",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/2227"
        },
        {
          "name": "67696",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/67696"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2010-3035",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers to cause a denial of service (peering reset) via a crafted prefix announcement, as demonstrated in the wild in August 2010 with attribute type code 99, aka Bug ID CSCti62211."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ciscoiosxr-bgp-packet-dos(61443)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61443"
            },
            {
              "name": "1024371",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1024371"
            },
            {
              "name": "20100827 Cisco IOS XR Software Border Gateway Protocol Vulnerability",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4411f.shtml"
            },
            {
              "name": "[nanog] 20100827 Did your BGP crash today?",
              "refsource": "MLIST",
              "url": "http://mailman.nanog.org/pipermail/nanog/2010-August/024837.html"
            },
            {
              "name": "41190",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/41190"
            },
            {
              "name": "ADV-2010-2227",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/2227"
            },
            {
              "name": "67696",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/67696"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2010-3035",
    "datePublished": "2010-08-30T20:00:00.000Z",
    "dateReserved": "2010-08-17T00:00:00.000Z",
    "dateUpdated": "2025-10-22T00:05:51.586Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2010-3035",
      "cwes": "[\"CWE-20\"]",
      "dateAdded": "2022-03-25",
      "dueDate": "2022-04-15",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://nvd.nist.gov/vuln/detail/CVE-2010-3035",
      "product": "IOS XR",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "Cisco IOS XR, when BGP is the configured routing feature, allows remote attackers to cause a denial-of-service (DoS).",
      "vendorProject": "Cisco",
      "vulnerabilityName": "Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vulnerability"
    },
    "fkie_nvd": {
      "cisaActionDue": "2022-04-15",
      "cisaExploitAdd": "2022-03-25",
      "cisaRequiredAction": "Apply updates per vendor instructions.",
      "cisaVulnerabilityName": "Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vulnerability",
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.4.0\", \"versionEndIncluding\": \"3.9.1\", \"matchCriteriaId\": \"14636B6F-0D6A-4B1F-9F7E-C5A7445A5CFC\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers to cause a denial of service (peering reset) via a crafted prefix announcement, as demonstrated in the wild in August 2010 with attribute type code 99, aka Bug ID CSCti62211.\"}, {\"lang\": \"es\", \"value\": \"Cisco IOS XR v3.4.0 hasta la versi\\u00f3n v3.9.1, si BGP est\\u00e1 activado, no maneja apropiadamente los atributos transitivos no reconocidos, lo que permite a atacantes remotos provocar una denegaci\\u00f3n de servicio (\\\"peering reset\\\" o reinicio del hom\\u00f3logo) a trav\\u00e9s de un mensaje de anuncio de prefijos modificado, como se ha demostrado en la realidad en agosto del 2010 con el c\\u00f3digo de tipo de atributo 99. Tambi\\u00e9n conocido como Bug ID CSCti62211.\"}]",
      "id": "CVE-2010-3035",
      "lastModified": "2024-12-19T20:09:31.583",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2010-08-30T21:00:12.203",
      "references": "[{\"url\": \"http://mailman.nanog.org/pipermail/nanog/2010-August/024837.html\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Mailing List\"]}, {\"url\": \"http://osvdb.org/67696\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/41190\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4411f.shtml\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Broken Link\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securitytracker.com/id?1024371\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/2227\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/61443\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"VDB Entry\", \"Vendor Advisory\"]}, {\"url\": \"http://mailman.nanog.org/pipermail/nanog/2010-August/024837.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"http://osvdb.org/67696\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/41190\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4411f.shtml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securitytracker.com/id?1024371\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/2227\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/61443\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"VDB Entry\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Analyzed",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2010-3035\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2010-08-30T21:00:12.203\",\"lastModified\":\"2025-10-22T01:15:37.630\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers to cause a denial of service (peering reset) via a crafted prefix announcement, as demonstrated in the wild in August 2010 with attribute type code 99, aka Bug ID CSCti62211.\"},{\"lang\":\"es\",\"value\":\"Cisco IOS XR v3.4.0 hasta la versi\u00f3n v3.9.1, si BGP est\u00e1 activado, no maneja apropiadamente los atributos transitivos no reconocidos, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (\\\"peering reset\\\" o reinicio del hom\u00f3logo) a trav\u00e9s de un mensaje de anuncio de prefijos modificado, como se ha demostrado en la realidad en agosto del 2010 con el c\u00f3digo de tipo de atributo 99. Tambi\u00e9n conocido como Bug ID CSCti62211.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"cisaExploitAdd\":\"2022-03-25\",\"cisaActionDue\":\"2022-04-15\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.4.0\",\"versionEndIncluding\":\"3.9.1\",\"matchCriteriaId\":\"14636B6F-0D6A-4B1F-9F7E-C5A7445A5CFC\"}]}]}],\"references\":[{\"url\":\"http://mailman.nanog.org/pipermail/nanog/2010-August/024837.html\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://osvdb.org/67696\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/41190\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4411f.shtml\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://www.securitytracker.com/id?1024371\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/2227\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/61443\",\"source\":\"psirt@cisco.com\",\"tags\":[\"VDB Entry\",\"Vendor Advisory\"]},{\"url\":\"http://mailman.nanog.org/pipermail/nanog/2010-August/024837.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://osvdb.org/67696\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/41190\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4411f.shtml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://www.securitytracker.com/id?1024371\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/2227\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/61443\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"VDB Entry\",\"Vendor Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-3035\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\"}]}}",
    "vulnrichment": {
      "containers": "{\"cna\": {\"affected\": [{\"product\": \"n/a\", \"vendor\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"datePublic\": \"2010-08-27T00:00:00.000Z\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers to cause a denial of service (peering reset) via a crafted prefix announcement, as demonstrated in the wild in August 2010 with attribute type code 99, aka Bug ID CSCti62211.\"}], \"problemTypes\": [{\"descriptions\": [{\"description\": \"n/a\", \"lang\": \"en\", \"type\": \"text\"}]}], \"providerMetadata\": {\"dateUpdated\": \"2017-08-16T14:57:01.000Z\", \"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\"}, \"references\": [{\"name\": \"ciscoiosxr-bgp-packet-dos(61443)\", \"tags\": [\"vdb-entry\", \"x_refsource_XF\"], \"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/61443\"}, {\"name\": \"1024371\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"], \"url\": \"http://www.securitytracker.com/id?1024371\"}, {\"name\": \"20100827 Cisco IOS XR Software Border Gateway Protocol Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\"], \"url\": \"http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4411f.shtml\"}, {\"name\": \"[nanog] 20100827 Did your BGP crash today?\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"], \"url\": \"http://mailman.nanog.org/pipermail/nanog/2010-August/024837.html\"}, {\"name\": \"41190\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"], \"url\": \"http://secunia.com/advisories/41190\"}, {\"name\": \"ADV-2010-2227\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"], \"url\": \"http://www.vupen.com/english/advisories/2010/2227\"}, {\"name\": \"67696\", \"tags\": [\"vdb-entry\", \"x_refsource_OSVDB\"], \"url\": \"http://osvdb.org/67696\"}], \"x_legacyV4Record\": {\"CVE_data_meta\": {\"ASSIGNER\": \"psirt@cisco.com\", \"ID\": \"CVE-2010-3035\", \"STATE\": \"PUBLIC\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"product_name\": \"n/a\", \"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}}]}, \"vendor_name\": \"n/a\"}]}}, \"data_format\": \"MITRE\", \"data_type\": \"CVE\", \"data_version\": \"4.0\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers to cause a denial of service (peering reset) via a crafted prefix announcement, as demonstrated in the wild in August 2010 with attribute type code 99, aka Bug ID CSCti62211.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"n/a\"}]}]}, \"references\": {\"reference_data\": [{\"name\": \"ciscoiosxr-bgp-packet-dos(61443)\", \"refsource\": \"XF\", \"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/61443\"}, {\"name\": \"1024371\", \"refsource\": \"SECTRACK\", \"url\": \"http://www.securitytracker.com/id?1024371\"}, {\"name\": \"20100827 Cisco IOS XR Software Border Gateway Protocol Vulnerability\", \"refsource\": \"CISCO\", \"url\": \"http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4411f.shtml\"}, {\"name\": \"[nanog] 20100827 Did your BGP crash today?\", \"refsource\": \"MLIST\", \"url\": \"http://mailman.nanog.org/pipermail/nanog/2010-August/024837.html\"}, {\"name\": \"41190\", \"refsource\": \"SECUNIA\", \"url\": \"http://secunia.com/advisories/41190\"}, {\"name\": \"ADV-2010-2227\", \"refsource\": \"VUPEN\", \"url\": \"http://www.vupen.com/english/advisories/2010/2227\"}, {\"name\": \"67696\", \"refsource\": \"OSVDB\", \"url\": \"http://osvdb.org/67696\"}]}}}, \"adp\": [{\"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-07T02:55:46.474Z\"}, \"title\": \"CVE Program Container\", \"references\": [{\"name\": \"ciscoiosxr-bgp-packet-dos(61443)\", \"tags\": [\"vdb-entry\", \"x_refsource_XF\", \"x_transferred\"], \"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/61443\"}, {\"name\": \"1024371\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"], \"url\": \"http://www.securitytracker.com/id?1024371\"}, {\"name\": \"20100827 Cisco IOS XR Software Border Gateway Protocol Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\", \"x_transferred\"], \"url\": \"http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4411f.shtml\"}, {\"name\": \"[nanog] 20100827 Did your BGP crash today?\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"], \"url\": \"http://mailman.nanog.org/pipermail/nanog/2010-August/024837.html\"}, {\"name\": \"41190\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"], \"url\": \"http://secunia.com/advisories/41190\"}, {\"name\": \"ADV-2010-2227\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"], \"url\": \"http://www.vupen.com/english/advisories/2010/2227\"}, {\"name\": \"67696\", \"tags\": [\"vdb-entry\", \"x_refsource_OSVDB\", \"x_transferred\"], \"url\": \"http://osvdb.org/67696\"}]}, {\"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2010-3035\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-08T17:40:14.918410Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2022-03-25\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-3035\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-08T16:07:24.860Z\"}, \"timeline\": [{\"time\": \"2022-03-25T00:00:00+00:00\", \"lang\": \"en\", \"value\": \"CVE-2010-3035 added to CISA KEV\"}], \"title\": \"CISA ADP Vulnrichment\"}]}",
      "cveMetadata": "{\"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"assignerShortName\": \"cisco\", \"cveId\": \"CVE-2010-3035\", \"datePublished\": \"2010-08-30T20:00:00.000Z\", \"dateReserved\": \"2010-08-17T00:00:00.000Z\", \"dateUpdated\": \"2025-10-21T20:04:23.680Z\", \"state\": \"PUBLISHED\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CERTA-2010-AVI-410

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité dans Cisco IOS XR permet de réaliser un déni de service à distance.

Description

Une vulnérabilité a été découverte dans la gestion des préfixes BGP par Cisco IOS XR. Un appareil utilisant Cisco IOS XR, qui reçoit un préfixe BGP avec un attribut transitif spécifique, va corrompre cet attribut avant de le réémettre à ses voisins. Les voisins peuvent alors réinitialiser la session BGP.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Tous les matériels avec le logiciel Cisco IOS XR configuré pour le routage BGP.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco 20100827-bgp du 29 août 2010

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eTous les mat\u00e9riels avec le logiciel \u003cSPAN class=\"textit\"\u003eCisco  IOS XR\u003c/SPAN\u003e configur\u00e9 pour le routage \u003cTT\u003eBGP\u003c/TT\u003e.\u003c/P\u003e",
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans la gestion des pr\u00e9fixes BGP par\nCisco IOS XR. Un appareil utilisant Cisco IOS XR, qui re\u00e7oit un pr\u00e9fixe\nBGP avec un attribut transitif sp\u00e9cifique, va corrompre cet attribut\navant de le r\u00e9\u00e9mettre \u00e0 ses voisins. Les voisins peuvent alors\nr\u00e9initialiser la session BGP.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2010-3035",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3035"
    }
  ],
  "links": [],
  "reference": "CERTA-2010-AVI-410",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2010-08-30T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 dans \u003cspan class=\"textit\"\u003eCisco IOS XR\u003c/span\u003e permet\nde r\u00e9aliser un d\u00e9ni de service \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Cisco IOS XR",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco 20100827-bgp du 29 ao\u00fbt 2010",
      "url": "http://www.cisco.com/warp/public/707/cisco-sa-20100827-bgp.shtml"
    }
  ]
}

CERTA-2010-AVI-410

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité dans Cisco IOS XR permet de réaliser un déni de service à distance.

Description

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Tous les matériels avec le logiciel Cisco IOS XR configuré pour le routage BGP.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco 20100827-bgp du 29 août 2010

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eTous les mat\u00e9riels avec le logiciel \u003cSPAN class=\"textit\"\u003eCisco  IOS XR\u003c/SPAN\u003e configur\u00e9 pour le routage \u003cTT\u003eBGP\u003c/TT\u003e.\u003c/P\u003e",
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans la gestion des pr\u00e9fixes BGP par\nCisco IOS XR. Un appareil utilisant Cisco IOS XR, qui re\u00e7oit un pr\u00e9fixe\nBGP avec un attribut transitif sp\u00e9cifique, va corrompre cet attribut\navant de le r\u00e9\u00e9mettre \u00e0 ses voisins. Les voisins peuvent alors\nr\u00e9initialiser la session BGP.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2010-3035",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3035"
    }
  ],
  "links": [],
  "reference": "CERTA-2010-AVI-410",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2010-08-30T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 dans \u003cspan class=\"textit\"\u003eCisco IOS XR\u003c/span\u003e permet\nde r\u00e9aliser un d\u00e9ni de service \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Cisco IOS XR",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco 20100827-bgp du 29 ao\u00fbt 2010",
      "url": "http://www.cisco.com/warp/public/707/cisco-sa-20100827-bgp.shtml"
    }
  ]
}

GSD-2010-3035

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2010-3035

Aliases

CVE-2010-3035

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2010-3035",
    "description": "Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers to cause a denial of service (peering reset) via a crafted prefix announcement, as demonstrated in the wild in August 2010 with attribute type code 99, aka Bug ID CSCti62211.",
    "id": "GSD-2010-3035"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2010-3035"
      ],
      "details": "Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers to cause a denial of service (peering reset) via a crafted prefix announcement, as demonstrated in the wild in August 2010 with attribute type code 99, aka Bug ID CSCti62211.",
      "id": "GSD-2010-3035",
      "modified": "2023-12-13T01:21:33.800503Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cisa.gov": {
      "cveID": "CVE-2010-3035",
      "dateAdded": "2022-03-25",
      "dueDate": "2022-04-15",
      "product": "IOS XR",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "Cisco IOS XR, when BGP is the configured routing feature, allows remote attackers to cause a denial-of-service.",
      "vendorProject": "Cisco",
      "vulnerabilityName": "Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vulnerability"
    },
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2010-3035",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers to cause a denial of service (peering reset) via a crafted prefix announcement, as demonstrated in the wild in August 2010 with attribute type code 99, aka Bug ID CSCti62211."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "ciscoiosxr-bgp-packet-dos(61443)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61443"
          },
          {
            "name": "1024371",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1024371"
          },
          {
            "name": "20100827 Cisco IOS XR Software Border Gateway Protocol Vulnerability",
            "refsource": "CISCO",
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4411f.shtml"
          },
          {
            "name": "[nanog] 20100827 Did your BGP crash today?",
            "refsource": "MLIST",
            "url": "http://mailman.nanog.org/pipermail/nanog/2010-August/024837.html"
          },
          {
            "name": "41190",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/41190"
          },
          {
            "name": "ADV-2010-2227",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2010/2227"
          },
          {
            "name": "67696",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/67696"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.4.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.4.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.6.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.8.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.6.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.6.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.8.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.8.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.8.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.5.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.7.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.8.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.5.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.5.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.7.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.7.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.9.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2010-3035"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers to cause a denial of service (peering reset) via a crafted prefix announcement, as demonstrated in the wild in August 2010 with attribute type code 99, aka Bug ID CSCti62211."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20100827 Cisco IOS XR Software Border Gateway Protocol Vulnerability",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4411f.shtml"
            },
            {
              "name": "[nanog] 20100827 Did your BGP crash today?",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://mailman.nanog.org/pipermail/nanog/2010-August/024837.html"
            },
            {
              "name": "ADV-2010-2227",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2010/2227"
            },
            {
              "name": "1024371",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1024371"
            },
            {
              "name": "41190",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/41190"
            },
            {
              "name": "67696",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/67696"
            },
            {
              "name": "ciscoiosxr-bgp-packet-dos(61443)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61443"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-08-17T01:32Z",
      "publishedDate": "2010-08-30T21:00Z"
    }
  }
}

GHSA-9Q29-G37M-5WMP

Vulnerability from github – Published: 2022-05-17 02:05 – Updated: 2025-10-22 03:30

Details

Severity ?

7.5 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2010-3035"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2010-08-30T21:00:00Z",
    "severity": "MODERATE"
  },
  "details": "Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers to cause a denial of service (peering reset) via a crafted prefix announcement, as demonstrated in the wild in August 2010 with attribute type code 99, aka Bug ID CSCti62211.",
  "id": "GHSA-9q29-g37m-5wmp",
  "modified": "2025-10-22T03:30:28Z",
  "published": "2022-05-17T02:05:47Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3035"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61443"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-3035"
    },
    {
      "type": "WEB",
      "url": "http://mailman.nanog.org/pipermail/nanog/2010-August/024837.html"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/67696"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/41190"
    },
    {
      "type": "WEB",
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4411f.shtml"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1024371"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2010/2227"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

VAR-201008-0340

Vulnerability from variot - Updated: 2023-12-18 13:49

Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers to cause a denial of service (peering reset) via a crafted prefix announcement, as demonstrated in the wild in August 2010 with attribute type code 99, aka Bug ID CSCti62211. Cisco IOS XR is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause the affected device to restart, denying service to legitimate users. This issue is tracked by Cisco Bug ID CSCti62211. A remote attacker can cause a denial of service (peer reset) with the help of a specially crafted prefix advertisement. ----------------------------------------------------------------------

List of products vulnerable to insecure library loading vulnerabilities: http://secunia.com/_%22insecure%20library%20loading%22

The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected.

TITLE: Cisco IOS XR Border Gateway Protocol Denial of Service Vulnerability

SECUNIA ADVISORY ID: SA41190

VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41190/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41190

RELEASE DATE: 2010-08-31

DISCUSS ADVISORY: http://secunia.com/advisories/41190/#comments

AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

http://secunia.com/advisories/41190/

ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

https://ca.secunia.com/?page=viewadvisory&vuln_id=41190

ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

DESCRIPTION: A vulnerability has been reported in Cisco IOS XR, which can be exploited by malicious people to cause a DoS (Denial of Service).

SOLUTION: Reported by the vendor.

PROVIDED AND/OR DISCOVERED BY: Apply updates (please see the vendor's advisory for details).

ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20100827-bgp.shtml

OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201008-0340",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "cisco",
        "version": "3.8.1"
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "cisco",
        "version": "3.7.3"
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "cisco",
        "version": "3.7.2"
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "cisco",
        "version": "3.7.1"
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "cisco",
        "version": "3.6.3"
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "cisco",
        "version": "3.6.2"
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "cisco",
        "version": "3.6.1"
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "3.6.0"
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "3.8.0"
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "3.7.0"
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "3.9.1"
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "3.8.4"
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "3.8.3"
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "3.8.2"
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "3.5.4"
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "3.5.3"
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "3.5.2"
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "3.4.3"
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "3.4.2"
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "3.4.1"
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "3.9.0"
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "3.4.0"
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "3.4.0 to  3.9.1"
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.9"
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.8"
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.7"
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.6"
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.4"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "42821"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-004263"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-3035"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201008-377"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.4.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.4.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.6.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.8.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.6.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.6.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.8.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.8.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.8.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.5.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.7.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.8.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.5.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.5.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.7.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.7.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:3.9.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2010-3035"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco",
    "sources": [
      {
        "db": "BID",
        "id": "42821"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201008-377"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2010-3035",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 5.0,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2010-3035",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-45640",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2010-3035",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201008-377",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-45640",
            "trust": 0.1,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2010-3035",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-45640"
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-3035"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-004263"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-3035"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201008-377"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers to cause a denial of service (peering reset) via a crafted prefix announcement, as demonstrated in the wild in August 2010 with attribute type code 99, aka Bug ID CSCti62211. Cisco IOS XR is prone to a denial-of-service vulnerability. \nAn attacker can exploit this issue to cause the affected device to restart, denying service to legitimate users. \nThis issue is tracked by Cisco Bug ID CSCti62211. A remote attacker can cause a denial of service (peer reset) with the help of a specially crafted prefix advertisement. ----------------------------------------------------------------------\n\n\nList of products vulnerable to insecure library loading vulnerabilities:\nhttp://secunia.com/_%22insecure%20library%20loading%22\n\nThe list is continuously updated as we confirm the vulnerability reports\nso check back regularly too see if any of your apps are affected. \n\n\n----------------------------------------------------------------------\n\nTITLE:\nCisco IOS XR Border Gateway Protocol Denial of Service Vulnerability\n\nSECUNIA ADVISORY ID:\nSA41190\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/41190/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=41190\n\nRELEASE DATE:\n2010-08-31\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/41190/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/41190/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=41190\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in Cisco IOS XR, which can be\nexploited by malicious people to cause a DoS (Denial of Service). \n\nSOLUTION:\nReported by the vendor. \n\nPROVIDED AND/OR DISCOVERED BY:\nApply updates (please see the vendor\u0027s advisory for details). \n\nORIGINAL ADVISORY:\nhttp://www.cisco.com/warp/public/707/cisco-sa-20100827-bgp.shtml\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2010-3035"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-004263"
      },
      {
        "db": "BID",
        "id": "42821"
      },
      {
        "db": "VULHUB",
        "id": "VHN-45640"
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-3035"
      },
      {
        "db": "PACKETSTORM",
        "id": "93323"
      }
    ],
    "trust": 2.16
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2010-3035",
        "trust": 2.9
      },
      {
        "db": "SECUNIA",
        "id": "41190",
        "trust": 1.3
      },
      {
        "db": "VUPEN",
        "id": "ADV-2010-2227",
        "trust": 1.2
      },
      {
        "db": "OSVDB",
        "id": "67696",
        "trust": 1.2
      },
      {
        "db": "SECTRACK",
        "id": "1024371",
        "trust": 1.2
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-004263",
        "trust": 0.8
      },
      {
        "db": "CISCO",
        "id": "20100827 CISCO IOS XR SOFTWARE BORDER GATEWAY PROTOCOL VULNERABILITY",
        "trust": 0.6
      },
      {
        "db": "MLIST",
        "id": "[NANOG] 20100827 DID YOUR BGP CRASH TODAY?",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201008-377",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "42821",
        "trust": 0.5
      },
      {
        "db": "VULHUB",
        "id": "VHN-45640",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-3035",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "93323",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-45640"
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-3035"
      },
      {
        "db": "BID",
        "id": "42821"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-004263"
      },
      {
        "db": "PACKETSTORM",
        "id": "93323"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-3035"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201008-377"
      }
    ]
  },
  "id": "VAR-201008-0340",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-45640"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T13:49:17.894000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20100827-bgp",
        "trust": 0.8,
        "url": "http://www.cisco.com/en/us/products/csa/cisco-sa-20100827-bgp.html"
      },
      {
        "title": "Cisco: Cisco IOS XR Software Border Gateway Protocol Vulnerability",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20100827-bgp"
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/santosomar/kev_checker "
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2010-3035"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-004263"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-45640"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-004263"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-3035"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.1,
        "url": "http://www.cisco.com/en/us/products/products_security_advisory09186a0080b4411f.shtml"
      },
      {
        "trust": 1.8,
        "url": "http://mailman.nanog.org/pipermail/nanog/2010-august/024837.html"
      },
      {
        "trust": 1.2,
        "url": "http://osvdb.org/67696"
      },
      {
        "trust": 1.2,
        "url": "http://www.securitytracker.com/id?1024371"
      },
      {
        "trust": 1.2,
        "url": "http://secunia.com/advisories/41190"
      },
      {
        "trust": 1.2,
        "url": "http://www.vupen.com/english/advisories/2010/2227"
      },
      {
        "trust": 1.2,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61443"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3035"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-3035"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/en/us/products/sw/iosswrel/products_ios_cisco_ios_software_category_home.html"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/20.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://www.securityfocus.com/bid/42821"
      },
      {
        "trust": 0.1,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20100827-bgp"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=41190"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/products/corporate/evm/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/41190/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/_%22insecure%20library%20loading%22"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/personal/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/41190/#comments"
      },
      {
        "trust": 0.1,
        "url": "http://www.cisco.com/warp/public/707/cisco-sa-20100827-bgp.shtml"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-45640"
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-3035"
      },
      {
        "db": "BID",
        "id": "42821"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-004263"
      },
      {
        "db": "PACKETSTORM",
        "id": "93323"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-3035"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201008-377"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-45640"
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-3035"
      },
      {
        "db": "BID",
        "id": "42821"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-004263"
      },
      {
        "db": "PACKETSTORM",
        "id": "93323"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-3035"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201008-377"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2010-08-30T00:00:00",
        "db": "VULHUB",
        "id": "VHN-45640"
      },
      {
        "date": "2010-08-30T00:00:00",
        "db": "VULMON",
        "id": "CVE-2010-3035"
      },
      {
        "date": "2010-08-27T00:00:00",
        "db": "BID",
        "id": "42821"
      },
      {
        "date": "2012-06-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2010-004263"
      },
      {
        "date": "2010-08-31T10:27:11",
        "db": "PACKETSTORM",
        "id": "93323"
      },
      {
        "date": "2010-08-30T21:00:12.203000",
        "db": "NVD",
        "id": "CVE-2010-3035"
      },
      {
        "date": "2010-08-30T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201008-377"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-08-17T00:00:00",
        "db": "VULHUB",
        "id": "VHN-45640"
      },
      {
        "date": "2017-08-17T00:00:00",
        "db": "VULMON",
        "id": "CVE-2010-3035"
      },
      {
        "date": "2010-09-01T18:37:00",
        "db": "BID",
        "id": "42821"
      },
      {
        "date": "2012-06-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2010-004263"
      },
      {
        "date": "2017-08-17T01:32:53.993000",
        "db": "NVD",
        "id": "CVE-2010-3035"
      },
      {
        "date": "2010-09-02T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201008-377"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201008-377"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco IOS XR Service disruption in  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-004263"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201008-377"
      }
    ],
    "trust": 0.6
  }
}

FKIE_CVE-2010-3035

Vulnerability from fkie_nvd - Published: 2010-08-30 21:00 - Updated: 2025-10-22 01:15

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
psirt@cisco.com	http://mailman.nanog.org/pipermail/nanog/2010-August/024837.html	Mailing List
psirt@cisco.com	http://osvdb.org/67696	Broken Link
psirt@cisco.com	http://secunia.com/advisories/41190	Broken Link
psirt@cisco.com	http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4411f.shtml	Broken Link, Vendor Advisory
psirt@cisco.com	http://www.securitytracker.com/id?1024371	Broken Link, Third Party Advisory, VDB Entry
psirt@cisco.com	http://www.vupen.com/english/advisories/2010/2227	Broken Link
psirt@cisco.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/61443	VDB Entry, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://mailman.nanog.org/pipermail/nanog/2010-August/024837.html	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/67696	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/41190	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4411f.shtml	Broken Link, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1024371	Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/2227	Broken Link
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/61443	VDB Entry, Vendor Advisory
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-3035

Impacted products

	Vendor	Product	Version
	cisco	ios_xr	*

JSON

To clipboard

{
  "cisaActionDue": "2022-04-15",
  "cisaExploitAdd": "2022-03-25",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "14636B6F-0D6A-4B1F-9F7E-C5A7445A5CFC",
              "versionEndIncluding": "3.9.1",
              "versionStartIncluding": "3.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers to cause a denial of service (peering reset) via a crafted prefix announcement, as demonstrated in the wild in August 2010 with attribute type code 99, aka Bug ID CSCti62211."
    },
    {
      "lang": "es",
      "value": "Cisco IOS XR v3.4.0 hasta la versi\u00f3n v3.9.1, si BGP est\u00e1 activado, no maneja apropiadamente los atributos transitivos no reconocidos, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (\"peering reset\" o reinicio del hom\u00f3logo) a trav\u00e9s de un mensaje de anuncio de prefijos modificado, como se ha demostrado en la realidad en agosto del 2010 con el c\u00f3digo de tipo de atributo 99. Tambi\u00e9n conocido como Bug ID CSCti62211."
    }
  ],
  "id": "CVE-2010-3035",
  "lastModified": "2025-10-22T01:15:37.630",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2010-08-30T21:00:12.203",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Mailing List"
      ],
      "url": "http://mailman.nanog.org/pipermail/nanog/2010-August/024837.html"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://osvdb.org/67696"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/41190"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4411f.shtml"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id?1024371"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/2227"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61443"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://mailman.nanog.org/pipermail/nanog/2010-August/024837.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://osvdb.org/67696"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/41190"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4411f.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id?1024371"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/2227"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61443"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-3035"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2010-3035 (GCVE-0-2010-3035)

CISA Known Exploited Vulnerability

Data from the CISA Known Exploited Vulnerabilities Catalog

CERTA-2010-AVI-410

Description

Solution

CERTA-2010-AVI-410

Description

Solution

GSD-2010-3035

GHSA-9Q29-G37M-5WMP

VAR-201008-0340

FKIE_CVE-2010-3035

Tags

Sightings

Nomenclature