CVE-2023-41376

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Aug 29, 2023
Updated: Sep 5, 2023

Summary

CVE-2023-41376 is a vulnerability affecting Nokia Service Router Operating System (SR OS) 22.10 and SR Linux. If error-handling update-fault-tolerance is not enabled, these systems mishandle BGP (Border Gateway Protocol) path attributes, potentially leading to denial-of-service (DoS) attacks or unauthorized routing of traffic. An attacker could exploit this weakness by sending malicious BGP messages to manipulate the router's routing table, resulting in misrouted traffic or network interruptions. To mitigate this risk, Nokia recommends enabling error-handling update-fault-tolerance.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share