CVE-2023-41376
CVSS 3.1 Score 7.5 of 10 (high)
Details
Summary
CVE-2023-41376 is a vulnerability affecting Nokia Service Router Operating System (SR OS) 22.10 and SR Linux. If error-handling update-fault-tolerance is not enabled, these systems mishandle BGP (Border Gateway Protocol) path attributes, potentially leading to denial-of-service (DoS) attacks or unauthorized routing of traffic. An attacker could exploit this weakness by sending malicious BGP messages to manipulate the router's routing table, resulting in misrouted traffic or network interruptions. To mitigate this risk, Nokia recommends enabling error-handling update-fault-tolerance.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Vendors
- Nokia