CVE-2023-47235

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Nov 3, 2023
Updated: Nov 14, 2023

Summary

CVE-2023-47235 is a vulnerability discovered in FRRouting FRR through version 9.0.1. It can lead to a crash when a malformed BGP UPDATE message with an EOR (End-of-Rib) is processed, as the presence of EOR does not result in a treat-as-withdraw outcome. This vulnerability affects multiple products, including aZdyd_, aZdyd-, rVf7Bk, rVf7Bh, rVf7Bg, rVf7Bj, and more. The risk score for this vulnerability is 27, indicating a high level of risk. The potential danger it poses to an organization is also high, as an attacker exploiting this vulnerability could cause denial of service by crashing the affected system. To remediate this issue, it is recommended to update the FRRouting software to version 9.0.2 or later, which includes a fix for this vulnerability.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-47235 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options