MidnightBSD

Advisories for ipinfusion

CVE-2018-17539 MEDIUM

The BGP daemon (bgpd) in all IP Infusion ZebOS versions to 7.10.6 and all OcNOS versions to 1.3.3.145 allow remote attackers to cause a denial of service attack via an autonomous system (AS) path containing 8 or more autonomous system number (ASN) elements.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
f5 big-ip_local_traffic_manager 14.0.0
f5 big-ip_local_traffic_manager *
ipinfusion zebos *
ipinfusion ocnos *
CVE-2023-45886

The BGP daemon (bgpd) in IP Infusion ZebOS through 7.10.6 allow remote attackers to cause a denial of service by sending crafted BGP update messages containing a malformed attribute.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
f5 big-ip_global_traffic_manager *
f5 big-ip_next_cloud-native_network_functions *
f5 big-ip_next_service_proxy_for_kubernetes *
f5 big-ip_local_traffic_manager *
ipinfusion zebos *
f5 big-ip_next 20.0.1