FRRouting FRR EVPN Type-2 Route bgp_evpn.c process_type2_route access control

A vulnerability has been found in FRRouting FRR up to 10.5.1. This affects the function process_type2_route of the file bgpd/bgp_evpn.c of the component EVPN Type-2 Route Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. The attack is considered to have high complexity. The exploitability is reported as difficult. The identifier of the patch is 7676cad65114aa23adde583d91d9d29e2debd045. To fix this issue, it is recommended to deploy a patch.

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L

访问控制不恰当

FRRouting 访问控制错误漏洞

FRRouting是FRRouting开源的一种在类 Unix 平台上运行的网络路由软件套件。 FRRouting 10.5.1及之前版本存在访问控制错误漏洞，该漏洞源于对文件bgpd/bgp_evpn.c中函数process_type2_route的错误操作，可能导致访问控制不当。

N/A

N/A