Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
osrg GoBGP BGP Header bgp.go BGPHeader.DecodeFromBytes access control
Vulnerability Description
A security vulnerability has been detected in osrg GoBGP up to 4.3.0. Affected is the function BGPHeader.DecodeFromBytes of the file pkg/packet/bgp/bgp.go of the component BGP Header Handler. The manipulation leads to improper access controls. Remote exploitation of the attack is possible. The attack is considered to have high complexity. The exploitability is told to be difficult. The identifier of the patch is f0f24a2a901cbf159260698211ab15c583ced131. To fix this issue, it is recommended to deploy a patch.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
Vulnerability Type
访问控制不恰当
Vulnerability Title
GoBGP 访问控制错误漏洞
Vulnerability Description
GoBGP是osrg开源的一种开源的边界网关协议(BGP)实现。 GoBGP 4.3.0及之前版本存在访问控制错误漏洞,该漏洞源于对文件pkg/packet/bgp/bgp.go中函数BGPHeader.DecodeFromBytes的错误操作,可能导致访问控制不当。
CVSS Information
N/A
Vulnerability Type
N/A