What is the severity of CVE-2009-2055?

CVE-2009-2055 is classified as a denial-of-service vulnerability that can significantly disrupt network services.

How does CVE-2009-2055 exploit Cisco IOS XR?

CVE-2009-2055 exploits the processing of BGP UPDATE messages with invalid attributes, causing affected devices to reset sessions.

What versions of Cisco IOS XR are affected by CVE-2009-2055?

CVE-2009-2055 affects Cisco IOS XR versions from 3.4.0 to 3.8.1.

How can I protect my network from CVE-2009-2055?

To protect against CVE-2009-2055, it is recommended to upgrade to a patched version of Cisco IOS XR beyond 3.8.1.

Is there a known workaround for CVE-2009-2055?

While upgrading is the best solution, using access control lists to filter malicious BGP UPDATE messages can serve as a temporary workaround for CVE-2009-2055.

Vulnerability/
CVE-2009-2055

Exploited

medium

4.3

CWE

19/8/2009

6/1/2025

CVE-2009-2055: Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vulnerability

First published: Wed Aug 19 2009(Updated: )

Cisco IOS XR 3.4.0 through 3.8.1 allows remote attackers to cause a denial of service (session reset) via a BGP UPDATE message with an invalid attribute, as demonstrated in the wild on 17 August 2009.

Credit: ykramarz@cisco.com ykramarz@cisco.com psirt@cisco.com

Affected Software	Affected Version	How to fix
Cisco IOS XRv 9000
Cisco IOS XRv 9000	=3.4
Cisco IOS XRv 9000	=3.4.0
Cisco IOS XRv 9000	=3.4.1
Cisco IOS XRv 9000	=3.4.2
Cisco IOS XRv 9000	=3.4.3
Cisco IOS XRv 9000	=3.5
Cisco IOS XRv 9000	=3.5.2
Cisco IOS XRv 9000	=3.5.3
Cisco IOS XRv 9000	=3.5.4
Cisco IOS XRv 9000	=3.6.0
Cisco IOS XRv 9000	=3.6.1
Cisco IOS XRv 9000	=3.6.2
Cisco IOS XRv 9000	=3.6.3
Cisco IOS XRv 9000	=3.7.0
Cisco IOS XRv 9000	=3.7.1
Cisco IOS XRv 9000	=3.7.2
Cisco IOS XRv 9000	=3.7.3
Cisco IOS XRv 9000	=3.8.0
Cisco IOS XRv 9000	=3.8.1

Remedy

http://www.cisco.com/en/US/products/products_security_advisory09186a0080af150f.shtml

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2009-2055?
CVE-2009-2055 is classified as a denial-of-service vulnerability that can significantly disrupt network services.
How does CVE-2009-2055 exploit Cisco IOS XR?
CVE-2009-2055 exploits the processing of BGP UPDATE messages with invalid attributes, causing affected devices to reset sessions.
What versions of Cisco IOS XR are affected by CVE-2009-2055?
CVE-2009-2055 affects Cisco IOS XR versions from 3.4.0 to 3.8.1.
How can I protect my network from CVE-2009-2055?
To protect against CVE-2009-2055, it is recommended to upgrade to a patched version of Cisco IOS XR beyond 3.8.1.
Is there a known workaround for CVE-2009-2055?
While upgrading is the best solution, using access control lists to filter malicious BGP UPDATE messages can serve as a temporary workaround for CVE-2009-2055.

agent/type
agent/softwarecombine
agent/remedy
agent/severity
agent/title
agent/weakness
agent/description
agent/references
agent/event
agent/first-publish-date
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/source
agent/tags
agent/author
exploited/true
collector/cisa-known-exploited
source/CISA
agent/software-canonical-lookup
agent/software-canonical-lookup-request
collector/nvd-api
source/NVD
collector/nvd-cve
collector/nvd-index
collector/nvd-historical
vendor/cisco
canonical/cisco ios xrv 9000
version/cisco ios xrv 9000/3.4
version/cisco ios xrv 9000/3.4.0
version/cisco ios xrv 9000/3.4.1
version/cisco ios xrv 9000/3.4.2
version/cisco ios xrv 9000/3.4.3
version/cisco ios xrv 9000/3.5
version/cisco ios xrv 9000/3.5.2
version/cisco ios xrv 9000/3.5.3
version/cisco ios xrv 9000/3.5.4
version/cisco ios xrv 9000/3.6.0
version/cisco ios xrv 9000/3.6.1
version/cisco ios xrv 9000/3.6.2
version/cisco ios xrv 9000/3.6.3
version/cisco ios xrv 9000/3.7.0
version/cisco ios xrv 9000/3.7.1
version/cisco ios xrv 9000/3.7.2
version/cisco ios xrv 9000/3.7.3
version/cisco ios xrv 9000/3.8.0
version/cisco ios xrv 9000/3.8.1