High severity7.5CISA KEVNVD Advisory· Published Aug 30, 2010· Updated Apr 22, 2026

CVE-2010-3035

Description

Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers to cause a denial of service (peering reset) via a crafted prefix announcement, as demonstrated in the wild in August 2010 with attribute type code 99, aka Bug ID CSCti62211.

Affected products

Cisco Systems, Inc./Ios Xr
cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*
Range: >=3.4.0,<=3.9.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.cisco.com/en/US/products/products_security_advisory09186a0080b4411f.shtmlnvdBroken LinkVendor Advisory
www.securitytracker.com/idnvdBroken LinkThird Party AdvisoryVDB Entry
exchange.xforce.ibmcloud.com/vulnerabilities/61443nvdVDB EntryVendor Advisory
mailman.nanog.org/pipermail/nanog/2010-August/024837.htmlnvdMailing List
osvdb.org/67696nvdBroken Link
secunia.com/advisories/41190nvdBroken Link
www.vupen.com/english/advisories/2010/2227nvdBroken Link
www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.004
exploit	0.000
kev	0.120
patch	0.000
ransomware	0.000