Vulnerabilities > Siemens > Ruggedcom ROX II

DATE CVE VULNERABILITY TITLE RISK
2018-02-19 CVE-2018-5381 Infinite Loop vulnerability in multiple products
The Quagga BGP daemon (bgpd) prior to version 1.2.3 has a bug in its parsing of "Capabilities" in BGP OPEN messages, in the bgp_packet.c:bgp_capability_msg_parse function.
network
low complexity
quagga canonical debian siemens CWE-835
5.0
5.0
2018-02-19 CVE-2018-5380 Out-of-bounds Read vulnerability in multiple products
The Quagga BGP daemon (bgpd) prior to version 1.2.3 can overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value, based on input.
network
low complexity
quagga debian canonical siemens CWE-125
4.0
4.0
2018-02-19 CVE-2018-5379 Double Free vulnerability in multiple products
The Quagga BGP daemon (bgpd) prior to version 1.2.3 can double-free memory when processing certain forms of UPDATE message, containing cluster-list and/or unknown attributes.
network
low complexity
quagga debian canonical redhat siemens CWE-415
7.5
7.5