CVE-2023-45886: 
F5 BIG-IP Virtual Edition vulnerability analysis and mitigation

CVE-2023-45886 is a vulnerability in the BGP daemon (bgpd) of IP Infusion ZebOS through version 7.10.6. The vulnerability was discovered in 2023 and allows remote attackers to cause a denial of service by sending crafted BGP update messages containing a malformed attribute (NVD, CVE).

The vulnerability has a CVSS v3.1 base score of 7.5 (HIGH) with vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. The issue occurs when processing BGP update messages containing malformed path attributes, where instead of ignoring invalid updates, affected systems reset the underlying TCP connection for the BGP session and de-peer the router (CERT Advisory, BGP Blog).

When exploited, this vulnerability can cause BGP sessions to reset, leading to routing instability and potential network outages. Since BGP sessions are critical for internet connectivity, a successful attack could disrupt traffic flow and impact network communication. The issue is particularly concerning as it can propagate across networks, potentially affecting multiple systems (BGP Blog).

F5 has published advisory K000137315 addressing the ZebOS BGP vulnerability. The issue affects multiple F5 BIG-IP products through the vulnerable ZebOS bgpd component from IP Infusion. Organizations using affected systems should apply the recommended patches or configuration changes as detailed in the vendor advisories (F5 Advisory).