BGP Security Vulnerabilities and CVSS Scoring System

Learn about BGP security vulnerabilities and their classification through CVSS scoring in this technical talk from NANOG featuring Jeffrey Haas and Matt Paulsen from Juniper Networks. Explore how seemingly minor software bugs in BGP can significantly impact global Internet routing infrastructure. Understand the Common Vulnerability Scoring System (CVSS) methodology used to evaluate and classify security issues, and examine its role in vendor security alerts and information disclosure policies. Gain insights from Jeffrey Haas, a Distinguished Engineer at Juniper Networks and IETF IDR Working Group Chair, who brings extensive experience in Internet technologies, routing protocols, and BGP implementation. Discover the complex relationship between bug classification, security vulnerability reporting, and the availability of information about BGP implementation defects that affect Internet routing stability.