CVE-2017-12238
Cisco Catalyst 6800 Series Switches VPLS Denial-of-Service Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
YesDecision
Descriptions
A vulnerability in the Virtual Private LAN Service (VPLS) code of Cisco IOS 15.0 through 15.4 for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, adjacent attacker to cause a C6800-16P10G or C6800-16P10G-XL type line card to crash, resulting in a denial of service (DoS) condition. The vulnerability is due to a memory management issue in the affected software. An attacker could exploit this vulnerability by creating a large number of VPLS-generated MAC entries in the MAC address table of an affected device. A successful exploit could allow the attacker to cause a C6800-16P10G or C6800-16P10G-XL type line card to crash, resulting in a DoS condition. This vulnerability affects Cisco Catalyst 6800 Series Switches that are running a vulnerable release of Cisco IOS Software and have a Cisco C6800-16P10G or C6800-16P10G-XL line card in use with Supervisor Engine 6T. To be vulnerable, the device must also be configured with VPLS and the C6800-16P10G or C6800-16P10G-XL line card needs to be the core-facing MPLS interfaces. Cisco Bug IDs: CSCva61927.
Una vulnerabilidad en el código VPLS (Virtual Private LAN Service) de Cisco IOS desde la versión 15.0 hasta la 15.4 para los switches de la serie 6800 de Cisco Catalyst podría permitir que un atacante adyacente sin autenticar provoque el cierre inesperado de las tarjetas de línea C6800-16P10G o C6800-16P10G-XL, provocando una denegación de servicio (DoS) como consecuencia. Esta vulnerabilidad se debe a un problema de gestión de memoria en el software afectado. Un atacante podría explotar esta vulnerabilidad creando un gran número de entradas MAC generadas por el VPLS en la tabla de direcciones MAC del dispositivo afectado. Si se explota con éxito, podría permitir que el atacante provoque el cierre inesperado de las tarjetas de línea C6800-16P10G o C6800-16P10G-XL, provocando una denegación de servicio (DoS) como consecuencia. Esta vulnerabilidad afecta a los switches de la serie 6800 de Cisco Catalyst que ejecutan una distribución vulnerable del software de Cisco IOS y tienen una tarjeta de línea Cisco C6800-16P10G o C6800-16P10G-XL que se utiliza con Supervisor Engine 6T. Para que sea vulnerable, el dispositivo tiene que estar también configurado con VPLS y la tarjeta de línea C6800-16P10G o C6800-16P10G-XL necesita estar en las interfaces conectadas al núcleo MPLS Cisco Bug IDs: CSCva61927.
A vulnerability in the Virtual Private LAN Service (VPLS) code of Cisco IOS for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, adjacent attacker to cause a denial of service.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-08-03 CVE Reserved
- 2017-09-28 CVE Published
- 2022-03-03 Exploited in Wild
- 2022-03-24 KEV Due Date
- 2024-06-10 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- First Exploit
CWE
- CWE-399: Resource Management Errors
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/101040 | Third Party Advisory | |
| http://www.securitytracker.com/id/1039453 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-vpls | 2019-10-09 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.0\(1\)sy1 Search vendor "Cisco" for product "Ios" and version "15.0\(1\)sy1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(1\)sy Search vendor "Cisco" for product "Ios" and version "15.1\(1\)sy" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(1\)sy1 Search vendor "Cisco" for product "Ios" and version "15.1\(1\)sy1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(1\)sy2 Search vendor "Cisco" for product "Ios" and version "15.1\(1\)sy2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(1\)sy3 Search vendor "Cisco" for product "Ios" and version "15.1\(1\)sy3" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(1\)sy4 Search vendor "Cisco" for product "Ios" and version "15.1\(1\)sy4" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(1\)sy5 Search vendor "Cisco" for product "Ios" and version "15.1\(1\)sy5" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(1\)sy6 Search vendor "Cisco" for product "Ios" and version "15.1\(1\)sy6" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(2\)sy Search vendor "Cisco" for product "Ios" and version "15.1\(2\)sy" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(2\)sy1 Search vendor "Cisco" for product "Ios" and version "15.1\(2\)sy1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(2\)sy2 Search vendor "Cisco" for product "Ios" and version "15.1\(2\)sy2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(2\)sy3 Search vendor "Cisco" for product "Ios" and version "15.1\(2\)sy3" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(2\)sy4 Search vendor "Cisco" for product "Ios" and version "15.1\(2\)sy4" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(2\)sy4a Search vendor "Cisco" for product "Ios" and version "15.1\(2\)sy4a" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(2\)sy5 Search vendor "Cisco" for product "Ios" and version "15.1\(2\)sy5" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(2\)sy6 Search vendor "Cisco" for product "Ios" and version "15.1\(2\)sy6" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(2\)sy7 Search vendor "Cisco" for product "Ios" and version "15.1\(2\)sy7" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(2\)sy8 Search vendor "Cisco" for product "Ios" and version "15.1\(2\)sy8" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(2\)sy9 Search vendor "Cisco" for product "Ios" and version "15.1\(2\)sy9" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.1\(2\)sy10 Search vendor "Cisco" for product "Ios" and version "15.1\(2\)sy10" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.2\(1\)sy Search vendor "Cisco" for product "Ios" and version "15.2\(1\)sy" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.2\(1\)sy0a Search vendor "Cisco" for product "Ios" and version "15.2\(1\)sy0a" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.2\(1\)sy1 Search vendor "Cisco" for product "Ios" and version "15.2\(1\)sy1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.2\(1\)sy1a Search vendor "Cisco" for product "Ios" and version "15.2\(1\)sy1a" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.2\(1\)sy2 Search vendor "Cisco" for product "Ios" and version "15.2\(1\)sy2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.2\(1\)sy3 Search vendor "Cisco" for product "Ios" and version "15.2\(1\)sy3" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.2\(1\)sy4 Search vendor "Cisco" for product "Ios" and version "15.2\(1\)sy4" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.2\(2\)sy Search vendor "Cisco" for product "Ios" and version "15.2\(2\)sy" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.2\(2\)sy1 Search vendor "Cisco" for product "Ios" and version "15.2\(2\)sy1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.2\(2\)sy2 Search vendor "Cisco" for product "Ios" and version "15.2\(2\)sy2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.3\(1\)sy Search vendor "Cisco" for product "Ios" and version "15.3\(1\)sy" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.3\(1\)sy1 Search vendor "Cisco" for product "Ios" and version "15.3\(1\)sy1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.3\(1\)sy2 Search vendor "Cisco" for product "Ios" and version "15.3\(1\)sy2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.4\(1\)sy Search vendor "Cisco" for product "Ios" and version "15.4\(1\)sy" | - |
Affected
| ||||||