Lucene search

CiscoCISCO-SA-20170927-VPLS

HistorySep 27, 2017 - 4:00 p.m.

Cisco IOS Software for Cisco Catalyst 6800 Series Switches VPLS Denial of Service Vulnerability

2017-09-2716:00:00

tools.cisco.com

EPSS

0.002

Percentile

56.6%

JSON

A vulnerability in the Virtual Private LAN Service (VPLS) code of Cisco IOS Software for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, adjacent attacker to cause a C6800-16P10G or C6800-16P10G-XL type line card to crash, resulting in a denial of service (DoS) condition.

The vulnerability is due to a memory management issue in the affected software. An attacker could exploit this vulnerability by creating a large number of VPLS-generated MAC entries in the MAC address table of an affected device. A successful exploit could allow the attacker to cause a C6800-16P10G or C6800-16P10G-XL type line card to crash, resulting in a DoS condition.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-vpls [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-vpls”]

This advisory is part of the September 27, 2017, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 12 Cisco Security Advisories that describe 13 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: September 2017 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication [“https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-63410”].

Affected configurations

Vulners

Node

ciscoiosMatch15.1sy

ciscoiosMatch15.2sy

ciscoiosMatch15.3sy

ciscoiosMatch15.4sy

ciscoiosMatch15.1\(1\)sy

ciscoiosMatch15.1\(1\)sy1

ciscoiosMatch15.1\(2\)sy

ciscoiosMatch15.1\(2\)sy1

ciscoiosMatch15.1\(2\)sy2

ciscoiosMatch15.1\(1\)sy2

ciscoiosMatch15.1\(1\)sy3

ciscoiosMatch15.1\(2\)sy3

ciscoiosMatch15.1\(1\)sy4

ciscoiosMatch15.1\(2\)sy4

ciscoiosMatch15.1\(1\)sy5

ciscoiosMatch15.1\(2\)sy5

ciscoiosMatch15.1\(2\)sy4a

ciscoiosMatch15.1\(1\)sy6

ciscoiosMatch15.1\(2\)sy6

ciscoiosMatch15.1\(2\)sy7

ciscoiosMatch15.1\(2\)sy8

ciscoiosMatch15.1\(2\)sy9

ciscoiosMatch15.1\(2\)sy10

ciscoiosMatch15.2\(1\)sy

ciscoiosMatch15.2\(1\)sy1

ciscoiosMatch15.2\(1\)sy0a

ciscoiosMatch15.2\(1\)sy2

ciscoiosMatch15.2\(2\)sy

ciscoiosMatch15.2\(1\)sy1a

ciscoiosMatch15.2\(2\)sy1

ciscoiosMatch15.2\(2\)sy2

ciscoiosMatch15.2\(1\)sy3

ciscoiosMatch15.2\(1\)sy4

ciscoiosMatch15.3\(1\)sy

ciscoiosMatch15.3\(0\)sy

ciscoiosMatch15.3\(1\)sy1

ciscoiosMatch15.3\(1\)sy2

ciscoiosMatch15.4\(1\)sy

VendorProductVersionCPE
ciscoios15.1sycpe:2.3:o:cisco:ios:15.1sy:*:*:*:*:*:*:*
ciscoios15.2sycpe:2.3:o:cisco:ios:15.2sy:*:*:*:*:*:*:*
ciscoios15.3sycpe:2.3:o:cisco:ios:15.3sy:*:*:*:*:*:*:*
ciscoios15.4sycpe:2.3:o:cisco:ios:15.4sy:*:*:*:*:*:*:*
ciscoios15.1(1)sycpe:2.3:o:cisco:ios:15.1\(1\)sy:*:*:*:*:*:*:*
ciscoios15.1(1)sy1cpe:2.3:o:cisco:ios:15.1\(1\)sy1:*:*:*:*:*:*:*
ciscoios15.1(2)sycpe:2.3:o:cisco:ios:15.1\(2\)sy:*:*:*:*:*:*:*
ciscoios15.1(2)sy1cpe:2.3:o:cisco:ios:15.1\(2\)sy1:*:*:*:*:*:*:*
ciscoios15.1(2)sy2cpe:2.3:o:cisco:ios:15.1\(2\)sy2:*:*:*:*:*:*:*
ciscoios15.1(1)sy2cpe:2.3:o:cisco:ios:15.1\(1\)sy2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	ios	15.1sy	cpe:2.3:o:cisco:ios:15.1sy:::::::*
cisco	ios	15.2sy	cpe:2.3:o:cisco:ios:15.2sy:::::::*
cisco	ios	15.3sy	cpe:2.3:o:cisco:ios:15.3sy:::::::*
cisco	ios	15.4sy	cpe:2.3:o:cisco:ios:15.4sy:::::::*
cisco	ios	15.1(1)sy	cpe:2.3:o:cisco:ios:15.1\(1\)sy:::::::*
cisco	ios	15.1(1)sy1	cpe:2.3:o:cisco:ios:15.1\(1\)sy1:::::::*
cisco	ios	15.1(2)sy	cpe:2.3:o:cisco:ios:15.1\(2\)sy:::::::*
cisco	ios	15.1(2)sy1	cpe:2.3:o:cisco:ios:15.1\(2\)sy1:::::::*
cisco	ios	15.1(2)sy2	cpe:2.3:o:cisco:ios:15.1\(2\)sy2:::::::*
cisco	ios	15.1(1)sy2	cpe:2.3:o:cisco:ios:15.1\(1\)sy2:::::::*