Lucene search

CiscoCVE-2017-12238

HistorySep 29, 2017 - 1:34 a.m.

CVE-2017-12238

2017-09-2901:34:48

CWE-399

cisco

web.nvd.nist.gov

830

In Wild

cisco

vulnerability

vpls

denial of service

dos

memory management

cve-2017-12238

nvd

cisco catalyst 6800 series switches

cisco ios software

cisco bug ids

CVSS2

3.3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:N/I:N/A:P

CVSS3

6.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.002

Percentile

56.6%

JSON

A vulnerability in the Virtual Private LAN Service (VPLS) code of Cisco IOS 15.0 through 15.4 for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, adjacent attacker to cause a C6800-16P10G or C6800-16P10G-XL type line card to crash, resulting in a denial of service (DoS) condition. The vulnerability is due to a memory management issue in the affected software. An attacker could exploit this vulnerability by creating a large number of VPLS-generated MAC entries in the MAC address table of an affected device. A successful exploit could allow the attacker to cause a C6800-16P10G or C6800-16P10G-XL type line card to crash, resulting in a DoS condition. This vulnerability affects Cisco Catalyst 6800 Series Switches that are running a vulnerable release of Cisco IOS Software and have a Cisco C6800-16P10G or C6800-16P10G-XL line card in use with Supervisor Engine 6T. To be vulnerable, the device must also be configured with VPLS and the C6800-16P10G or C6800-16P10G-XL line card needs to be the core-facing MPLS interfaces. Cisco Bug IDs: CSCva61927.

Affected configurations

Nvd

Node

ciscoiosRange15.0–15.4

AND

ciscoc6800-16p10gMatch-

ciscoc6800-16p10g-xlMatch-

ciscocatalyst_6000Match-

ciscocatalyst_6000_ws-svc-nam-1Match2.2\(1a\)

ciscocatalyst_6000_ws-svc-nam-1Match3.1\(1a\)

ciscocatalyst_6000_ws-svc-nam-2Match2.2\(1a\)

ciscocatalyst_6000_ws-svc-nam-2Match3.1\(1a\)

ciscocatalyst_6000_ws-x6380-namMatch2.1\(2\)

ciscocatalyst_6000_ws-x6380-namMatch3.1\(1a\)

ciscocatalyst_6500Match-

ciscocatalyst_6500-eMatch-

ciscocatalyst_6500_ws-svc-nam-1Match2.2\(1a\)

ciscocatalyst_6500_ws-svc-nam-1Match3.1\(1a\)

ciscocatalyst_6500_ws-svc-nam-2Match2.2\(1a\)

ciscocatalyst_6500_ws-svc-nam-2Match3.1\(1a\)

ciscocatalyst_6500_ws-x6380-namMatch2.1\(2\)

ciscocatalyst_6500_ws-x6380-namMatch3.1\(1a\)

ciscocatalyst_6503-eMatch-

ciscocatalyst_6504-eMatch-

ciscocatalyst_6506-eMatch-

ciscocatalyst_6509-eMatch-

ciscocatalyst_6509-neb-aMatch-

ciscocatalyst_6509-v-eMatch-

ciscocatalyst_6513Match-

ciscocatalyst_6513-eMatch-

VendorProductVersionCPE
ciscoios*cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*
ciscoc6800-16p10g-cpe:2.3:h:cisco:c6800-16p10g:-:*:*:*:*:*:*:*
ciscoc6800-16p10g-xl-cpe:2.3:h:cisco:c6800-16p10g-xl:-:*:*:*:*:*:*:*
ciscocatalyst_6000-cpe:2.3:h:cisco:catalyst_6000:-:*:*:*:*:*:*:*
ciscocatalyst_6000_ws-svc-nam-12.2(1a)cpe:2.3:h:cisco:catalyst_6000_ws-svc-nam-1:2.2\(1a\):*:*:*:*:*:*:*
ciscocatalyst_6000_ws-svc-nam-13.1(1a)cpe:2.3:h:cisco:catalyst_6000_ws-svc-nam-1:3.1\(1a\):*:*:*:*:*:*:*
ciscocatalyst_6000_ws-svc-nam-22.2(1a)cpe:2.3:h:cisco:catalyst_6000_ws-svc-nam-2:2.2\(1a\):*:*:*:*:*:*:*
ciscocatalyst_6000_ws-svc-nam-23.1(1a)cpe:2.3:h:cisco:catalyst_6000_ws-svc-nam-2:3.1\(1a\):*:*:*:*:*:*:*
ciscocatalyst_6000_ws-x6380-nam2.1(2)cpe:2.3:h:cisco:catalyst_6000_ws-x6380-nam:2.1\(2\):*:*:*:*:*:*:*
ciscocatalyst_6000_ws-x6380-nam3.1(1a)cpe:2.3:h:cisco:catalyst_6000_ws-x6380-nam:3.1\(1a\):*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	ios	*	cpe:2.3:o:cisco:ios::::::::
cisco	c6800-16p10g	-	cpe:2.3:h:cisco:c6800-16p10g:-:::::::*
cisco	c6800-16p10g-xl	-	cpe:2.3:h:cisco:c6800-16p10g-xl:-:::::::*
cisco	catalyst_6000	-	cpe:2.3:h:cisco:catalyst_6000:-:::::::*
cisco	catalyst_6000_ws-svc-nam-1	2.2(1a)	cpe:2.3:h:cisco:catalyst_6000_ws-svc-nam-1:2.2\(1a\):::::::*
cisco	catalyst_6000_ws-svc-nam-1	3.1(1a)	cpe:2.3:h:cisco:catalyst_6000_ws-svc-nam-1:3.1\(1a\):::::::*
cisco	catalyst_6000_ws-svc-nam-2	2.2(1a)	cpe:2.3:h:cisco:catalyst_6000_ws-svc-nam-2:2.2\(1a\):::::::*
cisco	catalyst_6000_ws-svc-nam-2	3.1(1a)	cpe:2.3:h:cisco:catalyst_6000_ws-svc-nam-2:3.1\(1a\):::::::*
cisco	catalyst_6000_ws-x6380-nam	2.1(2)	cpe:2.3:h:cisco:catalyst_6000_ws-x6380-nam:2.1\(2\):::::::*
cisco	catalyst_6000_ws-x6380-nam	3.1(1a)	cpe:2.3:h:cisco:catalyst_6000_ws-x6380-nam:3.1\(1a\):::::::*

Rows per page:

1-10 of 261

CNA Affected

[
  {
    "product": "Cisco IOS",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Cisco IOS"
      }
    ]
  }
]

References

www.securityfocus.com/bid/101040

www.securitytracker.com/id/1039453

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-vpls

CVSS2

3.3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:N/I:N/A:P

CVSS3

6.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.002

Percentile

56.6%

JSON

Related for CVE-2017-12238