CVE-2017-12238: Cisco Catalyst 6800 Series Switches VPLS Denial-of-Service Vulnerability
First published: Thu Sep 28 2017(Updated: )
A vulnerability in the Virtual Private LAN Service (VPLS) code of Cisco IOS 15.0 through 15.4 for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, adjacent attacker to cause a C6800-16P10G or C6800-16P10G-XL type line card to crash, resulting in a denial of service (DoS) condition. The vulnerability is due to a memory management issue in the affected software. An attacker could exploit this vulnerability by creating a large number of VPLS-generated MAC entries in the MAC address table of an affected device. A successful exploit could allow the attacker to cause a C6800-16P10G or C6800-16P10G-XL type line card to crash, resulting in a DoS condition. This vulnerability affects Cisco Catalyst 6800 Series Switches that are running a vulnerable release of Cisco IOS Software and have a Cisco C6800-16P10G or C6800-16P10G-XL line card in use with Supervisor Engine 6T. To be vulnerable, the device must also be configured with VPLS and the C6800-16P10G or C6800-16P10G-XL line card needs to be the core-facing MPLS interfaces. Cisco Bug IDs: CSCva61927.
Credit: ykramarz@cisco.com psirt@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco IOS | =15.0\(1\)sy1 | |
| Cisco IOS | =15.1\(1\)sy | |
| Cisco IOS | =15.1\(1\)sy1 | |
| Cisco IOS | =15.1\(1\)sy2 | |
| Cisco IOS | =15.1\(1\)sy3 | |
| Cisco IOS | =15.1\(1\)sy4 | |
| Cisco IOS | =15.1\(1\)sy5 | |
| Cisco IOS | =15.1\(1\)sy6 | |
| Cisco IOS | =15.1\(2\)sy | |
| Cisco IOS | =15.1\(2\)sy1 | |
| Cisco IOS | =15.1\(2\)sy2 | |
| Cisco IOS | =15.1\(2\)sy3 | |
| Cisco IOS | =15.1\(2\)sy4 | |
| Cisco IOS | =15.1\(2\)sy4a | |
| Cisco IOS | =15.1\(2\)sy5 | |
| Cisco IOS | =15.1\(2\)sy6 | |
| Cisco IOS | =15.1\(2\)sy7 | |
| Cisco IOS | =15.1\(2\)sy8 | |
| Cisco IOS | =15.1\(2\)sy9 | |
| Cisco IOS | =15.1\(2\)sy10 | |
| Cisco IOS | =15.2\(1\)sy | |
| Cisco IOS | =15.2\(1\)sy0a | |
| Cisco IOS | =15.2\(1\)sy1 | |
| Cisco IOS | =15.2\(1\)sy1a | |
| Cisco IOS | =15.2\(1\)sy2 | |
| Cisco IOS | =15.2\(1\)sy3 | |
| Cisco IOS | =15.2\(1\)sy4 | |
| Cisco IOS | =15.2\(2\)sy | |
| Cisco IOS | =15.2\(2\)sy1 | |
| Cisco IOS | =15.2\(2\)sy2 | |
| Cisco IOS | =15.3\(1\)sy | |
| Cisco IOS | =15.3\(1\)sy1 | |
| Cisco IOS | =15.3\(1\)sy2 | |
| Cisco IOS | =15.4\(1\)sy | |
| Cisco Catalyst 6800 Series Switches | ||
| All of | ||
| Cisco IOS | >=15.0<=15.4 | |
| Any of | ||
| Cisco C6800-16P10G | ||
| Cisco Catalyst 6800 Series | ||
| Cisco Catalyst 6000 | ||
| Cisco Catalyst 6000 | =2.2\(1a\) | |
| Cisco Catalyst 6000 | =3.1\(1a\) | |
| Cisco Catalyst 6000 ws-svc-nam-2 | =2.2\(1a\) | |
| Cisco Catalyst 6000 ws-svc-nam-2 | =3.1\(1a\) | |
| Cisco Catalyst 6500 ws-x6380-nam | =2.1\(2\) | |
| Cisco Catalyst 6500 ws-x6380-nam | =3.1\(1a\) | |
| Cisco Catalyst 6500-E | ||
| Cisco Catalyst 6500-E | ||
| Cisco Catalyst 6500 Wireless Services Module | =2.2\(1a\) | |
| Cisco Catalyst 6500 Wireless Services Module | =3.1\(1a\) | |
| Cisco Catalyst 6000 ws-svc-nam-2 | =2.2\(1a\) | |
| Cisco Catalyst 6000 ws-svc-nam-2 | =3.1\(1a\) | |
| Cisco Catalyst 6500 Series Switches | =2.1\(2\) | |
| Cisco Catalyst 6500 Series Switches | =3.1\(1a\) | |
| cisco catalyst 6503-e firmware | ||
| Cisco Catalyst 6504-E Firmware | ||
| Cisco Catalyst 6506-E Firmware | ||
| Cisco Catalyst 6509-E Firmware | ||
| Cisco Catalyst 6509-NEB-A Firmware | ||
| Cisco Catalyst 6509-V-E | ||
| Cisco Catalyst 6513 | ||
| Cisco Catalyst 6513 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-12238?
CVE-2017-12238 is classified as a high severity vulnerability due to its potential to cause denial of service.
How do I fix CVE-2017-12238?
To fix CVE-2017-12238, upgrade affected Cisco IOS versions to a non-vulnerable release.
Which Cisco products are affected by CVE-2017-12238?
CVE-2017-12238 affects Cisco IOS versions 15.0 through 15.4 on the Catalyst 6800 Series Switches.
Can CVE-2017-12238 be exploited remotely?
CVE-2017-12238 cannot be exploited remotely as it requires adjacency to the target network.
What kind of attack can CVE-2017-12238 facilitate?
CVE-2017-12238 can facilitate a denial of service attack by causing the affected line card to crash.
- collector/nvd-index
- agent/type
- agent/description
- agent/title
- agent/weakness
- agent/severity
- exploited/true
- collector/cisa-known-exploited
- source/CISA
- agent/software-canonical-lookup
- agent/references
- collector/mitre-cve
- source/MITRE
- agent/first-publish-date
- agent/source
- agent/author
- agent/last-modified-date
- agent/tags
- agent/softwarecombine
- agent/event
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup-request
- collector/nvd-cve
- vendor/cisco
- canonical/cisco ios
- version/cisco ios/15.0\(1\)sy1
- version/cisco ios/15.1\(1\)sy
- version/cisco ios/15.1\(1\)sy1
- version/cisco ios/15.1\(1\)sy2
- version/cisco ios/15.1\(1\)sy3
- version/cisco ios/15.1\(1\)sy4
- version/cisco ios/15.1\(1\)sy5
- version/cisco ios/15.1\(1\)sy6
- version/cisco ios/15.1\(2\)sy
- version/cisco ios/15.1\(2\)sy1
- version/cisco ios/15.1\(2\)sy2
- version/cisco ios/15.1\(2\)sy3
- version/cisco ios/15.1\(2\)sy4
- version/cisco ios/15.1\(2\)sy4a
- version/cisco ios/15.1\(2\)sy5
- version/cisco ios/15.1\(2\)sy6
- version/cisco ios/15.1\(2\)sy7
- version/cisco ios/15.1\(2\)sy8
- version/cisco ios/15.1\(2\)sy9
- version/cisco ios/15.1\(2\)sy10
- version/cisco ios/15.2\(1\)sy
- version/cisco ios/15.2\(1\)sy0a
- version/cisco ios/15.2\(1\)sy1
- version/cisco ios/15.2\(1\)sy1a
- version/cisco ios/15.2\(1\)sy2
- version/cisco ios/15.2\(1\)sy3
- version/cisco ios/15.2\(1\)sy4
- version/cisco ios/15.2\(2\)sy
- version/cisco ios/15.2\(2\)sy1
- version/cisco ios/15.2\(2\)sy2
- version/cisco ios/15.3\(1\)sy
- version/cisco ios/15.3\(1\)sy1
- version/cisco ios/15.3\(1\)sy2
- version/cisco ios/15.4\(1\)sy
- canonical/cisco catalyst 6800 series switches
- version/cisco ios/15.0
- version/cisco ios/15.4
- canonical/cisco c6800-16p10g
- canonical/cisco catalyst 6800 series
- canonical/cisco catalyst 6000
- version/cisco catalyst 6000/2.2\(1a\)
- version/cisco catalyst 6000/3.1\(1a\)
- canonical/cisco catalyst 6000 ws-svc-nam-2
- version/cisco catalyst 6000 ws-svc-nam-2/2.2\(1a\)
- version/cisco catalyst 6000 ws-svc-nam-2/3.1\(1a\)
- canonical/cisco catalyst 6500 ws-x6380-nam
- version/cisco catalyst 6500 ws-x6380-nam/2.1\(2\)
- version/cisco catalyst 6500 ws-x6380-nam/3.1\(1a\)
- canonical/cisco catalyst 6500-e
- canonical/cisco catalyst 6500 wireless services module
- version/cisco catalyst 6500 wireless services module/2.2\(1a\)
- version/cisco catalyst 6500 wireless services module/3.1\(1a\)
- canonical/cisco catalyst 6500 series switches
- version/cisco catalyst 6500 series switches/2.1\(2\)
- version/cisco catalyst 6500 series switches/3.1\(1a\)
- canonical/cisco catalyst 6503-e firmware
- canonical/cisco catalyst 6504-e firmware
- canonical/cisco catalyst 6506-e firmware
- canonical/cisco catalyst 6509-e firmware
- canonical/cisco catalyst 6509-neb-a firmware
- canonical/cisco catalyst 6509-v-e
- canonical/cisco catalyst 6513