CVE-2017-12238

A vulnerability in the Virtual Private LAN Service (VPLS) code of Cisco IOS 15.0 through 15.4 for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, adjacent attacker to cause a C6800-16P10G or C6800-16P10G-XL type line card to crash, resulting in a denial of service (DoS) condition. The vulnerability is due to a memory management issue in the affected software. An attacker could exploit this vulnerability by creating a large number of VPLS-generated MAC entries in the MAC address table of an affected device. A successful exploit could allow the attacker to cause a C6800-16P10G or C6800-16P10G-XL type line card to crash, resulting in a DoS condition. This vulnerability affects Cisco Catalyst 6800 Series Switches that are running a vulnerable release of Cisco IOS Software and have a Cisco C6800-16P10G or C6800-16P10G-XL line card in use with Supervisor Engine 6T. To be vulnerable, the device must also be configured with VPLS and the C6800-16P10G or C6800-16P10G-XL line card needs to be the core-facing MPLS interfaces. Cisco Bug IDs: CSCva61927.
References
Link Resource
http://www.securityfocus.com/bid/101040 Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039453 Broken Link Third Party Advisory VDB Entry
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-vpls Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*
OR cpe:2.3:h:cisco:c6800-16p10g:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:c6800-16p10g-xl:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6000:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6000_ws-svc-nam-1:2.2\(1a\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6000_ws-svc-nam-1:3.1\(1a\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6000_ws-svc-nam-2:2.2\(1a\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6000_ws-svc-nam-2:3.1\(1a\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6000_ws-x6380-nam:2.1\(2\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6000_ws-x6380-nam:3.1\(1a\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6500:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6500-e:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6500_ws-svc-nam-1:2.2\(1a\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6500_ws-svc-nam-1:3.1\(1a\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6500_ws-svc-nam-2:2.2\(1a\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6500_ws-svc-nam-2:3.1\(1a\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6500_ws-x6380-nam:2.1\(2\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6500_ws-x6380-nam:3.1\(1a\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6503-e:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6504-e:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6506-e:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6509-e:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6509-neb-a:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6509-v-e:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6513:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6513-e:-:*:*:*:*:*:*:*

History

18 Jul 2024, 13:24

Type Values Removed Values Added
CPE cpe:2.3:h:cisco:c6800-16p10g:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:c6800-16p10g-xl:-:*:*:*:*:*:*:*
First Time Cisco c6800-16p10g-xl
Cisco c6800-16p10g

16 Jul 2024, 17:26

Type Values Removed Values Added
References () http://www.securityfocus.com/bid/101040 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/101040 - Broken Link, Third Party Advisory, VDB Entry
References () http://www.securitytracker.com/id/1039453 - Third Party Advisory, VDB Entry () http://www.securitytracker.com/id/1039453 - Broken Link, Third Party Advisory, VDB Entry
First Time Cisco catalyst 6500
Cisco catalyst 6000 Ws-x6380-nam
Cisco catalyst 6513
Cisco catalyst 6500 Ws-x6380-nam
Cisco catalyst 6000 Ws-svc-nam-1
Cisco catalyst 6000 Ws-svc-nam-2
Cisco catalyst 6503-e
Cisco catalyst 6000
Cisco catalyst 6504-e
Cisco catalyst 6509-neb-a
Cisco catalyst 6500 Ws-svc-nam-2
Cisco catalyst 6506-e
Cisco catalyst 6509-e
Cisco catalyst 6500 Ws-svc-nam-1
Cisco catalyst 6513-e
Cisco catalyst 6509-v-e
Cisco catalyst 6500-e
CPE cpe:2.3:o:cisco:ios:15.2\(1\)sy:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.3\(1\)sy1:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.1\(2\)sy2:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.1\(1\)sy6:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.0\(1\)sy1:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.1\(1\)sy2:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.2\(1\)sy1:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.1\(2\)sy9:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.1\(2\)sy4a:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.1\(1\)sy3:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.1\(2\)sy10:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.1\(2\)sy8:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.1\(1\)sy4:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.3\(1\)sy:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.2\(1\)sy0a:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.2\(1\)sy4:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.2\(1\)sy2:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.2\(2\)sy1:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.1\(1\)sy:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.2\(2\)sy2:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.1\(1\)sy5:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.4\(1\)sy:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.2\(2\)sy:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.1\(2\)sy:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.2\(1\)sy1a:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.1\(1\)sy1:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.1\(2\)sy1:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.1\(2\)sy5:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.1\(2\)sy7:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.3\(1\)sy2:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.2\(1\)sy3:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.1\(2\)sy4:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.1\(2\)sy6:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.1\(2\)sy3:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6509-v-e:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6500_ws-x6380-nam:2.1\(2\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6500-e:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6509-e:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6500_ws-svc-nam-2:3.1\(1a\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6509-neb-a:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6000_ws-svc-nam-2:3.1\(1a\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6000_ws-x6380-nam:2.1\(2\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6500_ws-x6380-nam:3.1\(1a\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6513:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6500:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6500_ws-svc-nam-1:3.1\(1a\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6503-e:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6000_ws-x6380-nam:3.1\(1a\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6000_ws-svc-nam-1:2.2\(1a\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6000_ws-svc-nam-1:3.1\(1a\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6506-e:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6504-e:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6513-e:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6500_ws-svc-nam-1:2.2\(1a\):*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6000:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6500_ws-svc-nam-2:2.2\(1a\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_6000_ws-svc-nam-2:2.2\(1a\):*:*:*:*:*:*:*

Information

Published : 2017-09-29 01:34

Updated : 2024-07-18 13:24


NVD link : CVE-2017-12238

Mitre link : CVE-2017-12238

CVE.ORG link : CVE-2017-12238


JSON object : View

Products Affected

cisco

  • catalyst_6506-e
  • catalyst_6513-e
  • catalyst_6500_ws-x6380-nam
  • catalyst_6000_ws-x6380-nam
  • catalyst_6500-e
  • catalyst_6000_ws-svc-nam-1
  • ios
  • catalyst_6504-e
  • catalyst_6509-v-e
  • catalyst_6500_ws-svc-nam-2
  • catalyst_6513
  • c6800-16p10g
  • catalyst_6500_ws-svc-nam-1
  • catalyst_6500
  • catalyst_6000_ws-svc-nam-2
  • catalyst_6509-e
  • catalyst_6503-e
  • catalyst_6000
  • c6800-16p10g-xl
  • catalyst_6509-neb-a
CWE
NVD-CWE-noinfo CWE-399

Resource Management Errors