LIVE NEWSROOM · --:-- · May 25, 2026
A LIBRARY FOR SECURITY RESEARCHERS

CVE DATABASE  /  CVE-2017-12238

CVE-2017-12238

Cisco Catalyst 6800 Series Switches VPLS Denial-of-Service Vulnerability

CVSS 6.5 · MEDIUM ⚠ CISA KEV — ACTIVELY EXPLOITED
On the CISA KEV catalog

Confirmed exploited in the wild. Added 2022-03-03. Federal remediation due 2022-03-24.
Required action: Apply updates per vendor instructions.

Summary

A vulnerability in the Virtual Private LAN Service (VPLS) code of Cisco IOS 15.0 through 15.4 for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, adjacent attacker to cause a C6800-16P10G or C6800-16P10G-XL type line card to crash, resulting in a denial of service (DoS) condition. The vulnerability is due to a memory management issue in the affected software. An attacker could exploit this vulnerability by creating a large number of VPLS-generated MAC entries in the MAC address table of an affected device. A successful exploit could allow the attacker to cause a C6800-16P10G or C6800-16P10G-XL type line card to crash, resulting in a DoS condition. This vulnerability affects Cisco Catalyst 6800 Series Switches that are running a vulnerable release of Cisco IOS Software and have a Cisco C6800-16P10G or C6800-16P10G-XL line card in use with Supervisor Engine 6T. To be vulnerable, the device must also be configured with VPLS and the C6800-16P10G or C6800-16P10G-XL line card needs to be the core-facing MPLS interfaces. Cisco Bug IDs: CSCva61927.

CVSS 3.1 breakdown

Base score6.5 (MEDIUM)
VectorCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack vectorADJACENT_NETWORK
Attack complexityLOW
Privileges requiredNONE
User interactionNONE
ScopeUNCHANGED
ConfidentialityNONE
IntegrityNONE
AvailabilityHIGH

Weakness type (CWE)

Affected products

Cisco iosCisco c6800-16p10gCisco c6800-16p10g-xlCisco catalyst 6000Cisco catalyst 6000 ws-svc-nam-1Cisco catalyst 6000 ws-svc-nam-2Cisco catalyst 6000 ws-x6380-namCisco catalyst 6500Cisco catalyst 6500-eCisco catalyst 6500 ws-svc-nam-1Cisco catalyst 6500 ws-svc-nam-2Cisco catalyst 6500 ws-x6380-namCisco catalyst 6503-eCisco catalyst 6504-eCisco catalyst 6506-eCisco catalyst 6509-eCisco catalyst 6509-neb-aCisco catalyst 6509-v-eCisco catalyst 6513Cisco catalyst 6513-e
Check this CVE live

Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.

References

Data: NIST NVD + CISA KEV. NVD last modified 2026-04-21. Always verify against the vendor advisory before acting.

Scroll to Top