Cisco IOS Software VPLS denial of service (cisco-sa-20170927-vpls)
High Nessus Plugin ID 103672
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionAccording to its self-reported version and configuration, the Cisco IOS software running on the remote device is affected by a denial of service vulnerability in the Virtual Private LAN Service (VPLS) feature. An unauthenticated, remote attacker can exploit this, via specially crafted requests, to cause the switch to stop processing traffic, requiring a device restart to regain functionality.
SolutionUpgrade to the relevant fixed version referenced in Cisco bug ID CSCva61927.