Available Languages

Updated:August 18, 2015

Document ID:1454798369138155

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Cisco Security Advisory

Cisco IOS Multicast Virtual Private Network (MVPN) Data Leak

High

Advisory ID:

cisco-sa-20080326-mvpn

First Published:

2008 March 26 16:00 GMT

Version 1.3:

Final

Workarounds:

See below

Cisco Bug IDs:

CSCsi01470

CVE-2008-1156

CVSS Score:

Base 7.5, Temporal 6.2

CVE-2008-1156

Download CVRF

Summary

A vulnerability in the Cisco implementation of Multicast Virtual Private Network (MVPN) is subject to exploitation that can allow a malicious user to create extra multicast states on the core routers or receive multicast traffic from other Multiprotocol Label Switching (MPLS) based Virtual Private Networks (VPN) by sending specially crafted messages.

Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.

This advisory is posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20080326-mvpn.

Note: The March 26, 2008 publication includes five Security Advisories. The Advisories all affect Cisco IOS. Each Advisory lists the releases that correct the vulnerability described in the Advisory, and the Advisories also detail the releases that correct the vulnerabilities in all five Advisories.

Individual publication links are listed below:
- Cisco IOS Virtual Private Dial-up Network Denial of Service Vulnerability
  https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20080326-pptp
- Multiple DLSw Denial of Service Vulnerabilities in Cisco IOS
  https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20080326-dlsw
- Cisco IOS User Datagram Protocol Delivery Issue For IPv4/IPv6 Dual-stack Routers
  https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20080326-IPv4IPv6
- Vulnerability in Cisco IOS with OSPF, MPLS VPN, and Supervisor 32, Supervisor 720, or Route Switch Processor 720
  https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20080326-queue
- Cisco IOS Multicast Virtual Private Network (MVPN) Data Leak
  https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20080326-mvpn

Affected Products

Vulnerable Products

Devices that run Cisco IOS and are configured for MVPN are affected.

An IOS device that is configured for MVPN has a line that is similar to this in the running configuration example:

mdt default <group-address>

In order to determine the software that runs on a Cisco IOS product, log in to the device and issue the show version command to display the system banner. Cisco IOS^® software identifies itself as "Internetwork Operating System Software" or simply "IOS." On the next line of output, the image name displays between parentheses, followed by "Version" and the Cisco IOS release name. Other Cisco devices do not have the show version command or give different output.

The following example shows output from a device that runs an IOS image:

Router>show version Cisco IOS Software, 7200 Software (C7200-IK9S-M), Version 12.3(14)T1, RELEASE SOFTWARE (fc1) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2005 by Cisco Systems, Inc. Compiled Thu 31-Mar-05 08:04 by yiyan

Additional information about Cisco IOS release naming is available at the following link: http://www.cisco.com/warp/public/620/1.html.

Products Confirmed Not Vulnerable

No other Cisco products, including IOS XR software, are currently known to be affected by this vulnerability.

Details

MVPN architecture introduces an additional set of protocols and procedures that help enable a service provider to support multicast traffic in an MPLS VPN. MVPN allows the transparent transport of IP multicast traffic across the MPLS VPN backbone of a provider and allows a service provider to offer multicast services to MPLS VPN customers.

A vulnerability exists in the implementation of MVPN that allows an attacker to send specially crafted Multicast Distribution Tree (MDT) Data Join messages that can cause the creation of extra multicast states on the core routers. MDT Data Join messages can be sent in unicast or multicast. The vulnerability can also allow leaking multicast traffic from different MPLS VPNs. It is possible to receive multicast traffic from VPNs that are not connected to the same Provider Edge (PE) router. In order to successfully exploit this vulnerability, an attacker needs to know or guess the Border Gateway Protocol (BGP) peering IP address of a remote PE router and the address of the multicast group that is used in other MPLS VPNs.

This vulnerability is documented in the Cisco Bug ID CSCsi01470 ( registered customers only) and has been assigned Common Vulnerabilities and Exposures (CVE) ID CVE-2008-1156.

Workarounds

The workaround for this vulnerability consists of filtering MDT Data Join packets on the PE device.

The workarounds need to be applied on all Virtual Routing and Forwarding (VRF) interfaces of all PE routers. Otherwise, attackers can target remote PE routers and can still exploit this vulnerability.

Even if only one PE router in the network runs an unfixed version of IOS code, it is vulnerable to packets that come from systems that are connected to remote PE routers. In such a case, workarounds need to be deployed on all PE routers to successfully mitigate this vulnerability.

The mdt data <group> <mask> or mdt data <group> <mask> threshold <n> list <acl> commands do not mitigate this vulnerability.

Filtering Packets to UDP Port 3232

MDT Data Join messages are sent to UDP port 3232. Creating an access-list that filters destination UDP port 3232 and applying it on the VRF interface of the PE router mitigates this vulnerability. Such an access-list looks like this:
```
access-list 100 deny udp any any eq 3232
access-list 100 permit ip any any

interface Serial 0/0
  ip vrf forwarding <vpn-1>
  ...
  ip access-group 100 in
```
Note that this access-list can also filter legitimate traffic that is destined to UDP port 3232. In such a case, the access-list can be modified to be more specific by providing individual BGP peer IP addresses. This is explained in the section that follows.

Filtering BGP Peer IP Addresses on the VRF Interface

In order to successfully exploit this vulnerability, an attacker needs to send MDT Data Join messages by spoofing the packets from the IP address of one of the existing iBGP peers. Because MDT Data Join messages are only used between PE routers, the packets from CE devices can safely be filtered.

Creating an access-list that filters iBGP peer IP addresses as source addresses and applying it on the VRF interface of the PE router mitigates this vulnerability. The access-list needs to filter all iBGP peer IP addresses. Such an access-list looks like this example:
```
access-list 100 deny udp host <ibgp-peer-1> any eq 3232 
access-list 100 deny udp host <ibgp-peer-2> any eq 3232
...
access-list 100 deny udp host <ibgp-peer-n> any eq 3232 
access-list 100 permit ip any any

interface Serial 0/0
  ip vrf forwarding <vpn-1>
  ...
  ip access-group 100 in
```
Additional mitigation techniques that can be deployed on Cisco devices within the network are available in the Cisco Applied Mitigation Bulletin companion document for this advisory:

https://sec.cloudapps.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20080326-mvpn

Fixed Software

When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution.

In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco Technical Assistance Center (TAC) or your contracted maintenance provider for assistance.

Each row of the Cisco IOS software table (below) names a Cisco IOS release train. If a given release train is vulnerable, then the earliest possible releases that contain the fix (along with the anticipated date of availability for each, if applicable) are listed in the "First Fixed Release" column of the table. The "Recommended Release" column indicates the releases which have fixes for all the published vulnerabilities at the time of this Advisory. A device running a release in the given train that is earlier than the release in a specific column (less than the First Fixed Release) is known to be vulnerable. Cisco recommends upgrading to a release equal to or later than the release in the "Recommended Releases" column of the table.

Major Release	Availability of Repaired Releases
Affected 12.0-Based Releases	First Fixed Release	Recommended Release
12.0	Not Vulnerable
12.0DA	Not Vulnerable
12.0DB	Not Vulnerable
12.0DC	Not Vulnerable
12.0S	12.0(32)S9 12.0(33)S
12.0SC	Not Vulnerable
12.0SL	Not Vulnerable
12.0SP	Not Vulnerable
12.0ST	Not Vulnerable
12.0SX	Vulnerable; Contact TAC
12.0SY	12.0(32)SY4
12.0SZ	12.0(30)SZ4
12.0T	Not Vulnerable
12.0W	Not Vulnerable
12.0WC	Not Vulnerable
12.0WT	Not Vulnerable
12.0XA	Not Vulnerable
12.0XB	Not Vulnerable
12.0XC	Not Vulnerable
12.0XD	Not Vulnerable
12.0XE	Not Vulnerable
12.0XF	Not Vulnerable
12.0XG	Not Vulnerable
12.0XH	Not Vulnerable
12.0XI	Not Vulnerable
12.0XJ	Not Vulnerable
12.0XK	Not Vulnerable
12.0XL	Not Vulnerable
12.0XM	Not Vulnerable
12.0XN	Not Vulnerable
12.0XQ	Not Vulnerable
12.0XR	Not Vulnerable
12.0XS	Not Vulnerable
12.0XV	Not Vulnerable
12.0XW	Not Vulnerable
Affected 12.1-Based Releases	First Fixed Release	Recommended Release
There are no affected 12.1 based releases
Affected 12.2-Based Releases	First Fixed Release	Recommended Release
12.2	Not Vulnerable
12.2B	Vulnerable; first fixed in 12.4	12.4(18a)
12.2BC	Vulnerable; first fixed in 12.3BC	12.3(23)BC1
12.2BW	Not Vulnerable
12.2BY	Not Vulnerable
12.2BZ	Vulnerable; first fixed in 12.3XI
12.2CX	Vulnerable; first fixed in 12.3BC	12.3(23)BC1
12.2CY	Not Vulnerable
12.2CZ	Vulnerable; contact TAC
12.2DA	Not Vulnerable
12.2DD	Not Vulnerable
12.2DX	Not Vulnerable
12.2EU	Vulnerable; first fixed in 12.2SG	12.2(25)EWA13 12.2(31)SGA5 12.2(44)SG
12.2EW	Vulnerable; first fixed in 12.2SG	12.2(25)EWA13 12.2(31)SGA5 12.2(44)SG
12.2EWA	12.2(25)EWA10 12.2(25)EWA11	12.2(25)EWA13
12.2EX	12.2(37)EX	12.2(40)EX1
12.2EY	12.2(37)EY
12.2EZ	Vulnerable; first fixed in 12.2SEE
12.2FX	Not Vulnerable
12.2FY	Not Vulnerable
12.2FZ	Vulnerable; first fixed in 12.2SE	12.2(44)SE1
12.2IXA	Vulnerable; first fixed in 12.2IXD
12.2IXB	Vulnerable; first fixed in 12.2IXD
12.2IXC	Vulnerable; first fixed in 12.2IXD
12.2IXD	12.2(18)IXD1
12.2IXE	Not Vulnerable
12.2JA	Not Vulnerable
12.2JK	Not Vulnerable
12.2MB	Not Vulnerable
12.2MC	12.2(15)MC2h	12.2(15)MC2k
12.2S	12.2(14)S18 12.2(18)S13 12.2(20)S14 12.2(25)S13	12.2(25)S15
12.2SB	12.2(28)SB7 12.2(31)SB5 12.2(33)SB; Available on 31-MAR-2008	12.2(31)SB11
12.2SBC	Vulnerable; first fixed in 12.2SB; Available on 31-MAR-2008	12.2(31)SB11
12.2SCA	Not Vulnerable
12.2SE	12.2(35)SE4 12.2(37)SE	12.2(44)SE1
12.2SEA	Vulnerable; first fixed in 12.2SEE
12.2SEB	Vulnerable; first fixed in 12.2SEE
12.2SEC	Vulnerable; first fixed in 12.2SEE
12.2SED	Vulnerable; first fixed in 12.2SEE
12.2SEE	12.2(25)SEE4
12.2SEF	Not Vulnerable
12.2SEG	12.2(25)SEG3	12.2(25)SEG4
12.2SG	12.2(25)SG2 12.2(31)SG2 12.2(37)SG1 12.2(40)SG	12.2(44)SG
12.2SGA	12.2(31)SGA2 12.2(31)SGA3 12.2(31)SGA6; Available on 07-APR-2008	12.2(31)SGA5
12.2SL	Not Vulnerable
12.2SM	12.2(29)SM2
12.2SO	Vulnerable; migrate to any release in 12.2SVA	12.2(29)SVD
12.2SRA	12.2(33)SRA4	12.2(33)SRA7
12.2SRB	12.2(33)SRB1	12.2(33)SRB3; Available on 14-APR-08
12.2SRC	Not Vulnerable
12.2SU	Vulnerable; first fixed in 12.4	12.4(18a)
12.2SV	12.2(29b)SV	12.2(29b)SV
12.2SVA	Not Vulnerable
12.2SVC	Not Vulnerable
12.2SVD	Not Vulnerable
12.2SW	12.2(25)SW11
12.2SX	Vulnerable; first fixed in 12.2SXF	12.2(18)SXF13
12.2SXA	Vulnerable; first fixed in 12.2SXF	12.2(18)SXF13
12.2SXB	Vulnerable; first fixed in 12.2SXF	12.2(18)SXF13
12.2SXD	Vulnerable; first fixed in 12.2SXF	12.2(18)SXF13
12.2SXE	Vulnerable; first fixed in 12.2SXF	12.2(18)SXF13
12.2SXF	12.2(18)SXF10 12.2(18)SXF10a 12.2(18)SXF12a	12.2(18)SXF13
12.2SXH	Not Vulnerable
12.2SY	Vulnerable; first fixed in 12.2SXF	12.2(18)SXF13
12.2SZ	Vulnerable; first fixed in 12.2S	12.2(25)S15 12.2(31)SB11 12.2(33)SRC
12.2T	Vulnerable; first fixed in 12.3	12.3(26)
12.2TPC	Not Vulnerable
12.2UZ	Vulnerable; first fixed in 12.2SB; Available on 31-MAR-2008	12.2(31)SB11
12.2XA	Not Vulnerable
12.2XB	Not Vulnerable
12.2XC	Not Vulnerable
12.2XD	Not Vulnerable
12.2XE	Not Vulnerable
12.2XF	Not Vulnerable
12.2XG	Not Vulnerable
12.2XH	Not Vulnerable
12.2XI	Not Vulnerable
12.2XJ	Not Vulnerable
12.2XK	Not Vulnerable
12.2XL	Not Vulnerable
12.2XM	Not Vulnerable
12.2XN	12.2(33)XN1	12.3(26)
12.2XO	Not Vulnerable
12.2XQ	Not Vulnerable
12.2XR	Not Vulnerable
12.2XS	Not Vulnerable
12.2XT	Not Vulnerable
12.2XU	Not Vulnerable
12.2XV	Not Vulnerable
12.2XW	Not Vulnerable
12.2YA	Not Vulnerable
12.2YB	Not Vulnerable
12.2YC	Not Vulnerable
12.2YD	Not Vulnerable
12.2YE	Not Vulnerable
12.2YF	Not Vulnerable
12.2YG	Not Vulnerable
12.2YH	Vulnerable; first fixed in 12.3	12.3(26)
12.2YJ	Vulnerable; first fixed in 12.3	12.3(26)
12.2YK	Not Vulnerable
12.2YL	Vulnerable; first fixed in 12.4	12.4(18a)
12.2YM	Vulnerable; first fixed in 12.4	12.4(18a)
12.2YN	Vulnerable; first fixed in 12.4	12.4(18a)
12.2YO	Not Vulnerable
12.2YP	Not Vulnerable
12.2YQ	Vulnerable; first fixed in 12.4	12.4(18a)
12.2YR	Vulnerable; first fixed in 12.4	12.4(18a)
12.2YS	Not Vulnerable
12.2YT	Vulnerable; first fixed in 12.3	12.3(26)
12.2YU	Vulnerable; first fixed in 12.4	12.4(18a)
12.2YV	Vulnerable; first fixed in 12.4	12.4(18a)
12.2YW	Not Vulnerable
12.2YX	Vulnerable; first fixed in 12.4	12.4(18a)
12.2YY	Not Vulnerable
12.2YZ	Vulnerable; first fixed in 12.2S	12.2(25)S15 12.2(31)SB11 12.2(33)SRC
12.2ZA	Vulnerable; first fixed in 12.2SXF	12.2(18)SXF13
12.2ZB	Not Vulnerable
12.2ZC	Vulnerable; first fixed in 12.4	12.4(18a)
12.2ZD	Vulnerable; contact TAC
12.2ZE	Vulnerable; first fixed in 12.3	12.3(26)
12.2ZF	Vulnerable; first fixed in 12.4	12.4(18a)
12.2ZG	Vulnerable; first fixed in 12.3YG	12.4(15)T4 12.4(18a)
12.2ZH	12.2(13)ZH9	12.2(13)ZH11
12.2ZJ	Vulnerable; first fixed in 12.4	12.4(18a)
12.2ZL	Vulnerable; first fixed in 12.4	12.4(15)T4 12.4(18a)
12.2ZP	Vulnerable; first fixed in 12.4	12.4(18a)
12.2ZU	Vulnerable; migrate to any release in 12.2SXH	12.2(33)SXH2
12.2ZY	12.2(18)ZY1	12.2(18)ZY2
Affected 12.3-Based Releases	First Fixed Release	Recommended Release
12.3	12.3(17c) 12.3(18a) 12.3(19a) 12.3(20a) 12.3(21b) 12.3(22a) 12.3(23)	12.3(26)
12.3B	Vulnerable; first fixed in 12.4	12.4(18a)
12.3BC	12.3(17b)BC8 12.3(21a)BC2 12.3(23)BC	12.3(23)BC1
12.3BW	Vulnerable; first fixed in 12.4	12.4(18a)
12.3EU	Not Vulnerable
12.3JA	Not Vulnerable
12.3JEA	Not Vulnerable
12.3JEB	Not Vulnerable
12.3JEC	Not Vulnerable
12.3JK	Releases prior to 12.3(8)JK1 are vulnerable, release 12.3(8)JK1 and later are not vulnerable;	12.3(8)JK1
12.3JL	Not Vulnerable
12.3JX	Not Vulnerable
12.3T	Vulnerable; first fixed in 12.4	12.4(18a)
12.3TPC	12.3(4)TPC11b
12.3VA	Vulnerable; contact TAC
12.3XA	12.3(2)XA6	12.3(2)XA7; Available on 31-MAR-08
12.3XB	Vulnerable; first fixed in 12.4	12.4(18a)
12.3XC	12.3(2)XC5	12.4(15)T4 12.4(18a)
12.3XD	Vulnerable; first fixed in 12.4	12.4(18a)
12.3XE	12.3(2)XE5	12.4(15)T4 12.4(18a)
12.3XF	Vulnerable; first fixed in 12.4	12.4(18a)
12.3XG	Vulnerable; first fixed in 12.3YG	12.4(15)T4 12.4(18a)
12.3XH	Vulnerable; first fixed in 12.4	12.4(18a)
12.3XI	12.3(7)XI10a
12.3XJ	Vulnerable; first fixed in 12.3YX	12.3(14)YX11 12.4(15)T4
12.3XK	Vulnerable; first fixed in 12.4	12.4(18a)
12.3XQ	Vulnerable; first fixed in 12.4	12.4(18a)
12.3XR	12.3(7)XR7	12.3(7)XR8; Available on 31-MAR-08
12.3XS	Vulnerable; first fixed in 12.4	12.4(18a)
12.3XU	Vulnerable; first fixed in 12.4T	12.4(15)T4
12.3XW	Vulnerable; first fixed in 12.3YX	12.3(14)YX11 12.4(15)T4
12.3XY	Vulnerable; first fixed in 12.4	12.4(18a)
12.3YA	Vulnerable; first fixed in 12.4	12.4(15)T4 12.4(18a)
12.3YD	Vulnerable; first fixed in 12.4T	12.4(15)T4
12.3YF	Vulnerable; first fixed in 12.3YX	12.3(14)YX11 12.4(15)T4
12.3YG	12.3(8)YG6	12.4(15)T4
12.3YH	Vulnerable; first fixed in 12.4T	12.4(15)T4
12.3YI	Vulnerable; first fixed in 12.4T	12.4(15)T4
12.3YJ	Vulnerable; first fixed in 12.4T	12.4(15)T4
12.3YK	12.3(11)YK3	12.4(15)T4
12.3YM	12.3(14)YM10	12.3(14)YM12
12.3YQ	Vulnerable; first fixed in 12.4T	12.4(15)T4
12.3YS	12.3(11)YS2	12.4(15)T4
12.3YT	Vulnerable; first fixed in 12.4T	12.4(15)T4
12.3YU	Vulnerable; first fixed in 12.4XB
12.3YX	12.3(14)YX9	12.3(14)YX11
12.3YZ	12.3(11)YZ2
Affected 12.4-Based Releases	First Fixed Release	Recommended Release
12.4	12.4(10c) 12.4(12b) 12.4(13c) 12.4(16) 12.4(3h) 12.4(5c) 12.4(7f) 12.4(8d)	12.4(18a)
12.4JA	Not Vulnerable
12.4JK	Not Vulnerable
12.4JMA	Not Vulnerable
12.4JMB	Not Vulnerable
12.4JMC	Not Vulnerable
12.4JX	Not Vulnerable
12.4MD	12.4(11)MD1	12.4(15)MD; Available on 09-MAY-08
12.4MR	12.4(12)MR2	12.4(16)MR2
12.4SW	12.4(11)SW3	12.4(15)SW
12.4T	12.4(11)T3 12.4(15)T 12.4(2)T6 12.4(4)T8 12.4(6)T8 12.4(9)T4	12.4(15)T4
12.4XA	Vulnerable; first fixed in 12.4T	12.4(15)T4
12.4XB	12.4(2)XB6
12.4XC	12.4(4)XC7
12.4XD	12.4(4)XD8	12.4(4)XD10
12.4XE	12.4(6)XE2	12.4(15)T4
12.4XF	Vulnerable; first fixed in 12.4T	12.4(15)T4
12.4XG	12.4(9)XG2	12.4(9)XG2
12.4XJ	12.4(11)XJ4	12.4(15)T4
12.4XK	Vulnerable; first fixed in 12.4T	12.4(15)T4
12.4XL	Not Vulnerable
12.4XM	Not Vulnerable
12.4XN	Not Vulnerable
12.4XT	12.4(6)XT1	12.4(6)XT2
12.4XV	Not Vulnerable
12.4XW	Not Vulnerable
12.4XY	Not Vulnerable

Exploitation and Public Announcements

The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability described in this advisory.

This vulnerability was reported to Cisco by Thomas Morin.

Cisco Security Vulnerability Policy

To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.

Subscribe to Cisco Security Notifications

Action Links for This Advisory

Identifying and Mitigating Exploitation of the Cisco IOS Multicast Virtual Private Network Data Leak

Related to This Advisory

Cisco IOS Multicast Virtual Private Networking Information Disclosure Vulnerability

URL

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20080326-mvpn

Revision History

Revision 1.3	2008-June-27	Updated Summary to remove link and verbiage.
Revision 1.2	2008-April-22	Updated URL of CVSSCSCsi01470.
Revision 1.1	2008-March-29	Updated Software Table for 12.0S, 12.0SY, 12.0SX and 12.0SZ due to new information on advisory ID cisco-sa-20080326-IPv4IPv6, the March 26th advisory on IPv4IPv6 Dual Stack Routers.
Revision 1.0	2008-March-26	Initial public release.

Show Less

Legal Disclaimer

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.

A stand-alone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy, and may lack important information or contain factual errors. The information in this document is intended for end-users of Cisco products.

Feedback

Leave additional feedback

Cisco Security Vulnerability Policy

To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.

Subscribe to Cisco Security Notifications

Action Links for This Advisory

Identifying and Mitigating Exploitation of the Cisco IOS Multicast Virtual Private Network Data Leak

Related to This Advisory

Cisco IOS Multicast Virtual Private Networking Information Disclosure Vulnerability

Cisco IOS Multicast Virtual Private Network (MVPN) Data Leak

Available Languages

Bias-Free Language

Cisco Security Advisory

Cisco IOS Multicast Virtual Private Network (MVPN) Data Leak

Summary

Affected Products

Vulnerable Products

Products Confirmed Not Vulnerable

Details

Workarounds

Filtering Packets to UDP Port 3232

Filtering BGP Peer IP Addresses on the VRF Interface

Fixed Software

Exploitation and Public Announcements

Cisco Security Vulnerability Policy

Subscribe to Cisco Security Notifications

Action Links for This Advisory

Related to This Advisory

URL

Revision History

Legal Disclaimer

Feedback

Cisco Security Vulnerability Policy

Subscribe to Cisco Security Notifications

Action Links for This Advisory

Related to This Advisory