Vulnerability Notice VN-2021-458-L2VPM Gateway Backhaul Mode

Extreme Networks has reviewed and evaluated the potential exposure of proxy service to the internet on L2VPN Gateway deployed in backhaul mode.

When deploying L2 VPN, if the VPN Gateway, either VGVA or XR600P set as L2 VPN Gateway, is directly connected to the Internet, several ports can be vulnerable for use in reflection attacks, such as Distributed Denial of Service (DDoS).

All products that support L2 VPN Gateway in Backhaul mode are potentially affected. This current product set is the XR600P and the VGVA.

In L2 VPN environment, using either VG-VA or XR600P as an L2 VPN gateway, please ensure that it is deployed behind a firewall.

You can read the entire Vulnerability Notice here: https://extremeportal.force.com/ExtrArticleDetail?an=000095097

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Extreme Networks

Vulnerability Notice VN-2021-458-L2VPM Gateway Backhaul Mode

SA-2023-047 - Framing Frames: Bypassing Wi-Fi Encryption by Manipulating Transmit Queues (Leaking fr

SA-2023-107 - libcurl cookie injection with none file (CVE-2023-38546)

SA-2023-106 - SOCKS5 heap buffer overflow (CVE-2023-38545)