A vulnerability in the Cisco implementation of Multicast Virtual Private Network (MVPN) is subject to exploitation that can allow a malicious user to create extra multicast states on the core routers or receive multicast traffic from other Multiprotocol Label Switching (MPLS) based Virtual Private Networks (VPN) by sending specially crafted messages. The risk is LOW. Successful exploitation of the vulnerability can result in the creation of extra multicast states on the core routers or the leaking of multicast traffic from one MPLS VPN to another.
More...