Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Network Infrastructure Policy Security Technical Implementation Guide
NET2001
Multi-Protocol Labeled Switching (MPLS) labels must not be exchanged between the enclaves edge routers and any external neighbor routers.
Multi-Protocol Labeled Switching (MPLS) labels must not be exchanged between the enclaves edge routers and any external neighbor routers.
An XCCDF Rule
Details
Profiles
Prose
Multi-Protocol Labeled Switching (MPLS) labels must not be exchanged between the enclaves edge routers and any external neighbor routers.
Medium Severity
<VulnDiscussion>MPLS label exchange via Label Distribution Protocol (LDP) or Resource Reservation Protocol (RSVP) with any external neighbor creates the risk of label spoofing that could disrupt optimum routing, or even drop packets that are encapsulated with a label that is not in the MPLS forwarding table.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>