SB2021022424 - Denial of service in Cisco Nexus 9000 Series Fabric Switches
Published: February 24, 2021
Security Bulletin ID
SB2021022424
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Adjecent network
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Improper access control (CVE-ID: CVE-2021-1231)
The vulnerability allows a remote attacker to gain unauthorized access to perform a denial of service (DoS) attack.
The vulnerability exists due to improper access restrictions in the Link Layer Discovery Protocol (LLDP) implementation for Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode. A remote attacker on the local network can send a crafted LLDP packet on an SFP interface of the affected device and disable switching on the SFP interface, which could disrupt network traffic.
Remediation
Install update from vendor's website.