#VU50935 Improper access control in Nexus 9000 Series Fabric Switches
Vulnerability identifier: #VU50935
Vulnerability risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-284
Exploitation vector: Local network
Exploit availability: No
Vulnerable software:
Nexus 9000 Series Fabric Switches
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Vendor: Cisco Systems, Inc
Description
The vulnerability allows a remote attacker to gain unauthorized access to perform a denial of service (DoS) attack.
The vulnerability exists due to improper access restrictions in the Link Layer Discovery Protocol (LLDP) implementation for Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode. A remote attacker on the local network can send a crafted LLDP packet on an SFP interface of the affected device and disable switching on the SFP interface, which could disrupt network traffic.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Nexus 9000 Series Fabric Switches: 14.2.4i
External links
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apic-lldap-dos-WerV9CFj
http://bst.cloudapps.cisco.com/bugsearch/bug/CSCvu84570
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
