ID |
CVE-2021-1231
|
Sažetak |
A vulnerability in the Link Layer Discovery Protocol (LLDP) for Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, adjacent attacker to disable switching on a small form-factor pluggable (SFP) interface. This vulnerability is due to incomplete validation of the source of a received LLDP packet. An attacker could exploit this vulnerability by sending a crafted LLDP packet on an SFP interface to an affected device. A successful exploit could allow the attacker to disable switching on the SFP interface, which could disrupt network traffic. |
Reference |
|
CVSS |
Base: | 2.9 |
Impact: | 2.9 |
Exploitability: | 5.5 |
|
Pristup |
Vektor | Složenost | Autentikacija |
ADJACENT_NETWORK |
MEDIUM |
NONE |
|
Impact |
Povjerljivost | Cjelovitost | Dostupnost |
NONE |
NONE |
PARTIAL |
|
CVSS vektor |
AV:A/AC:M/Au:N/C:N/I:N/A:P |
Zadnje važnije ažuriranje |
07-11-2023 - 03:27 |
Objavljeno |
24-02-2021 - 20:15 |