CVE-2021-1231 MEDIUM

CVE-2021-1231: Cisco Nexus 9000 Series Fabric Switches ACI Mode Link Layer Discovery Protocol Port Denial of Service Vulnerability

Vendor Cisco
Product Cisco NX-OS System Software in ACI Mode
Weakness CWE-284
Published February 24, 2021
Last update November 8, 2024

CVSS base score

4.7/10
Attack vector Adjacent
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

What the vulnerability does

01Description

A vulnerability in the Link Layer Discovery Protocol (LLDP) for Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, adjacent attacker to disable switching on a small form-factor pluggable (SFP) interface. This vulnerability is due to incomplete validation of the source of a received LLDP packet. An attacker could exploit this vulnerability by sending a crafted LLDP packet on an SFP interface to an affected device. A successful exploit could allow the attacker to disable switching on the SFP interface, which could disrupt network traffic.

Key dates

02Disclosure timeline

February 24, 2021 CVE published
November 8, 2024 Record updated