Cisco Security Advisory - Cisco Small Business 220 Series Smart Switches Link Layer Discovery Protocol Vulnerabilities

Started by Netwörkheäd, March 25, 2022, 06:13:19 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

Netwörkheäd

March 25, 2022, 06:13:19 PM
Cisco Small Business 220 Series Smart Switches Link Layer Discovery Protocol Vulnerabilities

<p>Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco&nbsp;Small Business 220 Series Smart Switches. An unauthenticated, adjacent attacker could perform the following:</p>
<ul>
<li>Execute code on the affected device or cause it to reload unexpectedly</li>
<li>Cause LLDP database corruption on the affected device</li>
</ul>
<p>For more information about these vulnerabilities, see the <a href="#details">Details</a> section of this advisory.</p>
<p><strong>Note:</strong>&nbsp;LLDP is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).</p>
<p>Cisco&nbsp;has released firmware updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.</p>
<p>This advisory is available at the following link:<br><a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb220-lldp-multivuls-mVRUtQ8T">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb220-lldp-multivuls-mVRUtQ8T</a></p>
     
         
Security Impact Rating:  High
   
   
       
CVE: CVE-2021-34775,CVE-2021-34776,CVE-2021-34777,CVE-2021-34778,CVE-2021-34779,CVE-2021-34780
Source: Cisco Small Business 220 Series Smart Switches Link Layer Discovery Protocol Vulnerabilities
Let's not argue. Let's network!
Print
Go Up Pages1
User actions