Cisco NX-OS Software Link Layer Discovery Protocol Denial of Service Vulnerability
Summary
A vulnerability in the Link Layer Discovery Protocol (LLDP) feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause the LLDP process to restart, which could cause an affected device to reload unexpectedly. This vulnerability is due to improper handling of specific fields in an LLDP frame. An attacker could exploit this vulnerability by sending a crafted LLDP packet to an interface of an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition. Note: LLDP is a Layer 2 link…
- Scope: This vulnerability affects the following Cisco products if they are running a vulnerable software release and have the LLDP feature enabled globally and on at least one interface:
- Release 4.3 (first fixed: 4.3(6e) / 4.3(6.260003))
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
- 4.3(6e) / 4.3(6.260003)
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
Mitigation checklist
- Upgrade to the first fixed release for your train per the Fixed Releases table in this advisory.
- Release 4.3: upgrade to 4.3(6e) / 4.3(6.260003).
- There are no workarounds that address this vulnerability.
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.