CVE-2021-34780

Published at:
2021-10-06T20:15:17.950
Source: [email protected]

Global infos:

Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business 220 Series Smart Switches. An unauthenticated, adjacent attacker could perform the following: Execute code on the affected device or cause it to reload unexpectedly Cause LLDP database corruption on the affected device For more information about these vulnerabilities, see the Details section of this advisory. Note: LLDP is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). Cisco has released firmware updates that address these vulnerabilities.

CVE Status: Modified

References:

  • [email protected]
  • af854a3a-2127-422b-91ae-364da2661108
    •

    Metrics:

    AttributeValue
    Attack ComplexityLOW
    Attack VectorADJACENT_NETWORK
    Availability ImpactNONE
    Base Score4.3
    Base SeverityMEDIUM
    Confidentiality ImpactNONE
    Integrity ImpactLOW
    Privileges RequiredNONE
    ScopeUNCHANGED
    User InteractionNONE
    Vector StringCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
    Exploitability Score2.8
    Impact Score1.4
    Source[email protected]
    TypeSecondary

    Links:

    Exploit-db
    Github

    Most recherched CVEs
    Popular Keywords