Lucene search

K
ciscoCiscoCISCO-SA-SB220-LLDP-MULTIVULS-MVRUTQ8T
HistoryOct 06, 2021 - 4:00 p.m.

Cisco Small Business 220 Series Smart Switches Link Layer Discovery Protocol Vulnerabilities

2021-10-0616:00:00
tools.cisco.com
55

0.001 Low

EPSS

Percentile

29.4%

Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business 220 Series Smart Switches. An unauthenticated, adjacent attacker could perform the following:

Execute code on the affected device or cause it to reload unexpectedly
Cause LLDP database corruption on the affected device

For more information about these vulnerabilities, see the Details [“#details”] section of this advisory.

Note: LLDP is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).

Cisco has released firmware updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb220-lldp-multivuls-mVRUtQ8T [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb220-lldp-multivuls-mVRUtQ8T”]

Affected configurations

Vulners
Node
cisco200_series_smart_switchesMatchany
OR
ciscosmall_business_220_series_smart_plus_switchesMatchany
OR
ciscosmall_business_220_series_smart_plus_switchesMatchany
OR
ciscosmall_business_srp521wMatch200 Series Smart Switches
OR
ciscosmall_business_srp521wMatch220 Series Smart Plus Switches
OR
ciscosmall_business_220_series_smart_plus_switchesMatchany

0.001 Low

EPSS

Percentile

29.4%

Related for CISCO-SA-SB220-LLDP-MULTIVULS-MVRUTQ8T