A vulnerability in the 802.1X feature of Cisco Catalyst 2960-L Series Switches and Cisco Catalyst CDB-8P Switches could allow an unauthenticated, adjacent attacker to forward broadcast traffic before being authenticated on the port. The vulnerability exists because broadcast traffic that is received on the 802.1X-enabled port is mishandled. An attacker could exploit this vulnerability by sending broadcast traffic on the port before being authenticated. A successful exploit could allow the attacker to send and receive broadcast traffic on the 802.1X-enabled port before authentication.
2020-06-03T18:15:21.090
2024-11-21T05:30:37.060
Modified
CVSSv3.1: 4.7 (MEDIUM)
AV:A/AC:M/Au:N/C:P/I:N/A:N
5.5
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | cisco | ios | 15.2\(5\)e2 | Yes |
| Operating System | cisco | ios | 15.2\(5\)ex | Yes |
| Operating System | cisco | ios | 15.2\(5a\)e | Yes |
| Operating System | cisco | ios | 15.2\(5b\)e | Yes |
| Operating System | cisco | ios | 15.2\(5c\)e | Yes |
| Operating System | cisco | ios | 15.2\(6\)e | Yes |
| Operating System | cisco | ios | 15.2\(6\)e0c | Yes |
| Operating System | cisco | ios | 15.2\(6\)e1 | Yes |
| Operating System | cisco | ios | 15.2\(6\)e1a | Yes |
| Operating System | cisco | ios | 15.2\(6\)e1s | Yes |
| Operating System | cisco | ios | 15.2\(6\)e2 | Yes |
| Operating System | cisco | ios | 15.2\(6\)e2b | Yes |
| Operating System | cisco | ios | 15.2\(6\)e3 | Yes |
| Operating System | cisco | ios | 15.2\(6\)e4 | Yes |
| Operating System | cisco | ios | 15.2\(7\)e | Yes |
| Operating System | cisco | ios | 15.2\(7\)e0a | Yes |
| Operating System | cisco | ios | 15.2\(7\)e0b | Yes |
| Operating System | cisco | ios | 15.2\(7\)e0s | Yes |
| Operating System | cisco | ios | 15.2\(7a\)e0b | Yes |
| Operating System | cisco | ios | 15.2\(7b\)e0b | Yes |
| Operating System | cisco | ios | 15.3\(3\)jaa1 | Yes |
| Operating System | cisco | ios | 15.3\(3\)jpj | Yes |