Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-34703

A vulnerability in the Link Layer Discovery Protocol (LLDP) message parser of Cisco IOS Software and Cisco IOS XE Software could allow an attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to improper initialization of a buffer. An attacker could exploit this vulnerability via any of the following methods: An authenticated, remote attacker could access the LLDP neighbor table via either the CLI or SNMP while the device is in a specific state. An unauthenticated, adjacent attacker could corrupt the LLDP neighbor table by injecting specific LLDP frames into the network and then waiting for an administrator of the device or a network management system (NMS) managing the device to retrieve the LLDP neighbor table of the device via either the CLI or SNMP. An authenticated, adjacent attacker with SNMP read-only credentials or low privileges on the device CLI could corrupt the LLDP neighbor table by injecting specific LLDP frames into the network and then accessing the LLDP neighbor table via either the CLI or SNMP. A successful exploit could allow the attacker to cause the affected device to crash, resulting in a reload of the device.

Published

2021-09-23T03:15:16.970

Last Modified

2024-11-21T06:10:59.470

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.8 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:S/C:N/I:N/A:C

Access Vector: NETWORK
Access Complexity: LOW
Authentication: SINGLE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: COMPLETE

Exploitability Score

8.0

Impact Score

6.9

Weaknesses

Type: Secondary
CWE-456
Type: Primary
CWE-665

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	cisco	ios	≤ 16.12.3	Yes
Operating System	cisco	ios_xe	≤ 16.12.3	Yes
Hardware	cisco	1000_integrated_services_router	-	No
Hardware	cisco	1100-4g\/6g_integrated_services_router	-	No
Hardware	cisco	1100-4p_integrated_services_router	-	No
Hardware	cisco	1100-8p_integrated_services_router	-	No
Hardware	cisco	1100_integrated_services_router	-	No
Hardware	cisco	1101-4p_integrated_services_router	-	No
Hardware	cisco	1101_integrated_services_router	-	No
Hardware	cisco	1109-2p_integrated_services_router	-	No
Hardware	cisco	1109-4p_integrated_services_router	-	No
Hardware	cisco	1109_integrated_services_router	-	No
Hardware	cisco	1111x-8p_integrated_services_router	-	No
Hardware	cisco	1111x_integrated_services_router	-	No
Hardware	cisco	111x_integrated_services_router	-	No
Hardware	cisco	1120_integrated_services_router	-	No
Hardware	cisco	1160_integrated_services_router	-	No
Hardware	cisco	4000_integrated_services_router	-	No
Hardware	cisco	4221_integrated_services_router	-	No
Hardware	cisco	4321_integrated_services_router	-	No
Hardware	cisco	4331_integrated_services_router	-	No
Hardware	cisco	4351_integrated_services_router	-	No
Hardware	cisco	4431_integrated_services_router	-	No
Hardware	cisco	4451-x_integrated_services_router	-	No
Hardware	cisco	4451_integrated_services_router	-	No
Hardware	cisco	4461_integrated_services_router	-	No
Hardware	cisco	catalyst_3650-12x48fd-e	-	No
Hardware	cisco	catalyst_3650-12x48fd-l	-	No
Hardware	cisco	catalyst_3650-12x48fd-s	-	No
Hardware	cisco	catalyst_3650-12x48uq	-	No
Hardware	cisco	catalyst_3650-12x48uq-e	-	No
Hardware	cisco	catalyst_3650-12x48uq-l	-	No
Hardware	cisco	catalyst_3650-12x48uq-s	-	No
Hardware	cisco	catalyst_3650-12x48ur	-	No
Hardware	cisco	catalyst_3650-12x48ur-e	-	No
Hardware	cisco	catalyst_3650-12x48ur-l	-	No
Hardware	cisco	catalyst_3650-12x48ur-s	-	No
Hardware	cisco	catalyst_3650-12x48uz	-	No
Hardware	cisco	catalyst_3650-12x48uz-e	-	No
Hardware	cisco	catalyst_3650-12x48uz-l	-	No
Hardware	cisco	catalyst_3650-12x48uz-s	-	No
Hardware	cisco	catalyst_3650-24pd	-	No
Hardware	cisco	catalyst_3650-24pd-e	-	No
Hardware	cisco	catalyst_3650-24pd-l	-	No
Hardware	cisco	catalyst_3650-24pd-s	-	No
Hardware	cisco	catalyst_3650-24pdm	-	No
Hardware	cisco	catalyst_3650-24pdm-e	-	No
Hardware	cisco	catalyst_3650-24pdm-l	-	No
Hardware	cisco	catalyst_3650-24pdm-s	-	No
Hardware	cisco	catalyst_3650-24ps-e	-	No
Hardware	cisco	catalyst_3650-24ps-l	-	No
Hardware	cisco	catalyst_3650-24ps-s	-	No
Hardware	cisco	catalyst_3650-24td-e	-	No
Hardware	cisco	catalyst_3650-24td-l	-	No
Hardware	cisco	catalyst_3650-24td-s	-	No
Hardware	cisco	catalyst_3650-24ts-e	-	No
Hardware	cisco	catalyst_3650-24ts-l	-	No
Hardware	cisco	catalyst_3650-24ts-s	-	No
Hardware	cisco	catalyst_3650-48fd-e	-	No
Hardware	cisco	catalyst_3650-48fd-l	-	No
Hardware	cisco	catalyst_3650-48fd-s	-	No
Hardware	cisco	catalyst_3650-48fq	-	No
Hardware	cisco	catalyst_3650-48fq-e	-	No
Hardware	cisco	catalyst_3650-48fq-l	-	No
Hardware	cisco	catalyst_3650-48fq-s	-	No
Hardware	cisco	catalyst_3650-48fqm	-	No
Hardware	cisco	catalyst_3650-48fqm-e	-	No
Hardware	cisco	catalyst_3650-48fqm-l	-	No
Hardware	cisco	catalyst_3650-48fqm-s	-	No
Hardware	cisco	catalyst_3650-48fs-e	-	No
Hardware	cisco	catalyst_3650-48fs-l	-	No
Hardware	cisco	catalyst_3650-48fs-s	-	No
Hardware	cisco	catalyst_3650-48pd-e	-	No
Hardware	cisco	catalyst_3650-48pd-l	-	No
Hardware	cisco	catalyst_3650-48pd-s	-	No
Hardware	cisco	catalyst_3650-48pq-e	-	No
Hardware	cisco	catalyst_3650-48pq-l	-	No
Hardware	cisco	catalyst_3650-48pq-s	-	No
Hardware	cisco	catalyst_3650-48ps-e	-	No
Hardware	cisco	catalyst_3650-48ps-l	-	No
Hardware	cisco	catalyst_3650-48ps-s	-	No
Hardware	cisco	catalyst_3650-48td-e	-	No
Hardware	cisco	catalyst_3650-48td-l	-	No
Hardware	cisco	catalyst_3650-48td-s	-	No
Hardware	cisco	catalyst_3650-48tq-e	-	No
Hardware	cisco	catalyst_3650-48tq-l	-	No
Hardware	cisco	catalyst_3650-48tq-s	-	No
Hardware	cisco	catalyst_3650-48ts-e	-	No
Hardware	cisco	catalyst_3650-48ts-l	-	No
Hardware	cisco	catalyst_3650-48ts-s	-	No
Hardware	cisco	catalyst_3650-8x24pd-e	-	No
Hardware	cisco	catalyst_3650-8x24pd-l	-	No
Hardware	cisco	catalyst_3650-8x24pd-s	-	No
Hardware	cisco	catalyst_3650-8x24uq	-	No
Hardware	cisco	catalyst_3650-8x24uq-e	-	No
Hardware	cisco	catalyst_3650-8x24uq-l	-	No
Hardware	cisco	catalyst_3650-8x24uq-s	-	No
Hardware	cisco	catalyst_3850	-	No
Hardware	cisco	catalyst_3850-12s-e	-	No
Hardware	cisco	catalyst_3850-12s-s	-	No
Hardware	cisco	catalyst_3850-12x48u	-	No
Hardware	cisco	catalyst_3850-12xs-e	-	No
Hardware	cisco	catalyst_3850-12xs-s	-	No
Hardware	cisco	catalyst_3850-16xs-e	-	No
Hardware	cisco	catalyst_3850-16xs-s	-	No
Hardware	cisco	catalyst_3850-24p-e	-	No
Hardware	cisco	catalyst_3850-24p-l	-	No
Hardware	cisco	catalyst_3850-24p-s	-	No
Hardware	cisco	catalyst_3850-24pw-s	-	No
Hardware	cisco	catalyst_3850-24s-e	-	No
Hardware	cisco	catalyst_3850-24s-s	-	No
Hardware	cisco	catalyst_3850-24t-e	-	No
Hardware	cisco	catalyst_3850-24t-l	-	No
Hardware	cisco	catalyst_3850-24t-s	-	No
Hardware	cisco	catalyst_3850-24u	-	No
Hardware	cisco	catalyst_3850-24u-e	-	No
Hardware	cisco	catalyst_3850-24u-l	-	No
Hardware	cisco	catalyst_3850-24u-s	-	No
Hardware	cisco	catalyst_3850-24xs	-	No
Hardware	cisco	catalyst_3850-24xs-e	-	No
Hardware	cisco	catalyst_3850-24xs-s	-	No
Hardware	cisco	catalyst_3850-24xu	-	No
Hardware	cisco	catalyst_3850-24xu-e	-	No
Hardware	cisco	catalyst_3850-24xu-l	-	No
Hardware	cisco	catalyst_3850-24xu-s	-	No
Hardware	cisco	catalyst_3850-32xs-e	-	No
Hardware	cisco	catalyst_3850-32xs-s	-	No
Hardware	cisco	catalyst_3850-48f-e	-	No
Hardware	cisco	catalyst_3850-48f-l	-	No
Hardware	cisco	catalyst_3850-48f-s	-	No
Hardware	cisco	catalyst_3850-48p-e	-	No
Hardware	cisco	catalyst_3850-48p-l	-	No
Hardware	cisco	catalyst_3850-48p-s	-	No
Hardware	cisco	catalyst_3850-48pw-s	-	No
Hardware	cisco	catalyst_3850-48t-e	-	No
Hardware	cisco	catalyst_3850-48t-l	-	No
Hardware	cisco	catalyst_3850-48t-s	-	No
Hardware	cisco	catalyst_3850-48u	-	No
Hardware	cisco	catalyst_3850-48u-e	-	No
Hardware	cisco	catalyst_3850-48u-l	-	No
Hardware	cisco	catalyst_3850-48u-s	-	No
Hardware	cisco	catalyst_3850-48xs	-	No
Hardware	cisco	catalyst_3850-48xs-e	-	No
Hardware	cisco	catalyst_3850-48xs-f-e	-	No
Hardware	cisco	catalyst_3850-48xs-f-s	-	No
Hardware	cisco	catalyst_3850-48xs-s	-	No
Hardware	cisco	catalyst_3850-nm-2-40g	-	No
Hardware	cisco	catalyst_3850-nm-8-10g	-	No
Hardware	cisco	catalyst_9200	-	No
Hardware	cisco	catalyst_9300	-	No
Hardware	cisco	catalyst_9300-24p-a	-	No
Hardware	cisco	catalyst_9300-24p-e	-	No
Hardware	cisco	catalyst_9300-24s-a	-	No
Hardware	cisco	catalyst_9300-24s-e	-	No
Hardware	cisco	catalyst_9300-24t-a	-	No
Hardware	cisco	catalyst_9300-24t-e	-	No
Hardware	cisco	catalyst_9300-24u-a	-	No
Hardware	cisco	catalyst_9300-24u-e	-	No
Hardware	cisco	catalyst_9300-24ux-a	-	No
Hardware	cisco	catalyst_9300-24ux-e	-	No
Hardware	cisco	catalyst_9300-48p-a	-	No
Hardware	cisco	catalyst_9300-48p-e	-	No
Hardware	cisco	catalyst_9300-48s-a	-	No
Hardware	cisco	catalyst_9300-48s-e	-	No
Hardware	cisco	catalyst_9300-48t-a	-	No
Hardware	cisco	catalyst_9300-48t-e	-	No
Hardware	cisco	catalyst_9300-48u-a	-	No
Hardware	cisco	catalyst_9300-48u-e	-	No
Hardware	cisco	catalyst_9300-48un-a	-	No
Hardware	cisco	catalyst_9300-48un-e	-	No
Hardware	cisco	catalyst_9300-48uxm-a	-	No
Hardware	cisco	catalyst_9300-48uxm-e	-	No
Hardware	cisco	catalyst_9300l	-	No
Hardware	cisco	catalyst_9300l-24p-4g-a	-	No
Hardware	cisco	catalyst_9300l-24p-4g-e	-	No
Hardware	cisco	catalyst_9300l-24p-4x-a	-	No
Hardware	cisco	catalyst_9300l-24p-4x-e	-	No
Hardware	cisco	catalyst_9300l-24t-4g-a	-	No
Hardware	cisco	catalyst_9300l-24t-4g-e	-	No
Hardware	cisco	catalyst_9300l-24t-4x-a	-	No
Hardware	cisco	catalyst_9300l-24t-4x-e	-	No
Hardware	cisco	catalyst_9300l-48p-4g-a	-	No
Hardware	cisco	catalyst_9300l-48p-4g-e	-	No
Hardware	cisco	catalyst_9300l-48p-4x-a	-	No
Hardware	cisco	catalyst_9300l-48p-4x-e	-	No
Hardware	cisco	catalyst_9300l-48t-4g-a	-	No
Hardware	cisco	catalyst_9300l-48t-4g-e	-	No
Hardware	cisco	catalyst_9300l-48t-4x-a	-	No
Hardware	cisco	catalyst_9300l-48t-4x-e	-	No
Hardware	cisco	catalyst_9300l_stack	-	No
Hardware	cisco	catalyst_9400	-	No
Hardware	cisco	catalyst_9407r	-	No
Hardware	cisco	catalyst_9410r	-	No
Hardware	cisco	catalyst_9500	-	No
Hardware	cisco	catalyst_9600	-	No
Hardware	cisco	catalyst_9800	-	No
Hardware	cisco	catalyst_9800-40	-	No
Hardware	cisco	catalyst_9800-80	-	No
Hardware	cisco	catalyst_9800-cl	-	No
Hardware	cisco	catalyst_9800-l	-	No
Hardware	cisco	catalyst_9800-l-c	-	No
Hardware	cisco	catalyst_9800-l-f	-	No
Hardware	cisco	csr_1000v	-	No

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-lldp-dos-sBnuHSjT Vendor Advisory ([email protected])
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-lldp-dos-sBnuHSjT Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)