CVE-2018-0395

A vulnerability in the Link Layer Discovery Protocol (LLDP) implementation for Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition when the device unexpectedly reloads. The vulnerability is due to improper input validation of certain type, length, value (TLV) fields of the LLDP frame header. An attacker could exploit this vulnerability by sending a crafted LLDP packet to an interface on the targeted device. A successful exploit could allow the attacker to cause the switch to reload unexpectedly.

Severity	HIGH
CVSS	8.8
CWE	CWE-20
KEV
Published	7 years ago
Modified	1 year ago

Related Products

Product	Advisory	Evidence
Firepower Extensible Operating System	cisco-sa-20181017-fxnx-os-dos	Cisco OpenVuln
Cisco Unified Computing System (Managed)	cisco-sa-20181017-fxnx-os-dos	Cisco OpenVuln
Cisco NX-OS System Software in ACI Mode	cisco-sa-20181017-fxnx-os-dos	Cisco OpenVuln
Cisco NX-OS Software	cisco-sa-20181017-fxnx-os-dos	Cisco OpenVuln
Cisco Firepower Extensible Operating System (FXOS)	cisco-sa-20181017-fxnx-os-dos	Cisco OpenVuln
Cisco Firepower Extensible Operating System	cisco-sa-20181017-fxnx-os-dos	Cisco OpenVuln