The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of Cisco NX-OS: denial of service via LLDP

Synthesis of the vulnerability 

An attacker can generate a fatal error via LLDP of Cisco NX-OS, in order to trigger a denial of service.
Vulnerable software: Nexus by Cisco, NX-OS.
Severity of this announce: 2/4.
Creation date: 18/10/2018.
Références of this computer vulnerability: CERTFR-2018-AVI-502, cisco-sa-20181017-fxnx-os-dos, CSCuc98542, CSCvf23367, CSCvj94174, CSCvj96148, CVE-2018-0395, VIGILANCE-VUL-27559.

Description of the vulnerability 

An attacker can generate a fatal error via LLDP of Cisco NX-OS, in order to trigger a denial of service.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This computer weakness announce impacts software or systems such as Nexus by Cisco, NX-OS.

Our Vigil@nce team determined that the severity of this security alert is medium.

The trust level is of type confirmed by the editor, with an origin of LAN.

An attacker with a expert ability can exploit this vulnerability.

Solutions for this threat 

Cisco NX-OS: solution CSCuc98542 CSCvf23367 CSCvj94174 CSCvj96148.
The solution is described on the Cisco site:
  https://bst.cloudapps.cisco.com/bugsearch/bug/CSCuc98542
  https://tools.cisco.com/bugsearch/bug/CSCuc98542
  https://tools.cisco.com/quickview/bug/CSCuc98542
  https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvf23367
  https://tools.cisco.com/bugsearch/bug/CSCvf23367
  https://tools.cisco.com/quickview/bug/CSCvf23367
  https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvj94174
  https://tools.cisco.com/bugsearch/bug/CSCvj94174
  https://tools.cisco.com/quickview/bug/CSCvj94174
  https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvj96148
  https://tools.cisco.com/bugsearch/bug/CSCvj96148
  https://tools.cisco.com/quickview/bug/CSCvj96148
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides an application vulnerability database. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system.