1. Home
  2. CVE Database
  3. CVE-2024-20294
MEDIUM · 6.6

CVE-2024-20294

A vulnerability in the Link Layer Discovery Protocol (LLDP) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS)...

Vulnerability Description

A vulnerability in the Link Layer Discovery Protocol (LLDP) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of specific fields in an LLDP frame. An attacker could exploit this vulnerability by sending a crafted LLDP packet to an interface of an affected device and having an authenticated user retrieve LLDP statistics from the affected device through CLI show commands or Simple Network Management Protocol (SNMP) requests. A successful exploit could allow the attacker to cause the LLDP service to crash and stop running on the affected device. In certain situations, the LLDP crash may result in a reload of the affected device. Note: LLDP is a Layer 2 link protocol. To exploit this vulnerability, an attacker would need to be directly connected to an interface of an affected device, either physically or logically (for example, through a Layer 2 Tunnel configured to transport the LLDP protocol).

CVSS Score

6.6

MEDIUM

CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
CiscoFirepower Extensible Operating System2.2.1.63
CiscoFirepower 4110-
CiscoFirepower 4112-
CiscoFirepower 4115-
CiscoFirepower 4120-
CiscoFirepower 4125-
CiscoFirepower 4140-
CiscoFirepower 4145-
CiscoFirepower 4150-
CiscoFirepower 9300 Sm-24-
CiscoFirepower 9300 Sm-36-
CiscoFirepower 9300 Sm-40-
CiscoFirepower 9300 Sm-44-
CiscoFirepower 9300 Sm-48-
CiscoFirepower 9300 Sm-56-
CiscoNx-Os12.0\(1m\)
CiscoNexus 93108Tc-Ex-
CiscoNexus 93108Tc-Ex-24-
CiscoNexus 93108Tc-Fx-
CiscoNexus 93108Tc-Fx-24-

Related Weaknesses (CWE)

CWE-805

References

FAQ

What is CVE-2024-20294?

CVE-2024-20294 is a vulnerability with a CVSS score of 6.6 (MEDIUM). A vulnerability in the Link Layer Discovery Protocol (LLDP) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS)...

How severe is CVE-2024-20294?

CVE-2024-20294 has been rated MEDIUM with a CVSS base score of 6.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-20294?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Firepower Extensible Operating System, Cisco Firepower 4110, Cisco Firepower 4112, Cisco Firepower 4115, Cisco Firepower 4120.