CVE-2015-4197

Name of the Vulnerable Software and Affected Versions Cisco NX-OS version 5.2(5)

Description The issue is caused by insufficient input validation in the Link Layer Discovery Protocol (LLDP) code, allowing an attacker to send a malformed LLDP packet on the local network and cause a denial of service (device crash). To exploit this, an attacker must be on the same broadcast or collision domain as the targeted device.

Recommendations For Cisco NX-OS version 5.2(5), update to a newer version that includes the fix for this issue. As a temporary workaround, consider disabling LLDP packet processing on interfaces where it is not necessary until a patch is available. Restrict access to the device to minimize the risk of exploitation.