CVE-2020-3120

Name of the Vulnerable Software and Affected Versions Cisco FXOS Software (affected versions not specified) Cisco IOS XR Software (affected versions not specified) Cisco NX-OS Software (affected versions not specified)

Description A vulnerability in the Cisco Discovery Protocol implementation could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing check when the affected software processes Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to exhaust system memory, causing the device to reload. Cisco Discovery Protocol is a Layer 2 protocol, and to exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).

Recommendations For Cisco FXOS Software, update to a version that includes the fix for this vulnerability. For Cisco IOS XR Software, update to a version that includes the fix for this vulnerability. For Cisco NX-OS Software, update to a version that includes the fix for this vulnerability. As a temporary workaround, consider restricting access to the Cisco Discovery Protocol to minimize the risk of exploitation.