CVE-2020-3231

Name of the Vulnerable Software and Affected Versions Cisco Catalyst 2960-L Series Switches (affected versions not specified) Cisco Catalyst CDB-8P Switches (affected versions not specified)

Description A vulnerability exists in the 802.1X feature due to mishandling of broadcast traffic received on the 802.1X-enabled port. This could allow an unauthenticated, adjacent attacker to forward broadcast traffic before being authenticated on the port. An attacker could exploit this vulnerability by sending broadcast traffic on the port before being authenticated, potentially allowing them to send and receive broadcast traffic on the 802.1X-enabled port before authentication.

Recommendations For Cisco Catalyst 2960-L Series Switches, update to a version that includes the fix for this issue. For Cisco Catalyst CDB-8P Switches, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the 802.1X-enabled port until a patch is available.