How severe is CVE-2021-1231?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.7 out of 10.

What type of vulnerability is CVE-2021-1231?

This is classified as CWE-284, which is a common weakness in software security.

CVE-2021-1231

MEDIUM Year: 2021

CVSS v3 Score

4.7

Medium

CVSS v2 Score

2.9

Low

Weakness Type

CWE-284

View all →

Vulnerability Description

A vulnerability in the Link Layer Discovery Protocol (LLDP) for Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, adjacent attacker to disable switching on a small form-factor pluggable (SFP) interface. This vulnerability is due to incomplete validation of the source of a received LLDP packet. An attacker could exploit this vulnerability by sending a crafted LLDP packet on an SFP interface to an affected device. A successful exploit could allow the attacker to disable switching on the SFP interface, which could disrupt network traffic.

CVE-2015-2687

MEDIUM

CVSS:4.7(Medium)

OpenStack Compute (nova) Icehouse, Juno and Havana when live migration fails allows local users to access VM volumes that they would normally not have permissions for.

CWE-2842015

CVE-2016-4963

MEDIUM

CVSS:4.7(Medium)

The libxl device-handling in Xen through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service (management tool confusion) by manipulating information in the ...

CWE-2842016

CVE-2016-6723

MEDIUM

CVSS:4.7(Medium)

A denial of service vulnerability in Proxy Auto Config in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could enable a remote attac...

CWE-2842016

CVE-2018-0119

MEDIUM

CVSS:4.7(Medium)

A vulnerability in certain authentication controls in the account services of Cisco Spark could allow an authenticated, remote attacker to interact with and view information on an affected device that...

CWE-2842018

CVE-2020-3231

MEDIUM

CVSS:4.7(Medium)

A vulnerability in the 802.1X feature of Cisco Catalyst 2960-L Series Switches and Cisco Catalyst CDB-8P Switches could allow an unauthenticated, adjacent attacker to forward broadcast traffic before ...

CWE-2842020

CVE-2020-3418

MEDIUM

CVSS:4.7(Medium)

A vulnerability in Cisco IOS XE Wireless Controller Software for Cisco Catalyst 9800 Series Routers could allow an unauthenticated, adjacent attacker to send ICMPv6 traffic prior to the client being p...

CWE-2842020

CVE-2021-1231

Vulnerability Description

Related Vulnerabilities

CVE-2015-2687

CVE-2016-4963

CVE-2016-6723

CVE-2018-0119

CVE-2020-3231

CVE-2020-3418