CISCO-SA-N3KN9K_ACI_LLDP_DOS-NDGRRRA3
Vulnerability from csaf_cisco - Published: 2026-02-25 16:00 - Updated: 2026-02-25 16:00Summary
Cisco NX-OS Software Link Layer Discovery Protocol Denial of Service Vulnerability
Notes
Summary
A vulnerability in the Link Layer Discovery Protocol (LLDP) feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause the LLDP process to restart, which could cause an affected device to reload unexpectedly.
This vulnerability is due to improper handling of specific fields in an LLDP frame. An attacker could exploit this vulnerability by sending a crafted LLDP packet to an interface of an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition.
Note: LLDP is a Layer 2 link protocol. To exploit this vulnerability, an attacker would need to be directly connected to an interface of an affected device, either physically or logically (for example, through a Layer 2 Tunnel configured to transport the LLDP protocol).
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is part of the February 2026 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: February 2026 Semiannual Cisco FXOS and NX-OS Software Security Advisory Bundled Publication ["https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75740"].
Vulnerable Products
This vulnerability affects the following Cisco products if they are running a vulnerable software release and have the LLDP feature enabled globally and on at least one interface:
Nexus 3000 Series Switches (CSCwi75282) ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwi75282"]
Nexus 9000 Series Fabric Switches in ACI mode (CSCwq33193) ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwq33193"]
Nexus 9000 Series Switches in standalone NX-OS mode (CSCwi75282) ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwi75282"]
UCS X-Series Direct Fabric Interconnects 9108 100G (CSCwq60777 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwq60777"])
For information about which Cisco software releases are vulnerable, see the Fixed Software ["#fs"] section of this advisory.
Determine the Status of LLDP on Cisco NX-OS Software in Standalone Mode
The LLDP feature is disabled by default on Cisco Nexus Switches that are running Cisco NX-OS Software in standalone mode. To determine if the LLDP feature has been enabled, use the show feature | include lldp command at the device CLI. The following example shows that the LLDP feature is enabled:
switch# show feature | include lldp
lldp 1 enabled
If the LLDP feature has been enabled, LLDP is also enabled on all interfaces by default. The processing of incoming LLDP packets can be selectively disabled on a specific interface by using the no lldp receive interface-level configuration command.
To determine the status of LLDP on a specific interface, use the show lldp interface ethernet module/interface command at the device CLI. If the enable (rx) status is set to Y, the interface accepts incoming LLDP packets, as shown in the following example:
switch# show lldp interface ethernet 1/1
Interface Information:
Enable (tx/rx/dcbx): Y/Y/Y Port Mac address: 00:a6:ca:b6:84:5a
Determine the Status of LLDP on Cisco Nexus 9000 Series Fabric Switches in ACI Mode
The LLDP feature is enabled by default on Cisco Nexus 9000 Series Fabric Switches in ACI mode and cannot be fully disabled. LLDP is enabled by default on all fabric ports and access ports.
The processing of incoming LLDP packets can be selectively disabled on a specific access port by using the no lldp receive interface-level configuration command from the APIC NX-OS style CLI, or by having LLDP disabled in the applied access policy. For more information, see the Access Policies Overview section of the Cisco Application Centric Infrastructure Fundamentals Guide ["https://www.cisco.com/c/en/us/td/docs/dcn/aci/apic/6x/aci-fundamentals/cisco-aci-fundamentals-60x/provisioning-60x.html#concept_0F4DAC4EB5344665BE50B19F6B04FB02"].
To determine the status of LLDP on a specific interface, use the show lldp interface ethernet module/interface command at the device CLI. If the enable (rx) status is set to Y, the interface accepts incoming LLDP packets, as shown in the following example:
switch# show lldp interface ethernet 1/1
Interface Information:
Enable (tx/rx/dcbx): Y/Y/N Port Mac address: 50:87:89:a2:10:39
Determine the Status of LLDP on Cisco UCS X-Series Direct Fabric Interconnects 9108 100G
The LLDP feature is enabled by default on Cisco UCS X-Series Direct Fabric Interconnect 9108 100G and cannot be fully disabled. LLDP is always enabled on the following interfaces:
Ethernet uplink ports (network interfaces that connect to upstream switches for network connectivity)
Ethernet port channel members
Fibre Channel over Ethernet (FCoE) uplink ports
Management interface (mgmt0)
LLDP may also be enabled on server ports (interfaces that are presented to the servers in the Cisco UCS Manager domain) and appliance ports (interfaces that connect to directly attached NFS storage) through a network control policy. For more information, see the Configuring Network Control Policies section of the Cisco UCS Manager Network Management Guide ["https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ucs-manager/GUI-User-Guides/Network-Mgmt/4-3/b_UCSM_Network_Mgmt_Guide_4_3/b_UCSM_Network_Mgmt_Guide_chapter_01010.html#d20481e10246a1635"].
To determine the status of LLDP on a specific interface, use the connect nxos command at the device CLI, then use the show lldp interface ethernet module/interface command. If the enable (rx) status is set to Y, the interface accepts incoming LLDP packets, as shown in the following example:
FI-A# show lldp interface ethernet 1/1
Interface Information:
Enable (tx/rx/dcbx):Y/Y/Y Port Mac address: 00:c8:8b:84:a2:54
Products Confirmed Not Vulnerable
Only products listed in the Vulnerable Products ["#vp"] section of this advisory are known to be affected by this vulnerability.
Cisco has confirmed that this vulnerability does not affect the following Cisco products:
Firepower 1000 Series
Firepower 2100 Series
Firepower 4100 Series
Firepower 9300 Security Appliances
MDS 9000 Series Multilayer Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Secure Firewall 3100 Series
Secure Firewall 4200 Series
UCS 6300 Series Fabric Interconnects
UCS 6400 Series Fabric Interconnects
Workarounds
There are no workarounds that address this vulnerability.
Fixed Software
Cisco considers any workarounds and mitigations (if applicable) to be temporary solutions until an upgrade to a fixed software release is available. To fully remediate this vulnerability and avoid future exposure as described in this advisory, Cisco strongly recommends that customers upgrade to the fixed software indicated in this advisory.
Cisco NX-OS Software
To help customers determine their exposure to vulnerabilities in Cisco NX-OS Software, Cisco provides the Cisco Software Checker ["https://sec.cloudapps.cisco.com/security/center/softwarechecker.x"]. This tool identifies any Cisco security advisories that impact a specific software release and the earliest release that fixes the vulnerabilities that are described in each advisory (“First Fixed”). If applicable, the tool also returns the earliest release that fixes all the vulnerabilities described in all the advisories that the Software Checker identifies (“Combined First Fixed”).
To use the tool, go to the Cisco Software Checker ["https://sec.cloudapps.cisco.com/security/center/softwarechecker.x"] page and follow the instructions. Alternatively, use the following form to search for vulnerabilities that affect a specific software release. To use the form, follow these steps:
Choose which advisories the tool will search—only this advisory, only advisories with a Critical or High Security Impact Rating (SIR) ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#asr"], or all advisories.
Choose the appropriate software.
Choose the appropriate platform.
Enter a release number—for example, 10.4(4) for Cisco Nexus 3000 Series Switches or 16.0(8e) for Cisco NX-OS Software in ACI mode.
Click Check.
Only this advisory All Critical and High advisories All advisories Cisco NX-OS Software Cisco NX-OS Software in ACI Mode Any Platform MDS 9000 Series Multilayer Switches Nexus 3000 Series Switches Nexus 5000 Series Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 9000 Series Switches
Cisco UCS Software
In the following table, the left column lists Cisco software releases. The center column indicates whether a release is affected by the vulnerability described in this advisory and the first vulnerable release. The right column indicates the first release that includes the fix for this vulnerability.
UCS 9108 100G Fabric Interconnects
Cisco UCS Software Release First Fixed Release for UCS Manager Mode First Fixed Release for Intersight Managed Mode 4.3 4.3(6e) 4.3(6.260003) 6.0 Not vulnerable Not vulnerable
The Cisco Product Security Incident Response Team (PSIRT) validates only the affected and fixed release information that is documented in this advisory.
Additional Resources
For help determining the best Cisco NX-OS Software release for a Cisco Nexus Switch, see the following Recommended Releases documents. If a security advisory recommends a later release, Cisco recommends following the advisory guidance.
Cisco MDS Series Switches ["https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/b_MDS_NX-OS_Recommended_Releases.html"]
Cisco Nexus 3000 Series Switches ["http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus3000/sw/recommended_release/b_Minimum_and_Recommended_Cisco_NX-OS_Releases_for_Cisco_Nexus_3000_Series_Switches.html"]
Cisco Nexus 5500 Platform Switches ["http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5500/sw/release/recommended_releases/n5500_recommended_nx-os_releases.html"]
Cisco Nexus 5600 Platform Switches ["https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5600/sw/release/recommended_releases/n5600_recommended_nx-os_releases.html"]
Cisco Nexus 6000 Series Switches ["http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus6000/sw/release/recommended_releases/recommended_nx-os_releases.html"]
Cisco Nexus 7000 Series Switches ["http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/nx-os/recommended_releases/recommended_nx-os_releases.html"]
Cisco Nexus 9000 Series Switches ["http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/recommended_release/b_Minimum_and_Recommended_Cisco_NX-OS_Releases_for_Cisco_Nexus_9000_Series_Switches.html"]
Cisco Nexus 9000 Series ACI-Mode Switches ["https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/recommended-release/b_Recommended_Cisco_ACI_Releases.html"]
To determine the best release for Cisco UCS Software, see the Recommended Releases documents in the release notes for the device.
Vulnerability Policy
To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy ["http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.
Exploitation and Public Announcements
The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.
Source
This vulnerability was found during the resolution of a Cisco Technical Assistance Center (TAC) support case.
Legal Disclaimer
SOFTWARE DOWNLOADS AND TECHNICAL SUPPORT
The Cisco Support and Downloads ["https://www.cisco.com/c/en/us/support/index.html"] page on Cisco.com provides information about licensing and downloads. This page can also display customer device support coverage for customers who use the My Devices tool. Please note that customers may download only software that was procured from Cisco directly or through a Cisco authorized reseller or partner and for which the license is still valid.
Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco Technical Assistance Center (TAC) ["https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html"]. Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade.
When considering software upgrades ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"], customers are advised to regularly consult the advisories ["https://www.cisco.com/go/psirt"] for the relevant Cisco products to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) ["https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html"] or their contracted maintenance providers.
LEGAL DISCLAIMER DETAILS
CISCO DOES NOT MAKE ANY EXPRESS OR IMPLIED GUARANTEES OR WARRANTIES OF ANY KIND, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. WITHOUT LIMITING THE GENERALITY OF THE FOREGOING, CISCO DOES NOT GUARANTEE THE ACCURACY OR COMPLETENESS OF THIS INFORMATION. THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
Copies or summaries of the information contained in this Security Advisory may lack important information or contain factual errors. Customers are advised to visit the Cisco Security Advisories ["https://www.cisco.com/go/psirt"] page for the most recent version of this Security Advisory. The Cisco Product Security Incident Response Team (PSIRT) assesses only the affected and fixed release information that is documented in this advisory. See the Cisco Security Vulnerability Policy ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"] for more information.
{
"document": {
"acknowledgments": [
{
"summary": "This vulnerability was found during the resolution of a Cisco Technical Assistance Center (TAC) support case."
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"notes": [
{
"category": "summary",
"text": "A vulnerability in the Link Layer Discovery Protocol (LLDP) feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause the LLDP process to restart, which could cause an affected device to reload unexpectedly.\r\n\r\nThis vulnerability is due to improper handling of specific fields in an LLDP frame. An attacker could exploit this vulnerability by sending a crafted LLDP packet to an interface of an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition.\r\n\r\nNote: LLDP is a Layer 2 link protocol. To exploit this vulnerability, an attacker would need to be directly connected to an interface of an affected device, either physically or logically (for example, through a Layer 2 Tunnel configured to transport the LLDP protocol).\r\n\r\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.\r\n\r\n\r\n\r\nThis advisory is part of the February 2026 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: February 2026 Semiannual Cisco FXOS and NX-OS Software Security Advisory Bundled Publication [\"https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75740\"].",
"title": "Summary"
},
{
"category": "general",
"text": "This vulnerability affects the following Cisco products if they are running a vulnerable software release and have the LLDP feature enabled globally and on at least one interface:\r\n\r\nNexus 3000 Series Switches (CSCwi75282) [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwi75282\"]\r\nNexus 9000 Series Fabric Switches in ACI mode (CSCwq33193) [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwq33193\"]\r\nNexus 9000 Series Switches in standalone NX-OS mode (CSCwi75282) [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwi75282\"]\r\nUCS X-Series Direct Fabric Interconnects 9108 100G (CSCwq60777 [\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwq60777\"])\r\n\r\nFor information about which Cisco software releases are vulnerable, see the Fixed Software [\"#fs\"] section of this advisory.\r\n\r\nDetermine the Status of LLDP on Cisco NX-OS Software in Standalone Mode\r\n\r\nThe LLDP feature is disabled by default on Cisco Nexus Switches that are running Cisco NX-OS Software in standalone mode. To determine if the LLDP feature has been enabled, use the show feature | include lldp command at the device CLI. The following example shows that the LLDP feature is enabled:\r\n\r\n\r\nswitch# show feature | include lldp\r\nlldp 1 enabled\r\n\r\nIf the LLDP feature has been enabled, LLDP is also enabled on all interfaces by default. The processing of incoming LLDP packets can be selectively disabled on a specific interface by using the no lldp receive interface-level configuration command.\r\n\r\nTo determine the status of LLDP on a specific interface, use the show lldp interface ethernet module/interface command at the device CLI. If the enable (rx) status is set to Y, the interface accepts incoming LLDP packets, as shown in the following example:\r\n\r\n\r\nswitch# show lldp interface ethernet 1/1\r\nInterface Information:\r\nEnable (tx/rx/dcbx): Y/Y/Y Port Mac address: 00:a6:ca:b6:84:5a\r\n\r\nDetermine the Status of LLDP on Cisco Nexus 9000 Series Fabric Switches in ACI Mode\r\n\r\nThe LLDP feature is enabled by default on Cisco Nexus 9000 Series Fabric Switches in ACI mode and cannot be fully disabled. LLDP is enabled by default on all fabric ports and access ports.\r\n\r\nThe processing of incoming LLDP packets can be selectively disabled on a specific access port by using the no lldp receive interface-level configuration command from the APIC NX-OS style CLI, or by having LLDP disabled in the applied access policy. For more information, see the Access Policies Overview section of the Cisco Application Centric Infrastructure Fundamentals Guide [\"https://www.cisco.com/c/en/us/td/docs/dcn/aci/apic/6x/aci-fundamentals/cisco-aci-fundamentals-60x/provisioning-60x.html#concept_0F4DAC4EB5344665BE50B19F6B04FB02\"].\r\n\r\nTo determine the status of LLDP on a specific interface, use the show lldp interface ethernet module/interface command at the device CLI. If the enable (rx) status is set to Y, the interface accepts incoming LLDP packets, as shown in the following example:\r\n\r\n\r\nswitch# show lldp interface ethernet 1/1\r\nInterface Information:\r\nEnable (tx/rx/dcbx): Y/Y/N Port Mac address: 50:87:89:a2:10:39\r\n\r\nDetermine the Status of LLDP on Cisco UCS X-Series Direct Fabric Interconnects 9108 100G\r\n\r\nThe LLDP feature is enabled by default on Cisco UCS X-Series Direct Fabric Interconnect 9108 100G and cannot be fully disabled. LLDP is always enabled on the following interfaces:\r\n\r\nEthernet uplink ports (network interfaces that connect to upstream switches for network connectivity)\r\nEthernet port channel members\r\nFibre Channel over Ethernet (FCoE) uplink ports\r\nManagement interface (mgmt0)\r\n\r\nLLDP may also be enabled on server ports (interfaces that are presented to the servers in the Cisco UCS Manager domain) and appliance ports (interfaces that connect to directly attached NFS storage) through a network control policy. For more information, see the Configuring Network Control Policies section of the Cisco UCS Manager Network Management Guide [\"https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ucs-manager/GUI-User-Guides/Network-Mgmt/4-3/b_UCSM_Network_Mgmt_Guide_4_3/b_UCSM_Network_Mgmt_Guide_chapter_01010.html#d20481e10246a1635\"].\r\n\r\nTo determine the status of LLDP on a specific interface, use the connect nxos command at the device CLI, then use the show lldp interface ethernet module/interface command. If the enable (rx) status is set to Y, the interface accepts incoming LLDP packets, as shown in the following example:\r\n\r\n\r\nFI-A# show lldp interface ethernet 1/1\r\nInterface Information:\r\nEnable (tx/rx/dcbx):Y/Y/Y Port Mac address: 00:c8:8b:84:a2:54",
"title": "Vulnerable Products"
},
{
"category": "general",
"text": "Only products listed in the Vulnerable Products [\"#vp\"] section of this advisory are known to be affected by this vulnerability.\r\n\r\nCisco has confirmed that this vulnerability does not affect the following Cisco products:\r\n\r\nFirepower 1000 Series\r\nFirepower 2100 Series\r\nFirepower 4100 Series\r\nFirepower 9300 Security Appliances\r\nMDS 9000 Series Multilayer Switches\r\nNexus 5500 Platform Switches\r\nNexus 5600 Platform Switches\r\nNexus 6000 Series Switches\r\nNexus 7000 Series Switches\r\nSecure Firewall 3100 Series\r\nSecure Firewall 4200 Series\r\nUCS 6300 Series Fabric Interconnects\r\nUCS 6400 Series Fabric Interconnects",
"title": "Products Confirmed Not Vulnerable"
},
{
"category": "general",
"text": "There are no workarounds that address this vulnerability.",
"title": "Workarounds"
},
{
"category": "general",
"text": "Cisco considers any workarounds and mitigations (if applicable) to be temporary solutions until an upgrade to a fixed software release is available. To fully remediate this vulnerability and avoid future exposure as described in this advisory, Cisco strongly recommends that customers upgrade to the fixed software indicated in this advisory.\r\n Cisco NX-OS Software\r\nTo help customers determine their exposure to vulnerabilities in Cisco NX-OS Software, Cisco provides the Cisco Software Checker [\"https://sec.cloudapps.cisco.com/security/center/softwarechecker.x\"]. This tool identifies any Cisco security advisories that impact a specific software release and the earliest release that fixes the vulnerabilities that are described in each advisory (\u201cFirst Fixed\u201d). If applicable, the tool also returns the earliest release that fixes all the vulnerabilities described in all the advisories that the Software Checker identifies (\u201cCombined First Fixed\u201d).\r\n\r\nTo use the tool, go to the Cisco Software Checker [\"https://sec.cloudapps.cisco.com/security/center/softwarechecker.x\"] page and follow the instructions. Alternatively, use the following form to search for vulnerabilities that affect a specific software release. To use the form, follow these steps:\r\n\r\nChoose which advisories the tool will search\u2014only this advisory, only advisories with a Critical or High Security Impact Rating (SIR) [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#asr\"], or all advisories.\r\nChoose the appropriate software.\r\nChoose the appropriate platform.\r\nEnter a release number\u2014for example, 10.4(4) for Cisco Nexus 3000 Series Switches or 16.0(8e) for Cisco NX-OS Software in ACI mode.\r\nClick Check.\r\n\r\n Only this advisory All Critical and High advisories All advisories Cisco NX-OS Software Cisco NX-OS Software in ACI Mode Any Platform MDS 9000 Series Multilayer Switches Nexus 3000 Series Switches Nexus 5000 Series Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 9000 Series Switches\r\n\r\n\r\n\r\n\r\n Cisco UCS Software\r\nIn the following table, the left column lists Cisco software releases. The center column indicates whether a release is affected by the vulnerability described in this advisory and the first vulnerable release. The right column indicates the first release that includes the fix for this vulnerability.\r\n\r\nUCS 9108 100G Fabric Interconnects\r\n Cisco UCS Software Release First Fixed Release for UCS Manager Mode First Fixed Release for Intersight Managed Mode 4.3 4.3(6e) 4.3(6.260003) 6.0 Not vulnerable Not vulnerable\r\nThe Cisco Product Security Incident Response Team (PSIRT) validates only the affected and fixed release information that is documented in this advisory.\r\n Additional Resources\r\nFor help determining the best Cisco NX-OS Software release for a Cisco Nexus Switch, see the following Recommended Releases documents. If a security advisory recommends a later release, Cisco recommends following the advisory guidance.\r\n\r\nCisco MDS Series Switches [\"https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/b_MDS_NX-OS_Recommended_Releases.html\"]\r\nCisco Nexus 3000 Series Switches [\"http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus3000/sw/recommended_release/b_Minimum_and_Recommended_Cisco_NX-OS_Releases_for_Cisco_Nexus_3000_Series_Switches.html\"]\r\nCisco Nexus 5500 Platform Switches [\"http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5500/sw/release/recommended_releases/n5500_recommended_nx-os_releases.html\"]\r\nCisco Nexus 5600 Platform Switches [\"https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5600/sw/release/recommended_releases/n5600_recommended_nx-os_releases.html\"]\r\nCisco Nexus 6000 Series Switches [\"http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus6000/sw/release/recommended_releases/recommended_nx-os_releases.html\"]\r\nCisco Nexus 7000 Series Switches [\"http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/nx-os/recommended_releases/recommended_nx-os_releases.html\"]\r\nCisco Nexus 9000 Series Switches [\"http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/recommended_release/b_Minimum_and_Recommended_Cisco_NX-OS_Releases_for_Cisco_Nexus_9000_Series_Switches.html\"]\r\nCisco Nexus 9000 Series ACI-Mode Switches [\"https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/recommended-release/b_Recommended_Cisco_ACI_Releases.html\"]\r\n\r\nTo determine the best release for Cisco UCS Software, see the Recommended Releases documents in the release notes for the device.",
"title": "Fixed Software"
},
{
"category": "general",
"text": "To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy [\"http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html\"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.",
"title": "Vulnerability Policy"
},
{
"category": "general",
"text": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
"title": "Exploitation and Public Announcements"
},
{
"category": "general",
"text": "This vulnerability was found during the resolution of a Cisco Technical Assistance Center (TAC) support case.",
"title": "Source"
},
{
"category": "legal_disclaimer",
"text": "SOFTWARE DOWNLOADS AND TECHNICAL SUPPORT\r\n\r\nThe Cisco Support and Downloads [\"https://www.cisco.com/c/en/us/support/index.html\"] page on Cisco.com provides information about licensing and downloads. This page can also display customer device support coverage for customers who use the My Devices tool. Please note that customers may download only software that was procured from Cisco directly or through a Cisco authorized reseller or partner and for which the license is still valid.\r\n\r\nCustomers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco Technical Assistance Center (TAC) [\"https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html\"]. Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade.\r\n\r\nWhen considering software upgrades [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes\"], customers are advised to regularly consult the advisories [\"https://www.cisco.com/go/psirt\"] for the relevant Cisco products to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) [\"https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html\"] or their contracted maintenance providers.\r\n LEGAL DISCLAIMER DETAILS\r\n\r\nCISCO DOES NOT MAKE ANY EXPRESS OR IMPLIED GUARANTEES OR WARRANTIES OF ANY KIND, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. WITHOUT LIMITING THE GENERALITY OF THE FOREGOING, CISCO DOES NOT GUARANTEE THE ACCURACY OR COMPLETENESS OF THIS INFORMATION. THIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.\r\n\r\nCopies or summaries of the information contained in this Security Advisory may lack important information or contain factual errors. Customers are advised to visit the Cisco Security Advisories [\"https://www.cisco.com/go/psirt\"] page for the most recent version of this Security Advisory. The Cisco Product Security Incident Response Team (PSIRT) assesses only the affected and fixed release information that is documented in this advisory. See the Cisco Security Vulnerability Policy [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes\"] for more information.",
"title": "Legal Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@cisco.com",
"issuing_authority": "Cisco PSIRT",
"name": "Cisco",
"namespace": "https://wwww.cisco.com"
},
"references": [
{
"category": "self",
"summary": "Cisco NX-OS Software Link Layer Discovery Protocol Denial of Service Vulnerability",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n3kn9k_aci_lldp_dos-NdgRrrA3"
},
{
"category": "external",
"summary": "Cisco Event Response: February 2026 Semiannual Cisco FXOS and NX-OS Software Security Advisory Bundled Publication",
"url": "https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75740"
},
{
"category": "external",
"summary": "Cisco Security Vulnerability Policy",
"url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html"
},
{
"category": "external",
"summary": "CSCwi75282)",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwi75282"
},
{
"category": "external",
"summary": "CSCwq33193)",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwq33193"
},
{
"category": "external",
"summary": "CSCwq60777",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwq60777"
},
{
"category": "external",
"summary": "Cisco Application Centric Infrastructure Fundamentals Guide",
"url": "https://www.cisco.com/c/en/us/td/docs/dcn/aci/apic/6x/aci-fundamentals/cisco-aci-fundamentals-60x/provisioning-60x.html#concept_0F4DAC4EB5344665BE50B19F6B04FB02"
},
{
"category": "external",
"summary": "Cisco UCS Manager Network Management Guide",
"url": "https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ucs-manager/GUI-User-Guides/Network-Mgmt/4-3/b_UCSM_Network_Mgmt_Guide_4_3/b_UCSM_Network_Mgmt_Guide_chapter_01010.html#d20481e10246a1635"
},
{
"category": "external",
"summary": "Cisco Software Checker",
"url": "https://sec.cloudapps.cisco.com/security/center/softwarechecker.x"
},
{
"category": "external",
"summary": "Security Impact Rating (SIR)",
"url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#asr"
},
{
"category": "external",
"summary": "Cisco MDS Series Switches",
"url": "https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/b_MDS_NX-OS_Recommended_Releases.html"
},
{
"category": "external",
"summary": "Cisco Nexus 3000 Series Switches",
"url": "http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus3000/sw/recommended_release/b_Minimum_and_Recommended_Cisco_NX-OS_Releases_for_Cisco_Nexus_3000_Series_Switches.html"
},
{
"category": "external",
"summary": "Cisco Nexus 5500 Platform Switches",
"url": "http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5500/sw/release/recommended_releases/n5500_recommended_nx-os_releases.html"
},
{
"category": "external",
"summary": "Cisco Nexus 5600 Platform Switches",
"url": "https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5600/sw/release/recommended_releases/n5600_recommended_nx-os_releases.html"
},
{
"category": "external",
"summary": "Cisco Nexus 6000 Series Switches",
"url": "http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus6000/sw/release/recommended_releases/recommended_nx-os_releases.html"
},
{
"category": "external",
"summary": "Cisco Nexus 7000 Series Switches",
"url": "http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/nx-os/recommended_releases/recommended_nx-os_releases.html"
},
{
"category": "external",
"summary": "Cisco Nexus 9000 Series Switches",
"url": "http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/recommended_release/b_Minimum_and_Recommended_Cisco_NX-OS_Releases_for_Cisco_Nexus_9000_Series_Switches.html"
},
{
"category": "external",
"summary": "Cisco Nexus 9000 Series ACI-Mode Switches",
"url": "https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/recommended-release/b_Recommended_Cisco_ACI_Releases.html"
},
{
"category": "external",
"summary": "Security Vulnerability Policy",
"url": "http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html"
},
{
"category": "external",
"summary": "Cisco Support and Downloads",
"url": "https://www.cisco.com/c/en/us/support/index.html"
},
{
"category": "external",
"summary": "Cisco Technical Assistance Center (TAC)",
"url": "https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html"
},
{
"category": "external",
"summary": "considering software upgrades",
"url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"
},
{
"category": "external",
"summary": "the advisories",
"url": "https://www.cisco.com/go/psirt"
}
],
"title": "Cisco NX-OS Software Link Layer Discovery Protocol Denial of Service Vulnerability",
"tracking": {
"current_release_date": "2026-02-25T16:00:00+00:00",
"generator": {
"date": "2026-02-25T16:00:18+00:00",
"engine": {
"name": "TVCE"
}
},
"id": "cisco-sa-n3kn9k_aci_lldp_dos-NdgRrrA3",
"initial_release_date": "2026-02-25T16:00:00+00:00",
"revision_history": [
{
"date": "2026-02-25T15:59:39+00:00",
"number": "1.0.0",
"summary": "Initial public release."
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"branches": [
{
"category": "service_pack",
"name": "10.3(1)",
"product": {
"name": "10.3(1)",
"product_id": "CSAFPID-289309"
}
},
{
"category": "service_pack",
"name": "10.3(2)",
"product": {
"name": "10.3(2)",
"product_id": "CSAFPID-292658"
}
},
{
"category": "service_pack",
"name": "10.3(3)",
"product": {
"name": "10.3(3)",
"product_id": "CSAFPID-295511"
}
},
{
"category": "service_pack",
"name": "10.3(99w)",
"product": {
"name": "10.3(99w)",
"product_id": "CSAFPID-299969"
}
},
{
"category": "service_pack",
"name": "10.3(3w)",
"product": {
"name": "10.3(3w)",
"product_id": "CSAFPID-300516"
}
},
{
"category": "service_pack",
"name": "10.3(99x)",
"product": {
"name": "10.3(99x)",
"product_id": "CSAFPID-300517"
}
},
{
"category": "service_pack",
"name": "10.3(3o)",
"product": {
"name": "10.3(3o)",
"product_id": "CSAFPID-300741"
}
},
{
"category": "service_pack",
"name": "10.3(4a)",
"product": {
"name": "10.3(4a)",
"product_id": "CSAFPID-300941"
}
},
{
"category": "service_pack",
"name": "10.3(3p)",
"product": {
"name": "10.3(3p)",
"product_id": "CSAFPID-300942"
}
},
{
"category": "service_pack",
"name": "10.3(4)",
"product": {
"name": "10.3(4)",
"product_id": "CSAFPID-301024"
}
},
{
"category": "service_pack",
"name": "10.3(3q)",
"product": {
"name": "10.3(3q)",
"product_id": "CSAFPID-301106"
}
},
{
"category": "service_pack",
"name": "10.3(3x)",
"product": {
"name": "10.3(3x)",
"product_id": "CSAFPID-301289"
}
},
{
"category": "service_pack",
"name": "10.3(4g)",
"product": {
"name": "10.3(4g)",
"product_id": "CSAFPID-301720"
}
},
{
"category": "service_pack",
"name": "10.3(3r)",
"product": {
"name": "10.3(3r)",
"product_id": "CSAFPID-302643"
}
},
{
"category": "service_pack",
"name": "10.3(4h)",
"product": {
"name": "10.3(4h)",
"product_id": "CSAFPID-302884"
}
}
],
"category": "product_version",
"name": "10.3"
},
{
"branches": [
{
"category": "service_pack",
"name": "10.4(1)",
"product": {
"name": "10.4(1)",
"product_id": "CSAFPID-300515"
}
},
{
"category": "service_pack",
"name": "10.4(2)",
"product": {
"name": "10.4(2)",
"product_id": "CSAFPID-301115"
}
}
],
"category": "product_version",
"name": "10.4"
}
],
"category": "product_family",
"name": "Cisco NX-OS Software"
},
{
"category": "product_family",
"name": "Cisco Unified Computing System (Managed)",
"product": {
"name": "Cisco Unified Computing System (Managed) ",
"product_id": "CSAFPID-112776"
}
},
{
"branches": [
{
"branches": [
{
"category": "service_pack",
"name": "16.0(2h)",
"product": {
"name": "16.0(2h)",
"product_id": "CSAFPID-294809"
}
},
{
"category": "service_pack",
"name": "16.0(2j)",
"product": {
"name": "16.0(2j)",
"product_id": "CSAFPID-300257"
}
},
{
"category": "service_pack",
"name": "16.0(3d)",
"product": {
"name": "16.0(3d)",
"product_id": "CSAFPID-300266"
}
},
{
"category": "service_pack",
"name": "16.0(3e)",
"product": {
"name": "16.0(3e)",
"product_id": "CSAFPID-300744"
}
},
{
"category": "service_pack",
"name": "16.0(4c)",
"product": {
"name": "16.0(4c)",
"product_id": "CSAFPID-301160"
}
},
{
"category": "service_pack",
"name": "16.0(5h)",
"product": {
"name": "16.0(5h)",
"product_id": "CSAFPID-301280"
}
},
{
"category": "service_pack",
"name": "16.0(3g)",
"product": {
"name": "16.0(3g)",
"product_id": "CSAFPID-301729"
}
},
{
"category": "service_pack",
"name": "16.0(5j)",
"product": {
"name": "16.0(5j)",
"product_id": "CSAFPID-301742"
}
},
{
"category": "service_pack",
"name": "16.0(6c)",
"product": {
"name": "16.0(6c)",
"product_id": "CSAFPID-302636"
}
},
{
"category": "service_pack",
"name": "16.0(7e)",
"product": {
"name": "16.0(7e)",
"product_id": "CSAFPID-302836"
}
},
{
"category": "service_pack",
"name": "16.0(8e)",
"product": {
"name": "16.0(8e)",
"product_id": "CSAFPID-303022"
}
},
{
"category": "service_pack",
"name": "16.0(8f)",
"product": {
"name": "16.0(8f)",
"product_id": "CSAFPID-303066"
}
},
{
"category": "service_pack",
"name": "16.0(9c)",
"product": {
"name": "16.0(9c)",
"product_id": "CSAFPID-303335"
}
},
{
"category": "service_pack",
"name": "16.0(9d)",
"product": {
"name": "16.0(9d)",
"product_id": "CSAFPID-303891"
}
},
{
"category": "service_pack",
"name": "16.0(6h)",
"product": {
"name": "16.0(6h)",
"product_id": "CSAFPID-305298"
}
},
{
"category": "service_pack",
"name": "16.0(8h)",
"product": {
"name": "16.0(8h)",
"product_id": "CSAFPID-305306"
}
}
],
"category": "product_version",
"name": "16.0"
},
{
"branches": [
{
"category": "service_pack",
"name": "16.1(1f)",
"product": {
"name": "16.1(1f)",
"product_id": "CSAFPID-302689"
}
},
{
"category": "service_pack",
"name": "16.1(2f)",
"product": {
"name": "16.1(2f)",
"product_id": "CSAFPID-303136"
}
},
{
"category": "service_pack",
"name": "16.1(2g)",
"product": {
"name": "16.1(2g)",
"product_id": "CSAFPID-303182"
}
},
{
"category": "service_pack",
"name": "16.1(3f)",
"product": {
"name": "16.1(3f)",
"product_id": "CSAFPID-303772"
}
},
{
"category": "service_pack",
"name": "16.1(3g)",
"product": {
"name": "16.1(3g)",
"product_id": "CSAFPID-306456"
}
}
],
"category": "product_version",
"name": "16.1"
}
],
"category": "product_family",
"name": "Cisco NX-OS System Software in ACI Mode"
},
{
"category": "product_name",
"name": "Cisco Nexus 3000 Series Switches",
"product": {
"name": "Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-265091"
}
},
{
"category": "product_name",
"name": "Cisco Nexus 9000 Series Switches",
"product": {
"name": "Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-265096"
}
}
],
"category": "vendor",
"name": "Cisco"
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(1) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-289309:265091"
},
"product_reference": "CSAFPID-289309",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(1) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-289309:265096"
},
"product_reference": "CSAFPID-289309",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(2) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-292658:265091"
},
"product_reference": "CSAFPID-292658",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(2) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-292658:265096"
},
"product_reference": "CSAFPID-292658",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(3) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-295511:265091"
},
"product_reference": "CSAFPID-295511",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(3) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-295511:265096"
},
"product_reference": "CSAFPID-295511",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(99w) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-299969:265096"
},
"product_reference": "CSAFPID-299969",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(3w) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-300516:265096"
},
"product_reference": "CSAFPID-300516",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(99x) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-300517:265096"
},
"product_reference": "CSAFPID-300517",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(3o) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-300741:265096"
},
"product_reference": "CSAFPID-300741",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(4a) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-300941:265091"
},
"product_reference": "CSAFPID-300941",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(4a) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-300941:265096"
},
"product_reference": "CSAFPID-300941",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(3p) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-300942:265096"
},
"product_reference": "CSAFPID-300942",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(4) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-301024:265091"
},
"product_reference": "CSAFPID-301024",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(4) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-301024:265096"
},
"product_reference": "CSAFPID-301024",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(3q) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-301106:265096"
},
"product_reference": "CSAFPID-301106",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(3x) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-301289:265096"
},
"product_reference": "CSAFPID-301289",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(4g) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-301720:265096"
},
"product_reference": "CSAFPID-301720",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(3r) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-302643:265096"
},
"product_reference": "CSAFPID-302643",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.3(4h) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-302884:265096"
},
"product_reference": "CSAFPID-302884",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.4(1) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-300515:265091"
},
"product_reference": "CSAFPID-300515",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.4(1) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-300515:265096"
},
"product_reference": "CSAFPID-300515",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.4(2) when installed on Cisco Nexus 3000 Series Switches",
"product_id": "CSAFPID-301115:265091"
},
"product_reference": "CSAFPID-301115",
"relates_to_product_reference": "CSAFPID-265091"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS Software 10.4(2) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-301115:265096"
},
"product_reference": "CSAFPID-301115",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS System Software in ACI Mode 16.0(2h) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-294809:265096"
},
"product_reference": "CSAFPID-294809",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS System Software in ACI Mode 16.0(2j) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-300257:265096"
},
"product_reference": "CSAFPID-300257",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS System Software in ACI Mode 16.0(3d) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-300266:265096"
},
"product_reference": "CSAFPID-300266",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS System Software in ACI Mode 16.0(3e) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-300744:265096"
},
"product_reference": "CSAFPID-300744",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS System Software in ACI Mode 16.0(4c) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-301160:265096"
},
"product_reference": "CSAFPID-301160",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS System Software in ACI Mode 16.0(5h) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-301280:265096"
},
"product_reference": "CSAFPID-301280",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS System Software in ACI Mode 16.0(3g) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-301729:265096"
},
"product_reference": "CSAFPID-301729",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS System Software in ACI Mode 16.0(5j) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-301742:265096"
},
"product_reference": "CSAFPID-301742",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS System Software in ACI Mode 16.0(6c) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-302636:265096"
},
"product_reference": "CSAFPID-302636",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS System Software in ACI Mode 16.0(7e) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-302836:265096"
},
"product_reference": "CSAFPID-302836",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS System Software in ACI Mode 16.0(8e) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-303022:265096"
},
"product_reference": "CSAFPID-303022",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS System Software in ACI Mode 16.0(8f) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-303066:265096"
},
"product_reference": "CSAFPID-303066",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS System Software in ACI Mode 16.0(9c) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-303335:265096"
},
"product_reference": "CSAFPID-303335",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS System Software in ACI Mode 16.0(9d) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-303891:265096"
},
"product_reference": "CSAFPID-303891",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS System Software in ACI Mode 16.0(6h) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-305298:265096"
},
"product_reference": "CSAFPID-305298",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS System Software in ACI Mode 16.0(8h) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-305306:265096"
},
"product_reference": "CSAFPID-305306",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS System Software in ACI Mode 16.1(1f) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-302689:265096"
},
"product_reference": "CSAFPID-302689",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS System Software in ACI Mode 16.1(2f) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-303136:265096"
},
"product_reference": "CSAFPID-303136",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS System Software in ACI Mode 16.1(2g) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-303182:265096"
},
"product_reference": "CSAFPID-303182",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS System Software in ACI Mode 16.1(3f) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-303772:265096"
},
"product_reference": "CSAFPID-303772",
"relates_to_product_reference": "CSAFPID-265096"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Cisco NX-OS System Software in ACI Mode 16.1(3g) when installed on Cisco Nexus 9000 Series Switches",
"product_id": "CSAFPID-306456:265096"
},
"product_reference": "CSAFPID-306456",
"relates_to_product_reference": "CSAFPID-265096"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-20010",
"ids": [
{
"system_name": "Cisco Bug ID",
"text": "CSCwq33193"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCwi75282"
},
{
"system_name": "Cisco Bug ID",
"text": "CSCwq60777"
}
],
"notes": [
{
"category": "other",
"text": "Complete.",
"title": "Affected Product Comprehensiveness"
}
],
"product_status": {
"known_affected": [
"CSAFPID-294809:265096",
"CSAFPID-300257:265096",
"CSAFPID-300266:265096",
"CSAFPID-300744:265096",
"CSAFPID-301160:265096",
"CSAFPID-301280:265096",
"CSAFPID-301729:265096",
"CSAFPID-301742:265096",
"CSAFPID-302636:265096",
"CSAFPID-302689:265096",
"CSAFPID-302836:265096",
"CSAFPID-303022:265096",
"CSAFPID-303066:265096",
"CSAFPID-303136:265096",
"CSAFPID-303182:265096",
"CSAFPID-303335:265096",
"CSAFPID-303772:265096",
"CSAFPID-303891:265096",
"CSAFPID-305298:265096",
"CSAFPID-305306:265096",
"CSAFPID-306456:265096",
"CSAFPID-289309:265091",
"CSAFPID-289309:265096",
"CSAFPID-292658:265091",
"CSAFPID-292658:265096",
"CSAFPID-295511:265091",
"CSAFPID-295511:265096",
"CSAFPID-299969:265096",
"CSAFPID-300515:265091",
"CSAFPID-300515:265096",
"CSAFPID-300516:265096",
"CSAFPID-300517:265096",
"CSAFPID-300741:265096",
"CSAFPID-300941:265091",
"CSAFPID-300941:265096",
"CSAFPID-300942:265096",
"CSAFPID-301024:265091",
"CSAFPID-301024:265096",
"CSAFPID-301106:265096",
"CSAFPID-301115:265091",
"CSAFPID-301115:265096",
"CSAFPID-301289:265096",
"CSAFPID-301720:265096",
"CSAFPID-302643:265096",
"CSAFPID-302884:265096",
"CSAFPID-112776"
]
},
"release_date": "2026-02-25T16:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Cisco has released software updates that address this vulnerability.",
"product_ids": [
"CSAFPID-289309:265091",
"CSAFPID-289309:265096",
"CSAFPID-292658:265091",
"CSAFPID-292658:265096",
"CSAFPID-295511:265091",
"CSAFPID-295511:265096",
"CSAFPID-299969:265096",
"CSAFPID-300515:265091",
"CSAFPID-300515:265096",
"CSAFPID-300516:265096",
"CSAFPID-300517:265096",
"CSAFPID-300741:265096",
"CSAFPID-300941:265091",
"CSAFPID-300941:265096",
"CSAFPID-300942:265096",
"CSAFPID-301024:265091",
"CSAFPID-301024:265096",
"CSAFPID-301106:265096",
"CSAFPID-301115:265091",
"CSAFPID-301115:265096",
"CSAFPID-301289:265096",
"CSAFPID-301720:265096",
"CSAFPID-302643:265096",
"CSAFPID-302884:265096",
"CSAFPID-112776",
"CSAFPID-294809:265096",
"CSAFPID-300257:265096",
"CSAFPID-300266:265096",
"CSAFPID-300744:265096",
"CSAFPID-301160:265096",
"CSAFPID-301280:265096",
"CSAFPID-301729:265096",
"CSAFPID-301742:265096",
"CSAFPID-302636:265096",
"CSAFPID-302689:265096",
"CSAFPID-302836:265096",
"CSAFPID-303022:265096",
"CSAFPID-303066:265096",
"CSAFPID-303136:265096",
"CSAFPID-303182:265096",
"CSAFPID-303335:265096",
"CSAFPID-303772:265096",
"CSAFPID-303891:265096",
"CSAFPID-305298:265096",
"CSAFPID-305306:265096",
"CSAFPID-306456:265096"
],
"url": "https://software.cisco.com"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-294809:265096",
"CSAFPID-300257:265096",
"CSAFPID-300266:265096",
"CSAFPID-300744:265096",
"CSAFPID-301160:265096",
"CSAFPID-301280:265096",
"CSAFPID-301729:265096",
"CSAFPID-301742:265096",
"CSAFPID-302636:265096",
"CSAFPID-302689:265096",
"CSAFPID-302836:265096",
"CSAFPID-303022:265096",
"CSAFPID-303066:265096",
"CSAFPID-303136:265096",
"CSAFPID-303182:265096",
"CSAFPID-303335:265096",
"CSAFPID-303772:265096",
"CSAFPID-303891:265096",
"CSAFPID-305298:265096",
"CSAFPID-305306:265096",
"CSAFPID-306456:265096",
"CSAFPID-289309:265091",
"CSAFPID-289309:265096",
"CSAFPID-292658:265091",
"CSAFPID-292658:265096",
"CSAFPID-295511:265091",
"CSAFPID-295511:265096",
"CSAFPID-299969:265096",
"CSAFPID-300515:265091",
"CSAFPID-300515:265096",
"CSAFPID-300516:265096",
"CSAFPID-300517:265096",
"CSAFPID-300741:265096",
"CSAFPID-300941:265091",
"CSAFPID-300941:265096",
"CSAFPID-300942:265096",
"CSAFPID-301024:265091",
"CSAFPID-301024:265096",
"CSAFPID-301106:265096",
"CSAFPID-301115:265091",
"CSAFPID-301115:265096",
"CSAFPID-301289:265096",
"CSAFPID-301720:265096",
"CSAFPID-302643:265096",
"CSAFPID-302884:265096",
"CSAFPID-112776"
]
}
],
"title": "Cisco Nexus 3000 and 9000 Series Switches Link Layer Discovery Protocol Denial of Service Vulnerability"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…