Critical Cisco ‘CDPwn’ Protocol Flaws Explained: Podcast

2020-02-05 16:00

Researchers on Wednesday disclosed five critical vulnerabilities in Cisco Discovery Protocol, the Cisco Proprietary Layer 2 network protocol that is used to discover information about locally attached Cisco equipment.

Every device, Cisco device, sends packets from time to time saying, 'Hi, my IP address is this, My name is this, my operating system is this' and all kinds of information and they collect the Cisco devices' information about one another, about their neighbors.

Then when you have all kinds of Cisco management products, you're able to view all the Cisco devices in your network.

So you asked about the wide array of devices impacted by this and that's true; you find this in the Cisco switches and routers; IP phones from Cisco; and these are devices that have a complete hold on the market in these fields.

BS: Yeah so actually, what piqued our interest for looking into this was a Cisco security advisory published around two years ago, that detailed some vulnerabilities that they found in LDP, which is another Discovery Protocol - not CDP protocol - but another Discovery Protocol, pretty similar to CDP. And this advisory mentioned that Cisco found some bugs that could lead to denial of service in a wider array of devices.

News URL

https://threatpost.com/behind-cdpwn-discovering-critical-cisco-protocol-flaws/152530/

#cisco #critical #podcast

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Cisco		4448	233	3131	1876	610	5850
Protocol		12	0	4	13	0	17

News URL

Related news

Related vendor