Cisco has published security advisories detailing vulnerabilities in multiple products, including Cisco APIC, Cloud Network Controller, and Nexus 9000 Series Fabric Switches.
One of the vulnerabilities involves a memory leak in the Link Layer Discovery Protocol (LLDP) feature for Cisco Nexus switches, which could result in an unexpected device reload caused by a stream of crafted LLDP packets.
Another vulnerability pertains to insufficient cross-site request forgery (CSRF) protections for the web-based management interface of Cisco APIC and Cloud Network Controller, potentially allowing attackers to perform arbitrary actions with the privilege level of affected users.
Cisco has released software updates to address these vulnerabilities.
