CVE-2021-26111 is a vulnerability in Fortinet Fortiswitch
Published on June 1, 2021

A missing release of memory after effective lifetime vulnerability in FortiSwitch 6.4.0 to 6.4.6, 6.2.0 to 6.2.6, 6.0.0 to 6.0.6, 3.6.11 and below may allow an attacker on an adjacent network to exhaust available memory by sending specifically crafted LLDP/CDP/EDP packets to the device.

NVD

Vulnerability Analysis

Attack Vector:

ADJACENT_NETWORK

Attack Complexity:

LOW

Privileges Required:

NONE

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

NONE

Integrity Impact:

NONE

Availability Impact:

HIGH

Products Associated with CVE-2021-26111

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2021-26111 are published in Fortinet Fortiswitch:

Fortinet Fortiswitch

Affected Versions

Fortinet FortiSwitch Version FortiSwitch 6.4.0 to 6.4.6, 6.2.0 to 6.2.6, 6.0.0 to 6.0.6, 3.6.11 and below is affected by CVE-2021-26111

Exploit Probability

EPSS

0.11%

Percentile

28.99%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2021-26111 is a vulnerability in Fortinet FortiswitchPublished on June 1, 2021

Vulnerability Analysis

Products Associated with CVE-2021-26111

Affected Versions

Exploit Probability

CVE-2021-26111 is a vulnerability in Fortinet Fortiswitch
Published on June 1, 2021