Hello all!
There is a cdp vulnerability which is described in CVE-2020-3120. Concerned are N9K switches.
It says: "To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent)."
But what exactly does that mean? In the same Layer2 domain as the management interface or any interface?
Because our N9K has a lot of SVIs which acts as client gateways. So there are clients in that broadcast domain.
But no clients are physically connected to that N9K.
I'm confused. Help is much appreciated.
Thank you.