Medium severity6.5NVD Advisory· Published Jun 1, 2021· Updated Jun 17, 2026
CVE-2021-26111
CVE-2021-26111
Description
A missing release of memory after effective lifetime vulnerability in FortiSwitch 6.4.0 to 6.4.6, 6.2.0 to 6.2.6, 6.0.0 to 6.0.6, 3.6.11 and below may allow an attacker on an adjacent network to exhaust available memory by sending specifically crafted LLDP/CDP/EDP packets to the device.
Affected products
26.4.0 to 6.4.6, 6.2.0 to 6.2.6, 6.0.0 to 6.0.6, 3.6.11 and below+ 1 more
- (no CPE)range: 6.4.0 to 6.4.6, 6.2.0 to 6.2.6, 6.0.0 to 6.0.6, 3.6.11 and below
- (no CPE)range: FortiSwitch 6.4.0 to 6.4.6, 6.2.0 to 6.2.6, 6.0.0 to 6.0.6, 3.6.11 and below
Patches
Vulnerability mechanics
References
1- fortiguard.com/advisory/FG-IR-21-026nvdVendor Advisory
News mentions
0No linked articles in our index yet.