VYPR
Medium severity6.5NVD Advisory· Published Jun 1, 2021· Updated Jun 17, 2026

CVE-2021-26111

CVE-2021-26111

Description

A missing release of memory after effective lifetime vulnerability in FortiSwitch 6.4.0 to 6.4.6, 6.2.0 to 6.2.6, 6.0.0 to 6.0.6, 3.6.11 and below may allow an attacker on an adjacent network to exhaust available memory by sending specifically crafted LLDP/CDP/EDP packets to the device.

Affected products

2
  • Fortinet/FortiSwitch GUIllm-fuzzy2 versions
    6.4.0 to 6.4.6, 6.2.0 to 6.2.6, 6.0.0 to 6.0.6, 3.6.11 and below+ 1 more
    • (no CPE)range: 6.4.0 to 6.4.6, 6.2.0 to 6.2.6, 6.0.0 to 6.0.6, 3.6.11 and below
    • (no CPE)range: FortiSwitch 6.4.0 to 6.4.6, 6.2.0 to 6.2.6, 6.0.0 to 6.0.6, 3.6.11 and below

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.