Data centers using Cisco routers with the IOS XR software need to be on alert. Cisco issued a warning last week that attackers were actively exploiting a vulnerability in the Cisco Discovery Protocol, part of a set of vulnerabilities called CDPwn.
Cisco recommended that customers upgrade to a fixed version of the software.
“There are no workarounds that address this vulnerability,” the company said in its alert. However, a patch has been available since February.
The vulnerability affects a Layer 2 protocol, meaning the attackers need to be in the same domain.