Attackers with knowledge of how Cisco Discovery Protocol (CDP) works could
find ways to take advantage of the clear text CDP packets to gain knowledge of
edge of the network. The CDP runs at Layer 2 and allows Cisco devices to
identify themselves to other Cisco devices. However, the information sent
through CDP is transmitted in clear text and unauthenticated. Utilizing a
packet analyzer, attackers could glean information about the network device
from CDP advertisements.
– 
CDP is necessary for management applications and cannot be disabled without
impairing some network-management applications. However, CDP can be selectively
disabled on interfaces where management is not being performed.