Vulnerabilites related to IEEE - 802.2
cve-2021-27862
Vulnerability from cvelistv5
Published
2022-09-27 18:40
Modified
2024-09-16 20:43
Severity ?
EPSS score ?
Summary
Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length and Ethernet to Wifi frame conversion (and optionally VLAN0 headers).
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | IEEE | 802.2 |
Version: 802.2h-1997 < |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T21:33:15.798Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://datatracker.ietf.org/doc/draft-ietf-v6ops-ra-guard/08/", }, { tags: [ "x_transferred", ], url: "https://standards.ieee.org/ieee/802.2/1048/", }, { tags: [ "x_transferred", ], url: "https://kb.cert.org/vuls/id/855201", }, { tags: [ "x_transferred", ], url: "https://blog.champtar.fr/VLAN0_LLC_SNAP/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "802.2", vendor: "IEEE", versions: [ { lessThanOrEqual: "802.2h-1997", status: "affected", version: "802.2h-1997", versionType: "custom", }, ], }, { product: "draft-ietf-v6ops-ra-guard-08", vendor: "IETF", versions: [ { lessThanOrEqual: "08", status: "affected", version: "08", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Etienne Champetier (@champtar) <champetier.etienne@gmail.com>", }, ], datePublic: "2022-09-27T00:00:00", descriptions: [ { lang: "en", value: "Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length and Ethernet to Wifi frame conversion (and optionally VLAN0 headers).", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-130", description: "CWE-130 Improper Handling of Length Parameter", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-290", description: "CWE-290: Authentication Bypass by Spoofing", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-12T00:00:00", orgId: "37e5125f-f79b-445b-8fad-9564f167944b", shortName: "certcc", }, references: [ { url: "https://datatracker.ietf.org/doc/draft-ietf-v6ops-ra-guard/08/", }, { url: "https://standards.ieee.org/ieee/802.2/1048/", }, { url: "https://kb.cert.org/vuls/id/855201", }, { url: "https://blog.champtar.fr/VLAN0_LLC_SNAP/", }, ], source: { discovery: "EXTERNAL", }, title: "L2 network filtering bypass using stacked VLAN0 and LLC/SNAP headers with an invalid length during Ethernet to Wifi frame translation", }, }, cveMetadata: { assignerOrgId: "37e5125f-f79b-445b-8fad-9564f167944b", assignerShortName: "certcc", cveId: "CVE-2021-27862", datePublished: "2022-09-27T18:40:14.712076Z", dateReserved: "2021-03-01T00:00:00", dateUpdated: "2024-09-16T20:43:01.727Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-27861
Vulnerability from cvelistv5
Published
2022-09-27 18:40
Modified
2024-09-16 16:47
Severity ?
EPSS score ?
Summary
Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length (and optionally VLAN0 headers)
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T21:33:17.074Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://datatracker.ietf.org/doc/draft-ietf-v6ops-ra-guard/08/", }, { tags: [ "x_transferred", ], url: "https://standards.ieee.org/ieee/802.2/1048/", }, { tags: [ "x_transferred", ], url: "https://standards.ieee.org/ieee/802.1Q/10323/", }, { tags: [ "x_transferred", ], url: "https://kb.cert.org/vuls/id/855201", }, { tags: [ "x_transferred", ], url: "https://blog.champtar.fr/VLAN0_LLC_SNAP/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "802.2", vendor: "IEEE", versions: [ { lessThanOrEqual: "802.2h-1997", status: "affected", version: "802.2h-1997", versionType: "custom", }, ], }, { product: "draft-ietf-v6ops-ra-guard", vendor: "IETF", versions: [ { lessThanOrEqual: "08", status: "affected", version: "08", versionType: "custom", }, ], }, { product: "P802.1Q", vendor: "IETF", versions: [ { lessThanOrEqual: "D1.0", status: "affected", version: "D1.0", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Etienne Champetier (@champtar) <champetier.etienne@gmail.com>", }, ], datePublic: "2022-09-27T00:00:00", descriptions: [ { lang: "en", value: "Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length (and optionally VLAN0 headers)", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-130", description: "CWE-130 Improper Handling of Length Parameter", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-290", description: "CWE-290: Authentication Bypass by Spoofing", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-12T00:00:00", orgId: "37e5125f-f79b-445b-8fad-9564f167944b", shortName: "certcc", }, references: [ { url: "https://datatracker.ietf.org/doc/draft-ietf-v6ops-ra-guard/08/", }, { url: "https://standards.ieee.org/ieee/802.2/1048/", }, { url: "https://standards.ieee.org/ieee/802.1Q/10323/", }, { url: "https://kb.cert.org/vuls/id/855201", }, { url: "https://blog.champtar.fr/VLAN0_LLC_SNAP/", }, ], source: { discovery: "EXTERNAL", }, title: "L2 network filtering bypass using stacked VLAN0 and LLC/SNAP headers with invalid lengths", }, }, cveMetadata: { assignerOrgId: "37e5125f-f79b-445b-8fad-9564f167944b", assignerShortName: "certcc", cveId: "CVE-2021-27861", datePublished: "2022-09-27T18:40:13.742316Z", dateReserved: "2021-03-01T00:00:00", dateUpdated: "2024-09-16T16:47:46.467Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-27854
Vulnerability from cvelistv5
Published
2022-09-27 18:40
Modified
2024-09-17 02:06
Severity ?
EPSS score ?
Summary
Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using combinations of VLAN 0 headers, LLC/SNAP headers, and converting frames from Ethernet to Wifi and its reverse.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T21:33:15.949Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://datatracker.ietf.org/doc/draft-ietf-v6ops-ra-guard/08/", }, { tags: [ "x_transferred", ], url: "https://standards.ieee.org/ieee/802.2/1048/", }, { tags: [ "x_transferred", ], url: "https://standards.ieee.org/ieee/802.1Q/10323/", }, { tags: [ "x_transferred", ], url: "https://kb.cert.org/vuls/id/855201", }, { tags: [ "x_transferred", ], url: "https://blog.champtar.fr/VLAN0_LLC_SNAP/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "P802.1Q", vendor: "IETF", versions: [ { lessThanOrEqual: "D1.0", status: "affected", version: "D1.0", versionType: "custom", }, ], }, { product: "draft-ietf-v6ops-ra-guard", vendor: "IETF", versions: [ { lessThanOrEqual: "08", status: "affected", version: "08", versionType: "custom", }, ], }, { product: "802.2", vendor: "IEEE", versions: [ { lessThanOrEqual: "802.2h-1997", status: "affected", version: "802.2h-1997", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Etienne Champetier (@champtar) <champetier.etienne@gmail.com>", }, ], datePublic: "2022-09-27T00:00:00", descriptions: [ { lang: "en", value: "Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using combinations of VLAN 0 headers, LLC/SNAP headers, and converting frames from Ethernet to Wifi and its reverse.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-290", description: "CWE-290: Authentication Bypass by Spoofing", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-12T00:00:00", orgId: "37e5125f-f79b-445b-8fad-9564f167944b", shortName: "certcc", }, references: [ { url: "https://datatracker.ietf.org/doc/draft-ietf-v6ops-ra-guard/08/", }, { url: "https://standards.ieee.org/ieee/802.2/1048/", }, { url: "https://standards.ieee.org/ieee/802.1Q/10323/", }, { url: "https://kb.cert.org/vuls/id/855201", }, { url: "https://blog.champtar.fr/VLAN0_LLC_SNAP/", }, ], source: { discovery: "EXTERNAL", }, title: "L2 network filtering bypass using stacked VLAN0, LLC/SNAP headers, and Ethernet to Wifi frame translation", }, }, cveMetadata: { assignerOrgId: "37e5125f-f79b-445b-8fad-9564f167944b", assignerShortName: "certcc", cveId: "CVE-2021-27854", datePublished: "2022-09-27T18:40:12.738763Z", dateReserved: "2021-03-01T00:00:00", dateUpdated: "2024-09-17T02:06:05.625Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-27853
Vulnerability from cvelistv5
Published
2022-09-27 17:55
Modified
2024-09-16 19:30
Severity ?
EPSS score ?
Summary
Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T21:33:15.902Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://datatracker.ietf.org/doc/draft-ietf-v6ops-ra-guard/08/", }, { tags: [ "x_transferred", ], url: "https://standards.ieee.org/ieee/802.2/1048/", }, { tags: [ "x_transferred", ], url: "https://standards.ieee.org/ieee/802.1Q/10323/", }, { name: "20220927 Vulnerabilities in Layer 2 Network Security Controls Affecting Cisco Products: September 2022", tags: [ "vendor-advisory", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-VU855201-J3z8CKTX", }, { tags: [ "x_transferred", ], url: "https://kb.cert.org/vuls/id/855201", }, { tags: [ "x_transferred", ], url: "https://blog.champtar.fr/VLAN0_LLC_SNAP/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "802.2", vendor: "IEEE", versions: [ { lessThanOrEqual: "802.2h-1997", status: "affected", version: "802.2h-1997", versionType: "custom", }, ], }, { product: "draft-ietf-v6ops-ra-guard", vendor: "IETF", versions: [ { lessThanOrEqual: "08", status: "affected", version: "08", versionType: "custom", }, ], }, { product: "P802.1Q", vendor: "IETF", versions: [ { lessThanOrEqual: "D1.0", status: "affected", version: "D1.0", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Etienne Champetier (@champtar) <champetier.etienne@gmail.com>", }, ], datePublic: "2022-09-27T00:00:00", descriptions: [ { lang: "en", value: "Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-290", description: "CWE-290: Authentication Bypass by Spoofing", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-12T00:00:00", orgId: "37e5125f-f79b-445b-8fad-9564f167944b", shortName: "certcc", }, references: [ { url: "https://datatracker.ietf.org/doc/draft-ietf-v6ops-ra-guard/08/", }, { url: "https://standards.ieee.org/ieee/802.2/1048/", }, { url: "https://standards.ieee.org/ieee/802.1Q/10323/", }, { name: "20220927 Vulnerabilities in Layer 2 Network Security Controls Affecting Cisco Products: September 2022", tags: [ "vendor-advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-VU855201-J3z8CKTX", }, { url: "https://kb.cert.org/vuls/id/855201", }, { url: "https://blog.champtar.fr/VLAN0_LLC_SNAP/", }, ], source: { discovery: "EXTERNAL", }, title: "L2 network filtering can be bypassed using stacked VLAN0 and LLC/SNAP headers", }, }, cveMetadata: { assignerOrgId: "37e5125f-f79b-445b-8fad-9564f167944b", assignerShortName: "certcc", cveId: "CVE-2021-27853", datePublished: "2022-09-27T17:55:09.203402Z", dateReserved: "2021-03-01T00:00:00", dateUpdated: "2024-09-16T19:30:07.552Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
var-202209-1859
Vulnerability from variot
Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers. Layer-2 (L2) network security controls provided by various devices, such as switches, routers, and operating systems, can be bypassed by stacking Ethernet protocol headers. An attacker can send crafted packets through vulnerable devices to cause Denial-of-service (DoS) or to perform a man-in-the-middle (MitM) attack against a target network.CVE-2021-27853 Affected CVE-2021-27854 Affected CVE-2021-27861 Affected CVE-2021-27862 AffectedCVE-2021-27853 Affected CVE-2021-27854 Affected CVE-2021-27861 Affected CVE-2021-27862 Affected. IEEE of ieee 802.2 Products from multiple other vendors contain vulnerabilities related to authentication bypass through spoofing.Information may be tampered with
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202209-1859", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "nexus 9736pq", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "nexus 92348gc-x", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "nexus x9636q-r", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "nexus 9236c", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "sg500-52p", scope: "eq", trust: 1, vendor: "cisco", version: "3.0.0.61", }, { model: "nexus 93120tx", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "n9k-x9464px", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "nexus 93180yc-ex", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "n9k-c9316d-gx", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "meraki ms450", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "n9k-x9736c-fx", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "802.2", scope: "lte", trust: 1, vendor: "ieee", version: "802.2h-1997", }, { model: "sg500-28mpp", scope: "eq", trust: 1, vendor: "cisco", version: "3.0.0.61", }, { model: "n9k-x9732c-fx", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "sg500x-48mpp", scope: "eq", trust: 1, vendor: "cisco", version: "3.0.0.61", }, { model: "catalyst 6504-e", scope: "eq", trust: 1, vendor: "cisco", version: "15.5\\(01.01.85\\)sy07", }, { model: "nexus 93108tc-fx3p", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "nexus 9364c-gx", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "n9k-x9636c-r", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "nexus 9332c", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "nexus 9508", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "sg500x-24", scope: "eq", trust: 1, vendor: "cisco", version: "3.0.0.61", }, { model: "nexus 9516", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "sg500-28", scope: "eq", trust: 1, vendor: "cisco", version: "3.0.0.61", }, { model: "n9k-c9364d-gx2a", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "sf500-24", scope: "eq", trust: 1, vendor: "cisco", version: "3.0.0.61", }, { model: "sg500-28p", scope: "eq", trust: 1, vendor: "cisco", version: "3.0.0.61", }, { model: "meraki ms420", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "nexus 93240yc-fx2", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "catalyst 6800ia", scope: "eq", trust: 1, vendor: "cisco", version: "15.5\\(01.01.85\\)sy07", }, { model: "n9k-x9564px", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "meraki ms410", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "n9k-x9432c-s", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "n9k-c9348d-gx2a", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "nexus 93216tc-fx2", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "n9k-c9332d-gx2b", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "meraki ms350", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "catalyst c6832-x-le", scope: "eq", trust: 1, vendor: "cisco", version: "15.5\\(01.01.85\\)sy07", }, { model: "nexus 93108tc-fx", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "sf500-48mp", scope: "eq", trust: 1, vendor: "cisco", version: "3.0.0.61", }, { model: "sg500x-24mpp", scope: "eq", trust: 1, vendor: "cisco", version: "3.0.0.61", }, { model: "n9k-x97160yc-ex", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "meraki ms355", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "catalyst 6840-x", scope: "eq", trust: 1, vendor: "cisco", version: "15.5\\(01.01.85\\)sy07", }, { model: "n9k-x9464tx2", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "catalyst 6509-v-e", scope: "eq", trust: 1, vendor: "cisco", version: "15.5\\(01.01.85\\)sy07", }, { model: "catalyst c6816-x-le", scope: "eq", trust: 1, vendor: "cisco", version: "15.5\\(01.01.85\\)sy07", }, { model: "nexus 9336c-fx2", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "nexus 92300yc", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "sf500-18p", scope: "eq", trust: 1, vendor: "cisco", version: "3.0.0.61", }, { model: "sf-500-24mp", scope: "eq", trust: 1, vendor: "cisco", version: "3.0.0.61", }, { model: "sg500x-48", scope: "eq", trust: 1, vendor: "cisco", version: "3.0.0.61", }, { model: "nexus 92304qc", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "nexus 9800", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "sg500-52mp", scope: "eq", trust: 1, vendor: "cisco", version: "3.0.0.61", }, { model: "p802.1q", scope: "lte", trust: 1, vendor: "ietf", version: "d1.0", }, { model: "n9k-x9788tc-fx", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "nexus 9716d-gx", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "nexus 9504", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "nexus 92160yc-x", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "nexus 93180yc-fx3", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "n9k-x9564tx", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "catalyst 6503-e", scope: "eq", trust: 1, vendor: "cisco", version: "15.5\\(01.01.85\\)sy07", }, { model: "sf500-24p", scope: "eq", trust: 1, vendor: "cisco", version: "3.0.0.61", }, { model: "catalyst 6807-xl", scope: "eq", trust: 1, vendor: "cisco", version: "15.5\\(01.01.85\\)sy07", }, { model: "nexus 9272q", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "sg500x-24p", scope: "eq", trust: 1, vendor: "cisco", version: "3.0.0.61", }, { model: "meraki ms425", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "15.2\\(07\\)e03", }, { model: "nexus 93180yc-fx", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "17.3.3", }, { model: "meraki ms210", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "n9k-x9736c-ex", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "meraki ms390", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "catalyst c6824-x-le-40g", scope: "eq", trust: 1, vendor: "cisco", version: "15.5\\(01.01.85\\)sy07", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "17.6.1", }, { model: "nexus 9432pq", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "n9k-x9636c-rx", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "sf500-48", scope: "eq", trust: 1, vendor: "cisco", version: "3.0.0.61", }, { model: "catalyst 6509-neb-a", scope: "eq", trust: 1, vendor: "cisco", version: "15.5\\(01.01.85\\)sy07", }, { model: "catalyst 6880-x", scope: "eq", trust: 1, vendor: "cisco", version: "15.5\\(01.01.85\\)sy07", }, { model: "catalyst 6506-e", scope: "eq", trust: 1, vendor: "cisco", version: "15.5\\(01.01.85\\)sy07", }, { model: "n9k-c93600cd-gx", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "nexus 9536pq", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "17.4.1", }, { model: "n9k-x9732c-ex", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "catalyst 6509-e", scope: "eq", trust: 1, vendor: "cisco", version: "15.5\\(01.01.85\\)sy07", }, { model: "meraki ms250", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "catalyst c6840-x-le-40g", scope: "eq", trust: 1, vendor: "cisco", version: "15.5\\(01.01.85\\)sy07", }, { model: "sg500x-48p", scope: "eq", trust: 1, vendor: "cisco", version: "3.0.0.61", }, { model: "nexus 9336c-fx2-e", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "catalyst 6513-e", scope: "eq", trust: 1, vendor: "cisco", version: "15.5\\(01.01.85\\)sy07", }, { model: "nexus 9364c", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "sg500-52", scope: "eq", trust: 1, vendor: "cisco", version: "3.0.0.61", }, { model: "nexus 93108tc-ex", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "meraki ms225", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "nexus 9348gc-fxp", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "nexus 93360yc-fx2", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "nexus 9636pq", scope: "eq", trust: 1, vendor: "cisco", version: "9.3\\(5\\)", }, { model: "ios xe", scope: "eq", trust: 1, vendor: "cisco", version: "15.2\\(07\\)e02", }, { model: "cisco ios xe", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "802.2", scope: null, trust: 0.8, vendor: "ieee", version: null, }, { model: "catalyst 6509-e", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "catalyst 6840-x", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "catalyst 6509-neb-a", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "catalyst 6506-e", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "catalyst c6816-x-le", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "ios xe", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "catalyst c6824-x-le-40g", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "catalyst 6509-v-e", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "p802.1q", scope: null, trust: 0.8, vendor: "インターネット技術タスクフォース ietf", version: null, }, { model: "catalyst 6880-x", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "catalyst 6807-xl", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "catalyst c6832-x-le", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "catalyst 6800ia", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "catalyst c6840-x-le-40g", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "catalyst 6503-e", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "catalyst 6504-e", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "catalyst 6513-e", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-020376", }, { db: "NVD", id: "CVE-2021-27853", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "This document was written by Timur Snoke.Statement Date: September 27, 2022", sources: [ { db: "CERT/CC", id: "VU#855201", }, ], trust: 0.8, }, cve: "CVE-2021-27853", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "ADJACENT", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", exploitabilityScore: 2.8, id: "CVE-2021-27853", impactScore: 1.4, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Adjacent Network", author: "NVD", availabilityImpact: "None", baseScore: 4.7, baseSeverity: "Medium", confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2021-27853", impactScore: null, integrityImpact: "Low", privilegesRequired: "None", scope: "Changed", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-27853", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2021-27853", trust: 0.8, value: "Medium", }, { author: "CNNVD", id: "CNNVD-202209-2794", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-020376", }, { db: "CNNVD", id: "CNNVD-202209-2794", }, { db: "NVD", id: "CVE-2021-27853", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers. Layer-2 (L2) network security controls provided by various devices, such as switches, routers, and operating systems, can be bypassed by stacking Ethernet protocol headers. An attacker can send crafted packets through vulnerable devices to cause Denial-of-service (DoS) or to perform a man-in-the-middle (MitM) attack against a target network.CVE-2021-27853 Affected\nCVE-2021-27854 Affected\nCVE-2021-27861 Affected\nCVE-2021-27862 AffectedCVE-2021-27853 Affected\nCVE-2021-27854 Affected\nCVE-2021-27861 Affected\nCVE-2021-27862 Affected. IEEE of ieee 802.2 Products from multiple other vendors contain vulnerabilities related to authentication bypass through spoofing.Information may be tampered with", sources: [ { db: "NVD", id: "CVE-2021-27853", }, { db: "CERT/CC", id: "VU#855201", }, { db: "JVNDB", id: "JVNDB-2021-020376", }, { db: "VULMON", id: "CVE-2021-27853", }, ], trust: 2.43, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-27853", trust: 4.1, }, { db: "CERT/CC", id: "VU#855201", trust: 3.2, }, { db: "JVNDB", id: "JVNDB-2021-020376", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2022.4805", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202209-2794", trust: 0.6, }, { db: "VULMON", id: "CVE-2021-27853", trust: 0.1, }, ], sources: [ { db: "CERT/CC", id: "VU#855201", }, { db: "VULMON", id: "CVE-2021-27853", }, { db: "JVNDB", id: "JVNDB-2021-020376", }, { db: "CNNVD", id: "CNNVD-202209-2794", }, { db: "NVD", id: "CVE-2021-27853", }, ], }, id: "VAR-202209-1859", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 1, }, last_update_date: "2024-08-14T13:21:41.300000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "draft-ietf-v6ops-ra-guard-08 Cisco Systems Cisco Security Advisory", trust: 0.8, url: "https://standards.ieee.org/ieee/802.1Q/10323/", }, { title: "Multiple Cisco Product security vulnerabilities", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=209667", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-020376", }, { db: "CNNVD", id: "CNNVD-202209-2794", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-290", trust: 1, }, { problemtype: "Avoid authentication by spoofing (CWE-290) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-020376", }, { db: "NVD", id: "CVE-2021-27853", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.4, url: "https://blog.champtar.fr/vlan0_llc_snap/", }, { trust: 2.4, url: "https://kb.cert.org/vuls/id/855201", }, { trust: 1.7, url: "https://standards.ieee.org/ieee/802.2/1048/", }, { trust: 1.7, url: "https://datatracker.ietf.org/doc/draft-ietf-v6ops-ra-guard/08/", }, { trust: 1.7, url: "https://standards.ieee.org/ieee/802.1q/10323/", }, { trust: 1.7, url: "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-vu855201-j3z8cktx", }, { trust: 0.8, url: "https://jvn.jp/ta/jvnta96784241/", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2021-27853", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2021-27853/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2022.4805", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/cisco-juniper-ingress-filtrering-bypass-via-layer-2-39380", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULMON", id: "CVE-2021-27853", }, { db: "JVNDB", id: "JVNDB-2021-020376", }, { db: "CNNVD", id: "CNNVD-202209-2794", }, { db: "NVD", id: "CVE-2021-27853", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CERT/CC", id: "VU#855201", }, { db: "VULMON", id: "CVE-2021-27853", }, { db: "JVNDB", id: "JVNDB-2021-020376", }, { db: "CNNVD", id: "CNNVD-202209-2794", }, { db: "NVD", id: "CVE-2021-27853", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-09-27T00:00:00", db: "CERT/CC", id: "VU#855201", }, { date: "2022-09-27T00:00:00", db: "VULMON", id: "CVE-2021-27853", }, { date: "2023-10-20T00:00:00", db: "JVNDB", id: "JVNDB-2021-020376", }, { date: "2022-09-27T00:00:00", db: "CNNVD", id: "CNNVD-202209-2794", }, { date: "2022-09-27T18:15:09.527000", db: "NVD", id: "CVE-2021-27853", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-10-03T00:00:00", db: "CERT/CC", id: "VU#855201", }, { date: "2022-09-27T00:00:00", db: "VULMON", id: "CVE-2021-27853", }, { date: "2023-10-20T06:17:00", db: "JVNDB", id: "JVNDB-2021-020376", }, { date: "2022-10-13T00:00:00", db: "CNNVD", id: "CNNVD-202209-2794", }, { date: "2022-11-16T17:26:33.420000", db: "NVD", id: "CVE-2021-27853", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote or local", sources: [ { db: "CNNVD", id: "CNNVD-202209-2794", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "L2 network security controls can be bypassed using VLAN 0 stacking and/or 802.3 headers", sources: [ { db: "CERT/CC", id: "VU#855201", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202209-2794", }, ], trust: 0.6, }, }