CVE-2021-27853 — MEDIUM (4.7)

Q: What is CVE-2021-27853?

CVE-2021-27853 is a vulnerability with a CVSS score of 4.7 (MEDIUM). Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers.

Q: How severe is CVE-2021-27853?

CVE-2021-27853 has been rated MEDIUM with a CVSS base score of 4.7/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2021-27853?

Check the references section above for vendor advisories and patch information. Affected products include: Ieee Ieee 802.2, Ietf P802.1Q, Cisco Catalyst 6503-E Firmware, Cisco Catalyst 6503-E, Cisco Catalyst 6504-E Firmware.

Vulnerability Description

Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers.

CVSS Score

4.7

MEDIUM

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality

NONE

Integrity

LOW

Availability

NONE

Affected Products

Vendor	Product	Versions
Ieee	Ieee 802.2	<= 802.2h-1997
Ietf	P802.1Q	<= d1.0
Cisco	Catalyst 6503-E Firmware	15.5\(01.01.85\)sy07
Cisco	Catalyst 6503-E	-
Cisco	Catalyst 6504-E Firmware	15.5\(01.01.85\)sy07
Cisco	Catalyst 6504-E	-
Cisco	Catalyst 6506-E Firmware	15.5\(01.01.85\)sy07
Cisco	Catalyst 6506-E	-
Cisco	Catalyst 6509-E Firmware	15.5\(01.01.85\)sy07
Cisco	Catalyst 6509-E	-
Cisco	Catalyst 6509-Neb-A Firmware	15.5\(01.01.85\)sy07
Cisco	Catalyst 6509-Neb-A	-
Cisco	Catalyst 6509-V-E Firmware	15.5\(01.01.85\)sy07
Cisco	Catalyst 6509-V-E	-
Cisco	Catalyst 6513-E Firmware	15.5\(01.01.85\)sy07
Cisco	Catalyst 6513-E	-
Cisco	Catalyst 6807-Xl Firmware	15.5\(01.01.85\)sy07
Cisco	Catalyst 6807-Xl	-
Cisco	Catalyst 6840-X Firmware	15.5\(01.01.85\)sy07
Cisco	Catalyst 6840-X	-

Related Weaknesses (CWE)

CWE-290

References

https://blog.champtar.fr/VLAN0_LLC_SNAP/ExploitThird Party Advisory
https://datatracker.ietf.org/doc/draft-ietf-v6ops-ra-guard/08/Technical DescriptionThird Party Advisory
https://kb.cert.org/vuls/id/855201Third Party AdvisoryUS Government Resource
https://standards.ieee.org/ieee/802.1Q/10323/Vendor Advisory
https://standards.ieee.org/ieee/802.2/1048/Vendor Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-VThird Party Advisory
https://blog.champtar.fr/VLAN0_LLC_SNAP/ExploitThird Party Advisory
https://datatracker.ietf.org/doc/draft-ietf-v6ops-ra-guard/08/Technical DescriptionThird Party Advisory
https://kb.cert.org/vuls/id/855201Third Party AdvisoryUS Government Resource
https://standards.ieee.org/ieee/802.1Q/10323/Vendor Advisory
https://standards.ieee.org/ieee/802.2/1048/Vendor Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-VThird Party Advisory
https://www.kb.cert.org/vuls/id/855201

FAQ

What is CVE-2021-27853?

CVE-2021-27853 is a vulnerability with a CVSS score of 4.7 (MEDIUM). Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers.

How severe is CVE-2021-27853?

CVE-2021-27853 has been rated MEDIUM with a CVSS base score of 4.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-27853?

Check the references section above for vendor advisories and patch information. Affected products include: Ieee Ieee 802.2, Ietf P802.1Q, Cisco Catalyst 6503-E Firmware, Cisco Catalyst 6503-E, Cisco Catalyst 6504-E Firmware.