CVE-2021-27861: CISCO

Title

CVE-2021-27861: CISCO

Tags

CISCO, IOS

CVE

CVE-2021-27861

‍

NVD Description

Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length(and optionally VLAN0 headers)

Exploit Available

True

Abused by Malware

False

‍

You can find more insights and intelligence on this CVE at: https://vi.loginsoft.com/app/cve/CVE-2021-27861

Vulnerable Condition

To ascertain the vulnerable conditions and product versions deemed affected, issue the following commands and look for its associated as stated. If one more conditions matches then we can consider it as affected.

‍

Command Instructions:

COMMAND:

show version

‍

STDOUT:

Cisco IOS Software

‍

COMMAND:

show version

‍

STDOUT:

WS-C65[0-9]{2}

‍

COMMAND:

show version

‍

STDOUT:

WS-C68[0-9]{2}

‍

COMMAND:

show version

‍

STDOUT:

WS-C3650-[0-9]{1,2}

‍

COMMAND:

show version

‍

STDOUT:

WS-C3850-[0-9]{2}

‍

COMMAND:

show version

‍

STDOUT:

C9200[d]

‍

COMMAND:

show version

‍

STDOUT:

C9300[d]

‍

COMMAND:

show version

‍

STDOUT:

C9400[d]

‍

COMMAND:

show version

‍

STDOUT:

C9500[d]

‍

COMMAND:

show version

‍

STDOUT:

C9600[d]

‍

Affected Versions:

15.5(01.01.85)SY07

15.2(07)E02

‍

References:

https://standards.ieee.org/ieee/802.1Q/10323/

https://datatracker.ietf.org/doc/draft-ietf-v6ops-ra-guard/08/

https://standards.ieee.org/ieee/802.2/1048/

https://blog.champtar.fr/VLAN0_LLC_SNAP/

https://kb.cert.org/vuls/id/855201

‍

Get in touch with us to explore how our Security Content Suite can optimize vulnerability management for your needs.

‍