CVE-2021-27861: CISCO
CISCO, IOS
CVE-2021-27861
Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length(and optionally VLAN0 headers)
True
False
You can find more insights and intelligence on this CVE at: https://vi.loginsoft.com/app/cve/CVE-2021-27861
To ascertain the vulnerable conditions and product versions deemed affected, issue the following commands and look for its associated as stated. If one more conditions matches then we can consider it as affected.
show version
Cisco IOS Software
show version
WS-C65[0-9]{2}
show version
WS-C68[0-9]{2}
show version
WS-C3650-[0-9]{1,2}
show version
WS-C3850-[0-9]{2}
show version
C9200[d]
show version
C9300[d]
show version
C9400[d]
show version
C9500[d]
show version
C9600[d]
15.5(01.01.85)SY07
15.2(07)E02
https://standards.ieee.org/ieee/802.1Q/10323/
https://datatracker.ietf.org/doc/draft-ietf-v6ops-ra-guard/08/
https://standards.ieee.org/ieee/802.2/1048/
https://blog.champtar.fr/VLAN0_LLC_SNAP/
https://kb.cert.org/vuls/id/855201
Get in touch with us to explore how our Security Content Suite can optimize vulnerability management for your needs.
IN-HOUSE EXPERTISE
Get practical solutions to real-world challenges, straight from experts who conquered them.
View all our articles