Lucene search

[email protected]NVD:CVE-2021-27861

HistorySep 27, 2022 - 7:15 p.m.

CVE-2021-27861

2022-09-2719:15:09

CWE-290

CWE-130

[email protected]

web.nvd.nist.gov

cve-2021-27861

network filtering

ipv6 ra guard

llc/snap headers

vlan0 headers

4.7 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

0.001 Low

EPSS

Percentile

39.4%

JSON

Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length (and optionally VLAN0 headers)

Affected configurations

NVD

Node

ieeeieee_802.2Range≤802.2h-1997

Node

ietfp802.1qRange≤d1.0

References

blog.champtar.fr/VLAN0_LLC_SNAP/

datatracker.ietf.org/doc/draft-ietf-v6ops-ra-guard/08/

kb.cert.org/vuls/id/855201

standards.ieee.org/ieee/802.1Q/10323/

standards.ieee.org/ieee/802.2/1048/

4.7 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

0.001 Low

EPSS

Percentile

39.4%

JSON

Related for NVD:CVE-2021-27861

cve1 redhatcve1 cvelist1 prion1 arista1 f51 cisco1 cert1