vulnerability

Cisco IOS: CVE-2021-27861: Vulnerabilities in Layer 2 Network Security Controls Affecting Cisco Products: September 2022

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
3	(AV:A/AC:L/Au:N/C:N/I:P/A:N)	Sep 27, 2022	Jan 21, 2026	Jan 21, 2026

Severity

CVSS

(AV:A/AC:L/Au:N/C:N/I:P/A:N)

Published

Sep 27, 2022

Added

Jan 21, 2026

Modified

Jan 21, 2026

Description

Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length (and optionally VLAN0 headers)

Solution

cisco-ios-upgrade-latest

References

CVE-2021-27861
https://attackerkb.com/topics/CVE-2021-27861
URL-https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-VU855201-J3z8CKTX
CISCO-cisco-sa-VU855201-J3z8CKTX
CWE-130
CWE-290

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today