vulnerability

Cisco XE: CVE-2021-27853: Vulnerabilities in Layer 2 Network Security Controls Affecting Cisco Products: September 2022

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
3	(AV:A/AC:L/Au:N/C:N/I:P/A:N)	Sep 27, 2022	Oct 17, 2025	Oct 17, 2025

Severity

CVSS

(AV:A/AC:L/Au:N/C:N/I:P/A:N)

Published

Sep 27, 2022

Added

Oct 17, 2025

Modified

Oct 17, 2025

Description

Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers.

Solution

cisco-xe-update-latest

References

CVE-2021-27853
https://attackerkb.com/topics/CVE-2021-27853
URL-https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-VU855201-J3z8CKTX
CISCO-cisco-sa-VU855201-J3z8CKTX
CWE-290

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today