vulnerability
Cisco IOS-XR: CVE-2021-27861: Vulnerabilities in Layer 2 Network Security Controls Affecting Cisco Products: September 2022
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 3 | (AV:A/AC:L/Au:N/C:N/I:P/A:N) | 2022-09-27 | 2022-09-30 | 2025-05-22 |
Severity
3
CVSS
(AV:A/AC:L/Au:N/C:N/I:P/A:N)
Published
2022-09-27
Added
2022-09-30
Modified
2025-05-22
Description
Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers.
Solution
update-xros
References
- CVE-2021-27853
- https://attackerkb.com/topics/CVE-2021-27853
- CVE-2021-27854
- https://attackerkb.com/topics/CVE-2021-27854
- CVE-2021-27861
- https://attackerkb.com/topics/CVE-2021-27861
- CVE-2021-27862
- https://attackerkb.com/topics/CVE-2021-27862
- URL-https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-VU855201-J3z8CKTX
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.