Vulnerability-Lookup

BDU:2022-05987

Vulnerability from fstec - Published: 27.09.2022

Title

Уязвимость реализации протокола инкапсуляции Ethernet, связанная с возможностью объединения заголовков, позволяющая нарушителю вызвать отказ в обслуживании или реализовать атаку «человек посередине» (MITM)

Description

Уязвимость реализации протокола инкапсуляции Ethernet связана с возможностью объединения заголовков. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, вызвать отказ в обслуживании или реализовать атаку «человек посередине» (MITM)

Severity ?


                    
                      AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Vendor

Cisco Systems Inc., Juniper Networks Inc.

Software Name

NX-OS, Cisco IOS, Cisco IOS XE, MS390, MS210, MS225, MS250, MS350, MS355, MS410, MS420, MS425, MS450, Business 250 Series Smart Switches, Business 350 Series Managed Switches, Cisco 350X Series Managed Switches, Cisco Small Business 550X Series, JunOS

Software Version

- (NX-OS), - (Cisco IOS), - (Cisco IOS XE), - (MS390), - (MS210), - (MS225), - (MS250), - (MS350), - (MS355), - (MS410), - (MS420), - (MS425), - (MS450), - (Business 250 Series Smart Switches), - (Business 350 Series Managed Switches), - (Cisco 350X Series Managed Switches), - (Cisco Small Business 550X Series), до 21.2R3-S3 (JunOS), до 21.3R3-S1 (JunOS), до 21.4R2-S2 (JunOS), до 21.4R3 (JunOS), до 22.1R1-S2 (JunOS), до 22.1R2 (JunOS), до 22.1R3 (JunOS), до 22.2R2 (JunOS), до 22.3R1 (JunOS), до 22.1R3-EVO (JunOS), до 22.2R2-EVO (JunOS), до 22.3R1-EVO (JunOS), до 22.4R1-EVO (JunOS)

Possible Mitigations

Установка обновлений из доверенных источников. В связи со сложившейся обстановкой и введенными санкциями против Российской Федерации рекомендуется устанавливать обновления программного обеспечения только после оценки всех сопутствующих рисков. Компенсирующие меры: - настройка оборудования на отказ в приеме пакетов, для которых невозможно определить поле «Ethertype» с использованием списка контроля доступа ACL. Использование рекомендаций: https://kb.cert.org/vuls/id/855201 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-VU855201-J3z8CKTX

Reference

https://datatracker.ietf.org/doc/draft-ietf-v6ops-ra-guard/08/ https://standards.ieee.org/ieee/802.1Q/10323/ https://standards.ieee.org/ieee/802.2/1048/ https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-VU855201-J3z8CKTX https://kb.cert.org/vuls/id/855201 https://blog.champtar.fr/VLAN0_LLC_SNAP/

CWE

CWE-290

JSON

To clipboard

{
  "CVSS 2.0": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
  "CVSS 3.0": "AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Cisco Systems Inc., Juniper Networks Inc.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "- (NX-OS), - (Cisco IOS), - (Cisco IOS XE), - (MS390), - (MS210), - (MS225), - (MS250), - (MS350), - (MS355), - (MS410), - (MS420), - (MS425), - (MS450), - (Business 250 Series Smart Switches), - (Business 350 Series Managed Switches), - (Cisco 350X Series Managed Switches), - (Cisco Small Business 550X Series), \u0434\u043e 21.2R3-S3 (JunOS), \u0434\u043e 21.3R3-S1 (JunOS), \u0434\u043e 21.4R2-S2 (JunOS), \u0434\u043e 21.4R3 (JunOS), \u0434\u043e 22.1R1-S2 (JunOS), \u0434\u043e 22.1R2 (JunOS), \u0434\u043e 22.1R3 (JunOS), \u0434\u043e 22.2R2 (JunOS), \u0434\u043e 22.3R1 (JunOS), \u0434\u043e 22.1R3-EVO (JunOS), \u0434\u043e 22.2R2-EVO (JunOS), \u0434\u043e 22.3R1-EVO (JunOS), \u0434\u043e 22.4R1-EVO (JunOS)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0438\u0437 \u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u043e\u0432.\n\u0412 \u0441\u0432\u044f\u0437\u0438 \u0441\u043e \u0441\u043b\u043e\u0436\u0438\u0432\u0448\u0435\u0439\u0441\u044f \u043e\u0431\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u043e\u0439 \u0438 \u0432\u0432\u0435\u0434\u0435\u043d\u043d\u044b\u043c\u0438 \u0441\u0430\u043d\u043a\u0446\u0438\u044f\u043c\u0438 \u043f\u0440\u043e\u0442\u0438\u0432 \u0420\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u043e\u0439 \u0424\u0435\u0434\u0435\u0440\u0430\u0446\u0438\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u0441\u043b\u0435 \u043e\u0446\u0435\u043d\u043a\u0438 \u0432\u0441\u0435\u0445 \u0441\u043e\u043f\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0445 \u0440\u0438\u0441\u043a\u043e\u0432.\n\n\u041a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b:\n- \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u043d\u0430 \u043e\u0442\u043a\u0430\u0437 \u0432 \u043f\u0440\u0438\u0435\u043c\u0435 \u043f\u0430\u043a\u0435\u0442\u043e\u0432, \u0434\u043b\u044f \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0438\u0442\u044c \u043f\u043e\u043b\u0435 \u00abEthertype\u00bb \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0441\u043f\u0438\u0441\u043a\u0430 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 ACL.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://kb.cert.org/vuls/id/855201\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-VU855201-J3z8CKTX",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "27.09.2022",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "13.09.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "28.09.2022",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2022-05987",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2021-27853",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "NX-OS, Cisco IOS, Cisco IOS XE, MS390, MS210, MS225, MS250, MS350, MS355, MS410, MS420, MS425, MS450, Business 250 Series Smart Switches, Business 350 Series Managed Switches, Cisco 350X Series Managed Switches, Cisco Small Business 550X Series, JunOS",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Cisco Systems Inc. NX-OS - Nexus 9000 Series in Standalone NX-OS Mode, Cisco Systems Inc. Cisco IOS - Cisco Catalyst 6500, Cisco Systems Inc. Cisco IOS - Cisco Catalyst 6800 Series, Cisco Systems Inc. Cisco IOS - Catalyst Digital Building Series Switches, Cisco Systems Inc. Cisco IOS - Industrial Ethernet Switches, Cisco Systems Inc. Cisco IOS - Micro Switches, Cisco Systems Inc. Cisco IOS XE - Cisco Catalyst 4500 Series, Cisco Systems Inc. Cisco IOS XE - IOS XE Switches, Cisco Systems Inc. NX-OS - Cisco Nexus 3000 Series, Cisco Systems Inc. NX-OS - Cisco Nexus 5500 Platform Switches, Cisco Systems Inc. NX-OS - Cisco Nexus 5600 Platform Switches, Cisco Systems Inc. NX-OS - Cisco Nexus 6000 Series Switches, Cisco Systems Inc. NX-OS - Cisco Nexus 7000 Series Switches, Juniper Networks Inc. JunOS \u0434\u043e 21.2R3-S3 , Juniper Networks Inc. JunOS \u0434\u043e 21.3R3-S1 , Juniper Networks Inc. JunOS \u0434\u043e 21.4R2-S2 , Juniper Networks Inc. JunOS \u0434\u043e 21.4R3 , Juniper Networks Inc. JunOS \u0434\u043e 22.1R1-S2 , Juniper Networks Inc. JunOS \u0434\u043e 22.1R2 , Juniper Networks Inc. JunOS \u0434\u043e 22.1R3 , Juniper Networks Inc. JunOS \u0434\u043e 22.2R2 , Juniper Networks Inc. JunOS \u0434\u043e 22.3R1 , Juniper Networks Inc. JunOS \u0434\u043e 22.1R3-EVO , Juniper Networks Inc. JunOS \u0434\u043e 22.2R2-EVO , Juniper Networks Inc. JunOS \u0434\u043e 22.3R1-EVO , Juniper Networks Inc. JunOS \u0434\u043e 22.4R1-EVO ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 \u0438\u043d\u043a\u0430\u043f\u0441\u0443\u043b\u044f\u0446\u0438\u0438 Ethernet, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c\u044e \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u043e\u0432, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u0438\u043b\u0438 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c \u0430\u0442\u0430\u043a\u0443 \u00ab\u0447\u0435\u043b\u043e\u0432\u0435\u043a \u043f\u043e\u0441\u0435\u0440\u0435\u0434\u0438\u043d\u0435\u00bb (MITM)",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041e\u0431\u0445\u043e\u0434 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e\u043c \u0441\u043f\u0443\u0444\u0438\u043d\u0433\u0430 (CWE-290)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 \u0438\u043d\u043a\u0430\u043f\u0441\u0443\u043b\u044f\u0446\u0438\u0438 Ethernet \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c\u044e \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u043e\u0432. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u0438\u043b\u0438 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c \u0430\u0442\u0430\u043a\u0443 \u00ab\u0447\u0435\u043b\u043e\u0432\u0435\u043a \u043f\u043e\u0441\u0435\u0440\u0435\u0434\u0438\u043d\u0435\u00bb (MITM)",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://datatracker.ietf.org/doc/draft-ietf-v6ops-ra-guard/08/\t\nhttps://standards.ieee.org/ieee/802.1Q/10323/\t\nhttps://standards.ieee.org/ieee/802.2/1048/\t\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-VU855201-J3z8CKTX\nhttps://kb.cert.org/vuls/id/855201\nhttps://blog.champtar.fr/VLAN0_LLC_SNAP/",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u041e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e, \u041f\u041e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-290",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041d\u0438\u0437\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 3,3)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,7)"
}

CVE-2021-27853 (GCVE-0-2021-27853)

Vulnerability from cvelistv5 – Published: 2022-09-27 17:55 – Updated: 2025-11-04 19:12

Title

L2 network filtering can be bypassed using stacked VLAN0 and LLC/SNAP headers

Summary

Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers.

Severity ?

4.7 (Medium)


                        
                          CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-290 - Authentication Bypass by Spoofing

Assigner

certcc

References

URL

Tags

	https://datatracker.ietf.org/doc/draft-ietf-v6ops…
	https://standards.ieee.org/ieee/802.2/1048/
	https://standards.ieee.org/ieee/802.1Q/10323/
	https://tools.cisco.com/security/center/content/C…	vendor-advisory
	https://kb.cert.org/vuls/id/855201
	https://blog.champtar.fr/VLAN0_LLC_SNAP/

Impacted products

Vendor

Product

Version

IEEE

802.2

Affected: 802.2h-1997 , ≤ 802.2h-1997 (custom)

	IETF	draft-ietf-v6ops-ra-guard	Affected: 08 , ≤ 08 (custom)
	IETF	P802.1Q	Affected: D1.0 , ≤ D1.0 (custom)

Date Public ?

2022-09-27 00:00

Credits

Etienne Champetier (@champtar) <champetier.etienne@gmail.com>

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T19:12:25.432Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://datatracker.ietf.org/doc/draft-ietf-v6ops-ra-guard/08/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://standards.ieee.org/ieee/802.2/1048/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://standards.ieee.org/ieee/802.1Q/10323/"
          },
          {
            "name": "20220927 Vulnerabilities in Layer 2 Network Security Controls Affecting Cisco Products: September 2022",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-VU855201-J3z8CKTX"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://kb.cert.org/vuls/id/855201"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://blog.champtar.fr/VLAN0_LLC_SNAP/"
          },
          {
            "url": "https://www.kb.cert.org/vuls/id/855201"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "ADJACENT_NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 4.7,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "LOW",
              "privilegesRequired": "NONE",
              "scope": "CHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-27853",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-21T15:26:49.324466Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-21T15:27:39.621Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "802.2",
          "vendor": "IEEE",
          "versions": [
            {
              "lessThanOrEqual": "802.2h-1997",
              "status": "affected",
              "version": "802.2h-1997",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "draft-ietf-v6ops-ra-guard",
          "vendor": "IETF",
          "versions": [
            {
              "lessThanOrEqual": "08",
              "status": "affected",
              "version": "08",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "P802.1Q",
          "vendor": "IETF",
          "versions": [
            {
              "lessThanOrEqual": "D1.0",
              "status": "affected",
              "version": "D1.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Etienne Champetier (@champtar) \u003cchampetier.etienne@gmail.com\u003e"
        }
      ],
      "datePublic": "2022-09-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-290",
              "description": "CWE-290: Authentication Bypass by Spoofing",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-10-12T00:00:00.000Z",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "url": "https://datatracker.ietf.org/doc/draft-ietf-v6ops-ra-guard/08/"
        },
        {
          "url": "https://standards.ieee.org/ieee/802.2/1048/"
        },
        {
          "url": "https://standards.ieee.org/ieee/802.1Q/10323/"
        },
        {
          "name": "20220927 Vulnerabilities in Layer 2 Network Security Controls Affecting Cisco Products: September 2022",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-VU855201-J3z8CKTX"
        },
        {
          "url": "https://kb.cert.org/vuls/id/855201"
        },
        {
          "url": "https://blog.champtar.fr/VLAN0_LLC_SNAP/"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "L2 network filtering can be bypassed using stacked VLAN0 and LLC/SNAP headers"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2021-27853",
    "datePublished": "2022-09-27T17:55:09.203Z",
    "dateReserved": "2021-03-01T00:00:00.000Z",
    "dateUpdated": "2025-11-04T19:12:25.432Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

BDU:2022-05987

CVE-2021-27853 (GCVE-0-2021-27853)

Tags

Sightings

Nomenclature