Improper access control in multiple Cisco products



Published: 2022-09-30 | Updated: 2022-12-12
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2021-27853
CWE-ID CWE-284
Exploitation vector Local network
Public exploit N/A
Vulnerable software
Subscribe 		Catalyst 6500 Series Switches
Other software / Other software solutions

Catalyst Digital Building Series Switches
Other software / Other software solutions

Cisco Catalyst 6800 Series Switches
Hardware solutions / Routers & switches, VoIP, GSM, etc

Industrial Ethernet Switches
Hardware solutions / Routers & switches, VoIP, GSM, etc

Micro Switches
Hardware solutions / Routers & switches, VoIP, GSM, etc

Catalyst 4500 IOS-XE Switches
Hardware solutions / Routers & switches, VoIP, GSM, etc

IOS XE Switches
Hardware solutions / Routers & switches, VoIP, GSM, etc

IOS XE Routers configured with Ethernet virtual circuits
Hardware solutions / Routers & switches, VoIP, GSM, etc

IOS XR Routers configured with L2 Transport services
Hardware solutions / Routers & switches, VoIP, GSM, etc

Cisco Meraki MS390
Hardware solutions / Routers & switches, VoIP, GSM, etc

Cisco Merak MS210
Hardware solutions / Routers & switches, VoIP, GSM, etc

Cisco Merak MS225
Hardware solutions / Routers & switches, VoIP, GSM, etc

Cisco Merak MS250
Hardware solutions / Routers & switches, VoIP, GSM, etc

Cisco Merak MS350
Hardware solutions / Routers & switches, VoIP, GSM, etc

Cisco Merak MS355
Hardware solutions / Routers & switches, VoIP, GSM, etc

Cisco Merak MS410
Hardware solutions / Routers & switches, VoIP, GSM, etc

Cisco Merak MS420
Hardware solutions / Routers & switches, VoIP, GSM, etc

Cisco Merak MS425
Hardware solutions / Routers & switches, VoIP, GSM, etc

Cisco Merak MS450
Hardware solutions / Routers & switches, VoIP, GSM, etc

Cisco Nexus 3000 Series Switches
Hardware solutions / Routers & switches, VoIP, GSM, etc

Nexus 5500 Platform Switches
Hardware solutions / Routers & switches, VoIP, GSM, etc

Nexus 5600 Platform Switches
Hardware solutions / Routers & switches, VoIP, GSM, etc

Nexus 6000 Series Switches
Hardware solutions / Routers & switches, VoIP, GSM, etc

Nexus 7000 Series Switches
Hardware solutions / Routers & switches, VoIP, GSM, etc

Cisco Nexus 9000 Series Switches
Hardware solutions / Routers & switches, VoIP, GSM, etc

Cisco 250 Series Smart Switches
Hardware solutions / Routers & switches, VoIP, GSM, etc

Cisco 350 Series Managed Switches
Hardware solutions / Routers & switches, VoIP, GSM, etc

Cisco 350X Series Stackable Managed Switches
Hardware solutions / Routers & switches, VoIP, GSM, etc

Cisco 550X Series Stackable Managed Switches
Hardware solutions / Routers & switches, VoIP, GSM, etc

Vendor Cisco Systems, Inc

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Improper access control

EUVDB-ID: #VU67768

Risk: Low

CVSSv3.1: 4.1 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-27853

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions in the Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection. A remote attacker on the local network can bypass the FHS feature on the target device.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Catalyst 6500 Series Switches: All versions

Cisco Catalyst 6800 Series Switches: All versions

Catalyst Digital Building Series Switches: All versions

Industrial Ethernet Switches: All versions

Micro Switches: All versions

Catalyst 4500 IOS-XE Switches: All versions

IOS XE Switches: 17.3.3 - Bengaluru-17.6.1

IOS XE Routers configured with Ethernet virtual circuits: All versions

IOS XR Routers configured with L2 Transport services: All versions

Cisco Meraki MS390: All versions

Cisco Merak MS210: All versions

Cisco Merak MS225: All versions

Cisco Merak MS250: All versions

Cisco Merak MS350: All versions

Cisco Merak MS355: All versions

Cisco Merak MS410: All versions

Cisco Merak MS420: All versions

Cisco Merak MS425: All versions

Cisco Merak MS450: All versions

Cisco Nexus 3000 Series Switches: All versions

Nexus 5500 Platform Switches: All versions

Nexus 5600 Platform Switches: All versions

Nexus 6000 Series Switches: All versions

Nexus 7000 Series Switches: All versions

Cisco Nexus 9000 Series Switches: All versions

Cisco 250 Series Smart Switches: All versions

Cisco 350 Series Managed Switches: All versions

Cisco 350X Series Stackable Managed Switches: All versions

Cisco 550X Series Stackable Managed Switches: All versions

External links

http://blog.champtar.fr/VLAN0_LLC_SNAP/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###