Security Bulletin
This security bulletin contains one low risk vulnerability.
EUVDB-ID: #VU67769
Risk: Low
CVSSv3.1: 4.3 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-27861
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to insufficient validation of SNAP/LLC Ethernet frames. A remote attacker on the local network can bypass the FHS feature of the target device.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsCatalyst 6500 Series Switches: All versions
Cisco Catalyst 6800 Series Switches: All versions
Catalyst Digital Building Series Switches: All versions
Micro Switches: All versions
IOS XR Routers configured with L2 Transport services: All versions
Cisco Merak MS210: All versions
Cisco Merak MS225: All versions
Cisco Merak MS250: All versions
Cisco Merak MS350: All versions
Cisco Merak MS355: All versions
Cisco Merak MS410: All versions
Cisco Merak MS420: All versions
Cisco Merak MS425: All versions
Cisco Merak MS450: All versions
Cisco Nexus 3000 Series Switches: All versions
Nexus 5500 Platform Switches: All versions
Nexus 5600 Platform Switches: All versions
Nexus 6000 Series Switches: All versions
Nexus 7000 Series Switches: All versions
Cisco Nexus 9000 Series Switches: All versions
Cisco 250 Series Smart Switches: All versions
Cisco 350 Series Managed Switches: All versions
Cisco 350X Series Stackable Managed Switches: All versions
Cisco 550X Series Stackable Managed Switches: All versions
External linkshttp://blog.champtar.fr/VLAN0_LLC_SNAP/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.