#VU67769 Improper access control in Cisco Systems, Inc products - CVE-2021-27861

Vulnerability identifier: #VU67769

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2021-27861

CWE-ID: CWE-284

Exploitation vector: Adjecent network

Exploit availability: No public exploit available

Vulnerable software:
Catalyst 6500 Series Switches
Catalyst Digital Building Series Switches
Cisco Catalyst 6800 Series Switches
Micro Switches
IOS XR Routers configured with L2 Transport services
Cisco Merak MS210
Cisco Merak MS225
Cisco Merak MS250
Cisco Merak MS350
Cisco Merak MS355
Cisco Merak MS410
Cisco Merak MS420
Cisco Merak MS425
Cisco Merak MS450
Cisco Nexus 3000 Series Switches
Nexus 5500 Platform Switches
Nexus 5600 Platform Switches
Nexus 6000 Series Switches
Nexus 7000 Series Switches
Cisco Nexus 9000 Series Switches
Cisco 250 Series Smart Switches
Cisco 350 Series Managed Switches
Cisco 350X Series Stackable Managed Switches
Cisco 550X Series Stackable Managed Switches

Software vendor:
Cisco Systems, Inc

The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to insufficient validation of SNAP/LLC Ethernet frames. A remote attacker on the local network can bypass the FHS feature of the target device.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

• https://blog.champtar.fr/VLAN0_LLC_SNAP/