Vulnerability identifier: #VU67768
Vulnerability risk: Low
CVSSv3.1: 4.1 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-284
Exploitation vector: Local network
Exploit availability: No
Vulnerable software:
Catalyst 6500 Series Switches
Other software /
Other software solutions
Catalyst Digital Building Series Switches
Other software /
Other software solutions
Cisco Catalyst 6800 Series Switches
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Industrial Ethernet Switches
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Micro Switches
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Catalyst 4500 IOS-XE Switches
Hardware solutions /
Routers & switches, VoIP, GSM, etc
IOS XE Switches
Hardware solutions /
Routers & switches, VoIP, GSM, etc
IOS XE Routers configured with Ethernet virtual circuits
Hardware solutions /
Routers & switches, VoIP, GSM, etc
IOS XR Routers configured with L2 Transport services
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Cisco Meraki MS390
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Cisco Merak MS210
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Cisco Merak MS225
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Cisco Merak MS250
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Cisco Merak MS350
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Cisco Merak MS355
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Cisco Merak MS410
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Cisco Merak MS420
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Cisco Merak MS425
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Cisco Merak MS450
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Cisco Nexus 3000 Series Switches
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Nexus 5500 Platform Switches
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Nexus 5600 Platform Switches
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Nexus 6000 Series Switches
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Nexus 7000 Series Switches
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Cisco Nexus 9000 Series Switches
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Cisco 250 Series Smart Switches
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Cisco 350 Series Managed Switches
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Cisco 350X Series Stackable Managed Switches
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Cisco 550X Series Stackable Managed Switches
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Vendor: Cisco Systems, Inc
Description
The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions in the Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection. A remote attacker on the local network can bypass the FHS feature on the target device.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Catalyst 6500 Series Switches: All versions
Cisco Catalyst 6800 Series Switches: All versions
Catalyst Digital Building Series Switches: All versions
Industrial Ethernet Switches: All versions
Micro Switches: All versions
Catalyst 4500 IOS-XE Switches: All versions
IOS XE Switches: 17.3.3 - Bengaluru-17.6.1
IOS XE Routers configured with Ethernet virtual circuits: All versions
IOS XR Routers configured with L2 Transport services: All versions
Cisco Meraki MS390: All versions
Cisco Merak MS210: All versions
Cisco Merak MS225: All versions
Cisco Merak MS250: All versions
Cisco Merak MS350: All versions
Cisco Merak MS355: All versions
Cisco Merak MS410: All versions
Cisco Merak MS420: All versions
Cisco Merak MS425: All versions
Cisco Merak MS450: All versions
Cisco Nexus 3000 Series Switches: All versions
Nexus 5500 Platform Switches: All versions
Nexus 5600 Platform Switches: All versions
Nexus 6000 Series Switches: All versions
Nexus 7000 Series Switches: All versions
Cisco Nexus 9000 Series Switches: All versions
Cisco 250 Series Smart Switches: All versions
Cisco 350 Series Managed Switches: All versions
Cisco 350X Series Stackable Managed Switches: All versions
Cisco 550X Series Stackable Managed Switches: All versions
External links
http://blog.champtar.fr/VLAN0_LLC_SNAP/
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.