Vulnerability identifier: #VU67769
Vulnerability risk: Low
CVSSv3.1: 4.3 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N/E:U/RL:U/RC:C]
CVE-ID:
CWE-ID:
CWE-284
Exploitation vector: Local network
Exploit availability: No
Vulnerable software:
Catalyst 6500 Series Switches
Other software /
Other software solutions
Catalyst Digital Building Series Switches
Other software /
Other software solutions
Cisco Catalyst 6800 Series Switches
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Micro Switches
Hardware solutions /
Routers & switches, VoIP, GSM, etc
IOS XR Routers configured with L2 Transport services
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Cisco Merak MS210
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Cisco Merak MS225
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Cisco Merak MS250
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Cisco Merak MS350
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Cisco Merak MS355
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Cisco Merak MS410
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Cisco Merak MS420
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Cisco Merak MS425
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Cisco Merak MS450
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Cisco Nexus 3000 Series Switches
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Nexus 5500 Platform Switches
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Nexus 5600 Platform Switches
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Nexus 6000 Series Switches
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Nexus 7000 Series Switches
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Cisco Nexus 9000 Series Switches
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Cisco 250 Series Smart Switches
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Cisco 350 Series Managed Switches
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Cisco 350X Series Stackable Managed Switches
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Cisco 550X Series Stackable Managed Switches
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Vendor: Cisco Systems, Inc
Description
The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to insufficient validation of SNAP/LLC Ethernet frames. A remote attacker on the local network can bypass the FHS feature of the target device.
Mitigation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versions
Catalyst 6500 Series Switches: All versions
Cisco Catalyst 6800 Series Switches: All versions
Catalyst Digital Building Series Switches: All versions
Micro Switches: All versions
IOS XR Routers configured with L2 Transport services: All versions
Cisco Merak MS210: All versions
Cisco Merak MS225: All versions
Cisco Merak MS250: All versions
Cisco Merak MS350: All versions
Cisco Merak MS355: All versions
Cisco Merak MS410: All versions
Cisco Merak MS420: All versions
Cisco Merak MS425: All versions
Cisco Merak MS450: All versions
Cisco Nexus 3000 Series Switches: All versions
Nexus 5500 Platform Switches: All versions
Nexus 5600 Platform Switches: All versions
Nexus 6000 Series Switches: All versions
Nexus 7000 Series Switches: All versions
Cisco Nexus 9000 Series Switches: All versions
Cisco 250 Series Smart Switches: All versions
Cisco 350 Series Managed Switches: All versions
Cisco 350X Series Stackable Managed Switches: All versions
Cisco 550X Series Stackable Managed Switches: All versions
External links
http://blog.champtar.fr/VLAN0_LLC_SNAP/
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.