Lucene search

[email protected]NVD:CVE-2021-27862

HistorySep 27, 2022 - 7:15 p.m.

CVE-2021-27862

2022-09-2719:15:09

CWE-290

CWE-130

[email protected]

web.nvd.nist.gov

cve-2021-27862

network filtering bypass

llc/snap headers

ethernet to wifi

vlan0 headers

4.7 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

0.001 Low

EPSS

Percentile

32.3%

JSON

Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length and Ethernet to Wifi frame conversion (and optionally VLAN0 headers).

Affected configurations

NVD

Node

ieeeieee_802.2Range≤802.2h-1997

Node

ietfp802.1qRange≤d1.0

References

blog.champtar.fr/VLAN0_LLC_SNAP/

datatracker.ietf.org/doc/draft-ietf-v6ops-ra-guard/08/

kb.cert.org/vuls/id/855201

standards.ieee.org/ieee/802.2/1048/

4.7 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

0.001 Low

EPSS

Percentile

32.3%

JSON

Related for NVD:CVE-2021-27862

cve1 cvelist1 redhatcve1 prion1 cisco1 f51 arista1 cert1