medium
4.7
CWE
290
Advisory Published
Updated

CVE-2021-27853: L2 network filtering can be bypassed using stacked VLAN0 and LLC/SNAP headers

First published: Tue Sep 27 2022(Updated: )

Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers.

Credit: cret@cert.org

Affected SoftwareAffected VersionHow to fix
Ieee Ieee 802.2<=802.2h-1997
Ietf P802.1q<=d1.0
Cisco Catalyst 6503-e Firmware=15.5\(01.01.85\)sy07
Cisco Catalyst 6503-e
Cisco Catalyst 6504-e Firmware=15.5\(01.01.85\)sy07
Cisco Catalyst 6504-e
Cisco Catalyst 6506-e Firmware=15.5\(01.01.85\)sy07
Cisco Catalyst 6506-e
Cisco Catalyst 6509-e Firmware=15.5\(01.01.85\)sy07
Cisco Catalyst 6509-e
Cisco Catalyst 6509-neb-a Firmware=15.5\(01.01.85\)sy07
Cisco Catalyst 6509-neb-a
Cisco Catalyst 6509-v-e Firmware=15.5\(01.01.85\)sy07
Cisco Catalyst 6509-v-e
Cisco Catalyst 6513-e Firmware=15.5\(01.01.85\)sy07
Cisco Catalyst 6513-e
Cisco Catalyst 6807-xl Firmware=15.5\(01.01.85\)sy07
Cisco Catalyst 6807-xl
Cisco Catalyst 6840-x Firmware=15.5\(01.01.85\)sy07
Cisco Catalyst 6840-x
Cisco Catalyst 6880-x Firmware=15.5\(01.01.85\)sy07
Cisco Catalyst 6880-x
Cisco Catalyst C6816-x-le Firmware=15.5\(01.01.85\)sy07
Cisco Catalyst C6816-x-le
Cisco Catalyst C6824-x-le-40g Firmware=15.5\(01.01.85\)sy07
Cisco Catalyst C6824-x-le-40g
Cisco Catalyst C6832-x-le Firmware=15.5\(01.01.85\)sy07
Cisco Catalyst C6832-x-le
Cisco Catalyst C6840-x-le-40g Firmware=15.5\(01.01.85\)sy07
Cisco Catalyst C6840-x-le-40g
Cisco Catalyst 6800ia Firmware=15.5\(01.01.85\)sy07
Cisco Catalyst 6800ia
Cisco IOS XE=17.3.3
Cisco IOS XE=15.2\(07\)e02
Cisco IOS XE=15.2\(07\)e03
Cisco IOS XE=17.4.1
Cisco IOS XE=17.6.1
Cisco Catalyst 3650-12x48fd-e
Cisco Catalyst 3650-12x48fd-l
Cisco Catalyst 3650-12x48fd-s
Cisco Catalyst 3650-12x48uq-e
Cisco Catalyst 3650-12x48uq-l
Cisco Catalyst 3650-12x48uq-s
Cisco Catalyst 3650-12x48ur-e
Cisco Catalyst 3650-12x48ur-l
Cisco Catalyst 3650-12x48ur-s
Cisco Catalyst 3650-12x48uz-e
Cisco Catalyst 3650-12x48uz-l
Cisco Catalyst 3650-12x48uz-s
Cisco Catalyst 3650-24pd-e
Cisco Catalyst 3650-24pd-l
Cisco Catalyst 3650-24pd-s
Cisco Catalyst 3650-24pdm-e
Cisco Catalyst 3650-24pdm-l
Cisco Catalyst 3650-24pdm-s
Cisco Catalyst 3650-24ps-e
Cisco Catalyst 3650-24ps-l
Cisco Catalyst 3650-24ps-s
Cisco Catalyst 3650-24td-e
Cisco Catalyst 3650-24td-l
Cisco Catalyst 3650-24td-s
Cisco Catalyst 3650-24ts-e
Cisco Catalyst 3650-24ts-l
Cisco Catalyst 3650-24ts-s
Cisco Catalyst 3650-48fd-e
Cisco Catalyst 3650-48fd-l
Cisco Catalyst 3650-48fd-s
Cisco Catalyst 3650-48fq-e
Cisco Catalyst 3650-48fq-l
Cisco Catalyst 3650-48fq-s
Cisco Catalyst 3650-48fqm-e
Cisco Catalyst 3650-48fqm-l
Cisco Catalyst 3650-48fqm-s
Cisco Catalyst 3650-48fs-e
Cisco Catalyst 3650-48fs-l
Cisco Catalyst 3650-48fs-s
Cisco Catalyst 3650-48pd-e
Cisco Catalyst 3650-48pd-l
Cisco Catalyst 3650-48pd-s
Cisco Catalyst 3650-48pq-e
Cisco Catalyst 3650-48pq-l
Cisco Catalyst 3650-48pq-s
Cisco Catalyst 3650-48ps-e
Cisco Catalyst 3650-48ps-l
Cisco Catalyst 3650-48ps-s
Cisco Catalyst 3650-48td-e
Cisco Catalyst 3650-48td-l
Cisco Catalyst 3650-48td-s
Cisco Catalyst 3650-48tq-e
Cisco Catalyst 3650-48tq-l
Cisco Catalyst 3650-48tq-s
Cisco Catalyst 3650-48ts-e
Cisco Catalyst 3650-48ts-l
Cisco Catalyst 3650-48ts-s
Cisco Catalyst 3650-8x24pd-e
Cisco Catalyst 3650-8x24pd-l
Cisco Catalyst 3650-8x24pd-s
Cisco Catalyst 3650-8x24uq-e
Cisco Catalyst 3650-8x24uq-l
Cisco Catalyst 3650-8x24uq-s
Cisco Catalyst 3850-12s-e
Cisco Catalyst 3850-12s-s
Cisco Catalyst 3850-12xs-e
Cisco Catalyst 3850-12xs-s
Cisco Catalyst 3850-16xs-e
Cisco Catalyst 3850-16xs-s
Cisco Catalyst 3850-24p-e
Cisco Catalyst 3850-24p-l
Cisco Catalyst 3850-24pw-s
Cisco Catalyst 3850-24s-e
Cisco Catalyst 3850-24s-s
Cisco Catalyst 3850-24t-e
Cisco Catalyst 3850-24t-l
Cisco Catalyst 3850-24t-s
Cisco Catalyst 3850-24u-e
Cisco Catalyst 3850-24u-l
Cisco Catalyst 3850-24u-s
Cisco Catalyst 3850-24xs-e
Cisco Catalyst 3850-24xs-s
Cisco Catalyst 3850-24xu-e
Cisco Catalyst 3850-24xu-l
Cisco Catalyst 3850-24xu-s
Cisco Catalyst 3850-32xs-e
Cisco Catalyst 3850-32xs-s
Cisco Catalyst 3850-48f-e
Cisco Catalyst 3850-48f-l
Cisco Catalyst 3850-48f-s
Cisco Catalyst 3850-48p-e
Cisco Catalyst 3850-48p-l
Cisco Catalyst 3850-48p-s
Cisco Catalyst 3850-48pw-s
Cisco Catalyst 3850-48t-e
Cisco Catalyst 3850-48t-l
Cisco Catalyst 3850-48t-s
Cisco Catalyst 3850-48u-e
Cisco Catalyst 3850-48u-l
Cisco Catalyst 3850-48u-s
Cisco Catalyst 3850-48xs-e
Cisco Catalyst 3850-48xs-f-e
Cisco Catalyst 3850-48xs-f-s
Cisco Catalyst 3850-48xs-s
Cisco Catalyst 9200
Cisco Catalyst 9200cx
Cisco Catalyst 9200l
Cisco Catalyst 9300
Cisco Catalyst 9300l
Cisco Catalyst 9300lm
Cisco Catalyst 9300x
Cisco Catalyst 9400
Cisco Catalyst 9500
Cisco Catalyst 9500h
Cisco Catalyst 9600
Cisco Catalyst 9600x
Cisco Catalyst C3850-12x48u-e
Cisco Catalyst C3850-12x48u-l
Cisco Catalyst C3850-12x48u-s
Cisco Meraki Ms390 Firmware
Cisco Meraki Ms390
Cisco Meraki Ms210 Firmware
Cisco Meraki Ms210
Cisco Meraki Ms225 Firmware
Cisco Meraki Ms225
Cisco Meraki Ms250 Firmware
Cisco Meraki Ms250
Cisco Meraki Ms350 Firmware
Cisco Meraki Ms350
Cisco Meraki Ms355 Firmware
Cisco Meraki Ms355
Cisco Meraki Ms410 Firmware
Cisco Meraki Ms410
Cisco Meraki Ms420 Firmware
Cisco Meraki Ms420
Cisco Meraki Ms425 Firmware
Cisco Meraki Ms425
Cisco Meraki Ms450 Firmware
Cisco Meraki Ms450
Cisco Nexus 93180yc-ex Firmware=9.3\(5\)
Cisco Nexus 93180yc-ex
Cisco Nexus 93180yc-fx Firmware=9.3\(5\)
Cisco Nexus 93180yc-fx
Cisco Nexus 93180yc-fx3 Firmware=9.3\(5\)
Cisco Nexus 93180yc-fx3
Cisco Nexus 93240yc-fx2 Firmware=9.3\(5\)
Cisco Nexus 93240yc-fx2
Cisco Nexus 93360yc-fx2 Firmware=9.3\(5\)
Cisco Nexus 93360yc-fx2
Cisco Nexus 93120tx Firmware=9.3\(5\)
Cisco Nexus 93120tx
Cisco Nexus 93108tc-ex Firmware=9.3\(5\)
Cisco Nexus 93108tc-ex
Cisco Nexus 9348gc-fxp Firmware=9.3\(5\)
Cisco Nexus 9348gc-fxp
Cisco Nexus 93108tc-fx Firmware=9.3\(5\)
Cisco Nexus 93108tc-fx
Cisco Nexus 93108tc-fx3p Firmware=9.3\(5\)
Cisco Nexus 93108tc-fx3p
Cisco Nexus 93216tc-fx2 Firmware=9.3\(5\)
Cisco Nexus 93216tc-fx2
Cisco N9k-c9316d-gx Firmware=9.3\(5\)
Cisco N9k-c9316d-gx
Cisco N9k-c93600cd-gx Firmware=9.3\(5\)
Cisco N9k-c93600cd-gx
Cisco N9k-c9332d-gx2b Firmware=9.3\(5\)
Cisco N9k-c9332d-gx2b
Cisco N9k-c9348d-gx2a Firmware=9.3\(5\)
Cisco N9k-c9348d-gx2a
Cisco N9k-c9364d-gx2a Firmware=9.3\(5\)
Cisco N9k-c9364d-gx2a
Cisco N9k-x97160yc-ex Firmware=9.3\(5\)
Cisco N9k-x97160yc-ex
Cisco N9k-x9788tc-fx Firmware=9.3\(5\)
Cisco N9k-x9788tc-fx
Cisco N9k-x9564px Firmware=9.3\(5\)
Cisco N9k-x9564px
Cisco N9k-x9464px Firmware=9.3\(5\)
Cisco N9k-x9464px
Cisco N9k-x9564tx Firmware=9.3\(5\)
Cisco N9k-x9564tx
Cisco N9k-x9464tx2 Firmware=9.3\(5\)
Cisco N9k-x9464tx2
Cisco Nexus 9636pq Firmware=9.3\(5\)
Cisco Nexus 9636pq
Cisco Nexus X9636q-r Firmware=9.3\(5\)
Cisco Nexus X9636q-r
Cisco Nexus 9536pq Firmware=9.3\(5\)
Cisco Nexus 9536pq
Cisco Nexus 9432pq Firmware=9.3\(5\)
Cisco Nexus 9432pq
Cisco Nexus 9736pq Firmware=9.3\(5\)
Cisco Nexus 9736pq
Cisco N9k-x9736c-fx Firmware=9.3\(5\)
Cisco N9k-x9736c-fx
Cisco N9k-x9732c-ex Firmware=9.3\(5\)
Cisco N9k-x9732c-ex
Cisco N9k-x9732c-fx Firmware=9.3\(5\)
Cisco N9k-x9732c-fx
Cisco N9k-x9736c-ex Firmware=9.3\(5\)
Cisco N9k-x9736c-ex
Cisco N9k-x9636c-rx Firmware=9.3\(5\)
Cisco N9k-x9636c-rx
Cisco N9k-x9636c-r Firmware=9.3\(5\)
Cisco N9k-x9636c-r
Cisco N9k-x9432c-s Firmware=9.3\(5\)
Cisco N9k-x9432c-s
Cisco Nexus 9716d-gx Firmware=9.3\(5\)
Cisco Nexus 9716d-gx
Cisco Nexus 9504 Firmware=9.3\(5\)
Cisco Nexus 9504
Cisco Nexus 9508 Firmware=9.3\(5\)
Cisco Nexus 9508
Cisco Nexus 9516 Firmware=9.3\(5\)
Cisco Nexus 9516
Cisco Nexus 92160yc-x Firmware=9.3\(5\)
Cisco Nexus 92160yc-x
Cisco Nexus 9272q Firmware=9.3\(5\)
Cisco Nexus 9272q
Cisco Nexus 92304qc Firmware=9.3\(5\)
Cisco Nexus 92304qc
Cisco Nexus 9236c Firmware=9.3\(5\)
Cisco Nexus 9236c
Cisco Nexus 92300yc Firmware=9.3\(5\)
Cisco Nexus 92300yc
Cisco Nexus 92348gc-x Firmware=9.3\(5\)
Cisco Nexus 92348gc-x
Cisco Nexus 9364c Firmware=9.3\(5\)
Cisco Nexus 9364c
Cisco Nexus 9336c-fx2 Firmware=9.3\(5\)
Cisco Nexus 9336c-fx2
Cisco Nexus 9336c-fx2-e Firmware=9.3\(5\)
Cisco Nexus 9336c-fx2-e
Cisco Nexus 9332c Firmware=9.3\(5\)
Cisco Nexus 9332c
Cisco Nexus 9364c-gx Firmware=9.3\(5\)
Cisco Nexus 9364c-gx
Cisco Nexus 9800 Firmware=9.3\(5\)
Cisco Nexus 9800
Cisco Sf500-24 Firmware=3.0.0.61
Cisco Sf500-24
Cisco Sf-500-24mp Firmware=3.0.0.61
Cisco Sf-500-24mp
Cisco Sf500-24p Firmware=3.0.0.61
Cisco Sf500-24p
Cisco Sf500-48 Firmware=3.0.0.61
Cisco Sf500-48
Cisco Sf500-48mp Firmware=3.0.0.61
Cisco Sf500-48mp
Cisco Sf500-18p Firmware=3.0.0.61
Cisco Sf500-18p
Cisco Sg500-28 Firmware=3.0.0.61
Cisco Sg500-28
Cisco Sg500-28mpp Firmware=3.0.0.61
Cisco Sg500-28mpp
Cisco Sg500-28p Firmware=3.0.0.61
Cisco Sg500-28p
Cisco Sg500-52 Firmware=3.0.0.61
Cisco Sg500-52
Cisco Sg500-52mp Firmware=3.0.0.61
Cisco Sg500-52mp
Cisco Sg500-52p Firmware=3.0.0.61
Cisco Sg500-52p
Cisco Sg500x-24 Firmware=3.0.0.61
Cisco Sg500x-24
Cisco Sg500x-24mpp Firmware=3.0.0.61
Cisco Sg500x-24mpp
Cisco Sg500x-24p Firmware=3.0.0.61
Cisco Sg500x-24p
Cisco Sg500x-48 Firmware=3.0.0.61
Cisco Sg500x-48
Cisco Sg500x-48mpp Firmware=3.0.0.61
Cisco Sg500x-48mpp
Cisco Sg500x-48p Firmware=3.0.0.61
Cisco Sg500x-48p

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203