What is CVE-2021-27854?

CVE-2021-27854 is a vulnerability that allows bypassing layer 2 network filtering capabilities such as IPv6 RA guard using combinations of VLAN 0 headers, LLC/SNAP headers, and converting frames from Ethernet to Wifi and its reverse.

What is the severity of CVE-2021-27854?

The severity of CVE-2021-27854 is medium with a severity value of 4.7.

What software is affected by CVE-2021-27854?

CVE-2021-27854 affects IEEE 802.2 with version up to and including 802.2h-1997, and IETF P802.1q with version up to and including d1.0.

How can I fix CVE-2021-27854?

To fix CVE-2021-27854, it is recommended to apply the necessary patches or updates provided by the respective vendors or software developers.

Vulnerability/
CVE-2021-27854

medium

4.7

CWE

290

27/9/2022

3/8/2024

CVE-2021-27854: L2 network filtering bypass using stacked VLAN0, LLC/SNAP headers, and Ethernet to Wifi frame translation

Q: How can CVE-2021-27854 be exploited?

CVE-2021-27854 can be exploited by using combinations of VLAN 0 headers, LLC/SNAP headers, and converting frames from Ethernet to Wifi and its reverse to bypass layer 2 network filtering capabilities such as IPv6 RA guard.

First published: Tue Sep 27 2022(Updated: )

Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using combinations of VLAN 0 headers, LLC/SNAP headers, and converting frames from Ethernet to Wifi and its reverse.

Credit: cret@cert.org

Affected Software	Affected Version	How to fix
Ieee Ieee 802.2	<=802.2h-1997
Ietf P802.1q	<=d1.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2021-27854?
CVE-2021-27854 is a vulnerability that allows bypassing layer 2 network filtering capabilities such as IPv6 RA guard using combinations of VLAN 0 headers, LLC/SNAP headers, and converting frames from Ethernet to Wifi and its reverse.
What is the severity of CVE-2021-27854?
The severity of CVE-2021-27854 is medium with a severity value of 4.7.
How can CVE-2021-27854 be exploited?
CVE-2021-27854 can be exploited by using combinations of VLAN 0 headers, LLC/SNAP headers, and converting frames from Ethernet to Wifi and its reverse to bypass layer 2 network filtering capabilities such as IPv6 RA guard.
What software is affected by CVE-2021-27854?
CVE-2021-27854 affects IEEE 802.2 with version up to and including 802.2h-1997, and IETF P802.1q with version up to and including d1.0.
How can I fix CVE-2021-27854?
To fix CVE-2021-27854, it is recommended to apply the necessary patches or updates provided by the respective vendors or software developers.

collector/nvd-index
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/references
agent/title
agent/weakness
agent/severity
agent/last-modified-date
agent/author
agent/description
agent/first-publish-date
agent/event
agent/tags
agent/trending
vendor/ieee
canonical/ieee ieee 802.2
version/ieee ieee 802.2/802.2h-1997
vendor/ietf
canonical/ietf p802.1q
version/ietf p802.1q/d1.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.