/
/
CVE-2021-27861: CISCO

CVE-2021-27861: CISCO

Article
Profile Icon

Jason Franscisco

Title

CVE-2021-27861: CISCO

Tags

CISCO, IOS

CVE

CVE-2021-27861

NVD Description

Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length(and optionally VLAN0 headers)

Exploit Available

True

Abused by Malware

False

You can find more insights and intelligence on this CVE at: https://vi.loginsoft.com/app/cve/CVE-2021-27861

Vulnerable Condition

To ascertain the vulnerable conditions and product versions deemed affected, issue the following commands and look for its associated as stated. If one more conditions matches then we can consider it as affected.

Command Instructions:
COMMAND:

show version

STDOUT:

Cisco IOS Software

COMMAND:

show version

STDOUT:

WS-C65[0-9]{2}

COMMAND:

show version

STDOUT:

WS-C68[0-9]{2}

COMMAND:

show version

STDOUT:

WS-C3650-[0-9]{1,2}

COMMAND:

show version

STDOUT:

WS-C3850-[0-9]{2}

COMMAND:

show version

STDOUT:

C9200[d]

COMMAND:

show version

STDOUT:

C9300[d]

COMMAND:

show version

STDOUT:

C9400[d]

COMMAND:

show version

STDOUT:

C9500[d]

COMMAND:

show version

STDOUT:

C9600[d]

Affected Versions:

15.5(01.01.85)SY07

15.2(07)E02

References:

https://standards.ieee.org/ieee/802.1Q/10323/

https://datatracker.ietf.org/doc/draft-ietf-v6ops-ra-guard/08/

https://standards.ieee.org/ieee/802.2/1048/

https://blog.champtar.fr/VLAN0_LLC_SNAP/

https://kb.cert.org/vuls/id/855201

Get in touch with us to explore how our Security Content Suite can optimize vulnerability management for your needs.

Explore Cybersecurity Platforms

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros.

Learn more
white arrow pointing top right

About Loginsoft

For over 16 years, leading companies in Telecom, Cybersecurity, Healthcare, Banking, New Media and more have come to rely on Loginsoft as a trusted resource for technology talent. Whether Onsite, Offsite, or Offshore, we deliver.

Loginsoft is a leading Cybersecurity services company providing Security Advisory Research to generate metadata for vulnerabilities in Open source components, Discovering ZeroDay Vulnerabilities, Developing Vulnerability Detection signatures using MITRE OVAL Language.

Expertise in Integrations with Threat Intelligence and Security Products, integrated more than 200+ integrations with leading TIP, SIEM, SOAR and Ticketing Platforms such as Cortex XSOAR, Anomali, ThreatQ, Splunk, IBM QRadar, IBM Resilient, Microsoft Azure Sentinel, ServiceNow, Swimlane, Siemplify, MISP, Maltego, Cryptocurrency APIs with Digital Exchange Platforms, CISCO, Datadog, Symantec, Carbonblack, F5, Fortinet and so on.

Interested to learn more? Let’s start a conversation.

Book a meeting

IN-HOUSE EXPERTISE

Latest Articles

Get practical solutions to real-world challenges, straight from experts who conquered them.

View all our articles

Sign up to our Newsletter