Title
CVE-2021-27861: CISCO
Tags
CISCO, IOS
CVE
CVE-2021-27861
NVD Description
Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length(and optionally VLAN0 headers)
Exploit Available
True
Abused by Malware
False
You can find more insights and intelligence on this CVE at: https://vi.loginsoft.com/app/cve/CVE-2021-27861
Vulnerable Condition
To ascertain the vulnerable conditions and product versions deemed affected, issue the following commands and look for its associated as stated. If one more conditions matches then we can consider it as affected.
Command Instructions:
COMMAND:
show version
STDOUT:
Cisco IOS Software
COMMAND:
show version
STDOUT:
WS-C65[0-9]{2}
COMMAND:
show version
STDOUT:
WS-C68[0-9]{2}
COMMAND:
show version
STDOUT:
WS-C3650-[0-9]{1,2}
COMMAND:
show version
STDOUT:
WS-C3850-[0-9]{2}
COMMAND:
show version
STDOUT:
C9200[d]
COMMAND:
show version
STDOUT:
C9300[d]
COMMAND:
show version
STDOUT:
C9400[d]
COMMAND:
show version
STDOUT:
C9500[d]
COMMAND:
show version
STDOUT:
C9600[d]
Affected Versions:
15.5(01.01.85)SY07
15.2(07)E02
References:
https://standards.ieee.org/ieee/802.1Q/10323/
https://datatracker.ietf.org/doc/draft-ietf-v6ops-ra-guard/08/
https://standards.ieee.org/ieee/802.2/1048/
https://blog.champtar.fr/VLAN0_LLC_SNAP/
https://kb.cert.org/vuls/id/855201
Get in touch with us to explore how our Security Content Suite can optimize vulnerability management for your needs.
About Loginsoft
For over 20 years, leading companies in Telecom, Cybersecurity, Healthcare, Banking, New Media, and more have come to rely on Loginsoft as a trusted resource for technology talent. From startups, to product and enterprises rely on our services. Whether Onsite, Offsite, or Offshore, we deliver. With a track record of successful partnerships with leading technology companies globally, and specifically in the past 6 years with Cybersecurity product companies, Loginsoft offers a comprehensive range of security offerings, including Software Supply Chain, Vulnerability Management, Threat Intelligence, Cloud Security, Cybersecurity Platform Integrations, creating content packs for Cloud SIEM, Logs onboarding and more. Our commitment to innovation and expertise has positioned us as a trusted player in the cybersecurity space. Loginsoft continues to provide traditional IT services which include Software development & Support, QA automation, Data Science & AI, etc.
Expertise in Integrations with Threat Intelligence and Security Products: Built more than 250+ integrations with leading TIP, SIEM, SOAR, and Ticketing Platforms such as Cortex XSOAR, Anomali, ThreatQ, Splunk, IBM QRadar & Resilient, Microsoft Azure Sentinel, ServiceNow, Swimlane, Siemplify, MISP, Maltego, Cryptocurrency Digital Exchange Platforms, CISCO, Datadog, Symantec, Carbonblack, F5, Fortinet, and so on. Loginsoft is a partner with industry leading technology vendors Palo Alto, Splunk, Elastic, IBM Security, etc.
In addition, Loginsoft offers Research as a service: We're more than just experts in cybersecurity; we're your accredited in-house research team focused on unraveling the complexities of cybersecurity and future technologies. From Application Security to Threat Research, our seasoned professionals have cultivated expertise in every facet of the field. We've earned the trust of over 20 security platform companies, who count on our research and analysis to strengthen their cybersecurity solutions.
Interested to learn more? Let’s start a conversation.
