CVE-2021-27853

MEDIUM
Published Sep 27, 20223y ago · Modified Jun 17, 20261w ago
4.7 CVSS 3.1
Medium
Find Similar
Published Sep 27, 2022 3y ago
Last Modified Jun 17, 2026 1w ago

Description

Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers.

CVSS Details

Base Score
4.7
Exploitability
2.8
Impact
1.4
Vector string
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
Attack Vector Adjacent
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Changed
Confidentiality None
Integrity Low
Availability None

Threat Intelligence

No active exploitation signals — not in CISA KEV and no EPSS score yet.

Exploit & Patch Status
Public Exploit Known
No Patch Available

Weaknesses 1

CWE-290

Affected Products 312

VendorProductVersionRange
ieeeieee_802.2* ≤802.2h-1997
ietfp802.1q* ≤d1.0
ciscocatalyst_6503-e_firmware15.5\(01.01.85\)sy07any
ciscocatalyst_6503-e*any
ciscocatalyst_6504-e_firmware15.5\(01.01.85\)sy07any
ciscocatalyst_6504-e*any
ciscocatalyst_6506-e_firmware15.5\(01.01.85\)sy07any
ciscocatalyst_6506-e*any
ciscocatalyst_6509-e_firmware15.5\(01.01.85\)sy07any
ciscocatalyst_6509-e*any
ciscocatalyst_6509-neb-a_firmware15.5\(01.01.85\)sy07any
ciscocatalyst_6509-neb-a*any
ciscocatalyst_6509-v-e_firmware15.5\(01.01.85\)sy07any
ciscocatalyst_6509-v-e*any
ciscocatalyst_6513-e_firmware15.5\(01.01.85\)sy07any
ciscocatalyst_6513-e*any
ciscocatalyst_6807-xl_firmware15.5\(01.01.85\)sy07any
ciscocatalyst_6807-xl*any
ciscocatalyst_6840-x_firmware15.5\(01.01.85\)sy07any
ciscocatalyst_6840-x*any
ciscocatalyst_6880-x_firmware15.5\(01.01.85\)sy07any
ciscocatalyst_6880-x*any
ciscocatalyst_c6816-x-le_firmware15.5\(01.01.85\)sy07any
ciscocatalyst_c6816-x-le*any
ciscocatalyst_c6824-x-le-40g_firmware15.5\(01.01.85\)sy07any
ciscocatalyst_c6824-x-le-40g*any
ciscocatalyst_c6832-x-le_firmware15.5\(01.01.85\)sy07any
ciscocatalyst_c6832-x-le*any
ciscocatalyst_c6840-x-le-40g_firmware15.5\(01.01.85\)sy07any
ciscocatalyst_c6840-x-le-40g*any
ciscocatalyst_6800ia_firmware15.5\(01.01.85\)sy07any
ciscocatalyst_6800ia*any
ciscoios_xe17.3.3any
ciscoios_xe15.2\(07\)e02any
ciscoios_xe15.2\(07\)e03any
ciscoios_xe17.4.1any
ciscoios_xe17.6.1any
ciscocatalyst_3650-12x48fd-e*any
ciscocatalyst_3650-12x48fd-l*any
ciscocatalyst_3650-12x48fd-s*any
ciscocatalyst_3650-12x48uq-e*any
ciscocatalyst_3650-12x48uq-l*any
ciscocatalyst_3650-12x48uq-s*any
ciscocatalyst_3650-12x48ur-e*any
ciscocatalyst_3650-12x48ur-l*any
ciscocatalyst_3650-12x48ur-s*any
ciscocatalyst_3650-12x48uz-e*any
ciscocatalyst_3650-12x48uz-l*any
ciscocatalyst_3650-12x48uz-s*any
ciscocatalyst_3650-24pd-e*any
ciscocatalyst_3650-24pd-l*any
ciscocatalyst_3650-24pd-s*any
ciscocatalyst_3650-24pdm-e*any
ciscocatalyst_3650-24pdm-l*any
ciscocatalyst_3650-24pdm-s*any
ciscocatalyst_3650-24ps-e*any
ciscocatalyst_3650-24ps-l*any
ciscocatalyst_3650-24ps-s*any
ciscocatalyst_3650-24td-e*any
ciscocatalyst_3650-24td-l*any
ciscocatalyst_3650-24td-s*any
ciscocatalyst_3650-24ts-e*any
ciscocatalyst_3650-24ts-l*any
ciscocatalyst_3650-24ts-s*any
ciscocatalyst_3650-48fd-e*any
ciscocatalyst_3650-48fd-l*any
ciscocatalyst_3650-48fd-s*any
ciscocatalyst_3650-48fq-e*any
ciscocatalyst_3650-48fq-l*any
ciscocatalyst_3650-48fq-s*any
ciscocatalyst_3650-48fqm-e*any
ciscocatalyst_3650-48fqm-l*any
ciscocatalyst_3650-48fqm-s*any
ciscocatalyst_3650-48fs-e*any
ciscocatalyst_3650-48fs-l*any
ciscocatalyst_3650-48fs-s*any
ciscocatalyst_3650-48pd-e*any
ciscocatalyst_3650-48pd-l*any
ciscocatalyst_3650-48pd-s*any
ciscocatalyst_3650-48pq-e*any
ciscocatalyst_3650-48pq-l*any
ciscocatalyst_3650-48pq-s*any
ciscocatalyst_3650-48ps-e*any
ciscocatalyst_3650-48ps-l*any
ciscocatalyst_3650-48ps-s*any
ciscocatalyst_3650-48td-e*any
ciscocatalyst_3650-48td-l*any
ciscocatalyst_3650-48td-s*any
ciscocatalyst_3650-48tq-e*any
ciscocatalyst_3650-48tq-l*any
ciscocatalyst_3650-48tq-s*any
ciscocatalyst_3650-48ts-e*any
ciscocatalyst_3650-48ts-l*any
ciscocatalyst_3650-48ts-s*any
ciscocatalyst_3650-8x24pd-e*any
ciscocatalyst_3650-8x24pd-l*any
ciscocatalyst_3650-8x24pd-s*any
ciscocatalyst_3650-8x24uq-e*any
ciscocatalyst_3650-8x24uq-l*any
ciscocatalyst_3650-8x24uq-s*any
ciscocatalyst_3850-12s-e*any
ciscocatalyst_3850-12s-s*any
ciscocatalyst_3850-12xs-e*any
ciscocatalyst_3850-12xs-s*any
ciscocatalyst_3850-16xs-e*any
ciscocatalyst_3850-16xs-s*any
ciscocatalyst_3850-24p-e*any
ciscocatalyst_3850-24p-l*any
ciscocatalyst_3850-24pw-s*any
ciscocatalyst_3850-24s-e*any
ciscocatalyst_3850-24s-s*any
ciscocatalyst_3850-24t-e*any
ciscocatalyst_3850-24t-l*any
ciscocatalyst_3850-24t-s*any
ciscocatalyst_3850-24u-e*any
ciscocatalyst_3850-24u-l*any
ciscocatalyst_3850-24u-s*any
ciscocatalyst_3850-24xs-e*any
ciscocatalyst_3850-24xs-s*any
ciscocatalyst_3850-24xu-e*any
ciscocatalyst_3850-24xu-l*any
ciscocatalyst_3850-24xu-s*any
ciscocatalyst_3850-32xs-e*any
ciscocatalyst_3850-32xs-s*any
ciscocatalyst_3850-48f-e*any
ciscocatalyst_3850-48f-l*any
ciscocatalyst_3850-48f-s*any
ciscocatalyst_3850-48p-e*any
ciscocatalyst_3850-48p-l*any
ciscocatalyst_3850-48p-s*any
ciscocatalyst_3850-48pw-s*any
ciscocatalyst_3850-48t-e*any
ciscocatalyst_3850-48t-l*any
ciscocatalyst_3850-48t-s*any
ciscocatalyst_3850-48u-e*any
ciscocatalyst_3850-48u-l*any
ciscocatalyst_3850-48u-s*any
ciscocatalyst_3850-48xs-e*any
ciscocatalyst_3850-48xs-f-e*any
ciscocatalyst_3850-48xs-f-s*any
ciscocatalyst_3850-48xs-s*any
ciscocatalyst_9200*any
ciscocatalyst_9200cx*any
ciscocatalyst_9200l*any
ciscocatalyst_9300*any
ciscocatalyst_9300l*any
ciscocatalyst_9300lm*any
ciscocatalyst_9300x*any
ciscocatalyst_9400*any
ciscocatalyst_9500*any
ciscocatalyst_9500h*any
ciscocatalyst_9600*any
ciscocatalyst_9600x*any
ciscocatalyst_c3850-12x48u-e*any
ciscocatalyst_c3850-12x48u-l*any
ciscocatalyst_c3850-12x48u-s*any
ciscomeraki_ms390_firmware*any
ciscomeraki_ms390*any
ciscomeraki_ms210_firmware*any
ciscomeraki_ms210*any
ciscomeraki_ms225_firmware*any
ciscomeraki_ms225*any
ciscomeraki_ms250_firmware*any
ciscomeraki_ms250*any
ciscomeraki_ms350_firmware*any
ciscomeraki_ms350*any
ciscomeraki_ms355_firmware*any
ciscomeraki_ms355*any
ciscomeraki_ms410_firmware*any
ciscomeraki_ms410*any
ciscomeraki_ms420_firmware*any
ciscomeraki_ms420*any
ciscomeraki_ms425_firmware*any
ciscomeraki_ms425*any
ciscomeraki_ms450_firmware*any
ciscomeraki_ms450*any
cisconexus_93180yc-ex_firmware9.3\(5\)any
cisconexus_93180yc-ex*any
cisconexus_93180yc-fx_firmware9.3\(5\)any
cisconexus_93180yc-fx*any
cisconexus_93180yc-fx3_firmware9.3\(5\)any
cisconexus_93180yc-fx3*any
cisconexus_93240yc-fx2_firmware9.3\(5\)any
cisconexus_93240yc-fx2*any
cisconexus_93360yc-fx2_firmware9.3\(5\)any
cisconexus_93360yc-fx2*any
cisconexus_93120tx_firmware9.3\(5\)any
cisconexus_93120tx*any
cisconexus_93108tc-ex_firmware9.3\(5\)any
cisconexus_93108tc-ex*any
cisconexus_9348gc-fxp_firmware9.3\(5\)any
cisconexus_9348gc-fxp*any
cisconexus_93108tc-fx_firmware9.3\(5\)any
cisconexus_93108tc-fx*any
cisconexus_93108tc-fx3p_firmware9.3\(5\)any
cisconexus_93108tc-fx3p*any
cisconexus_93216tc-fx2_firmware9.3\(5\)any
cisconexus_93216tc-fx2*any
ciscon9k-c9316d-gx_firmware9.3\(5\)any
ciscon9k-c9316d-gx*any
ciscon9k-c93600cd-gx_firmware9.3\(5\)any
ciscon9k-c93600cd-gx*any
ciscon9k-c9332d-gx2b_firmware9.3\(5\)any
ciscon9k-c9332d-gx2b*any
ciscon9k-c9348d-gx2a_firmware9.3\(5\)any
ciscon9k-c9348d-gx2a*any
ciscon9k-c9364d-gx2a_firmware9.3\(5\)any
ciscon9k-c9364d-gx2a*any
ciscon9k-x97160yc-ex_firmware9.3\(5\)any
ciscon9k-x97160yc-ex*any
ciscon9k-x9788tc-fx_firmware9.3\(5\)any
ciscon9k-x9788tc-fx*any
ciscon9k-x9564px_firmware9.3\(5\)any
ciscon9k-x9564px*any
ciscon9k-x9464px_firmware9.3\(5\)any
ciscon9k-x9464px*any
ciscon9k-x9564tx_firmware9.3\(5\)any
ciscon9k-x9564tx*any
ciscon9k-x9464tx2_firmware9.3\(5\)any
ciscon9k-x9464tx2*any
cisconexus_9636pq_firmware9.3\(5\)any
cisconexus_9636pq*any
cisconexus_x9636q-r_firmware9.3\(5\)any
cisconexus_x9636q-r*any
cisconexus_9536pq_firmware9.3\(5\)any
cisconexus_9536pq*any
cisconexus_9432pq_firmware9.3\(5\)any
cisconexus_9432pq*any
cisconexus_9736pq_firmware9.3\(5\)any
cisconexus_9736pq*any
ciscon9k-x9736c-fx_firmware9.3\(5\)any
ciscon9k-x9736c-fx*any
ciscon9k-x9732c-ex_firmware9.3\(5\)any
ciscon9k-x9732c-ex*any
ciscon9k-x9732c-fx_firmware9.3\(5\)any
ciscon9k-x9732c-fx*any
ciscon9k-x9736c-ex_firmware9.3\(5\)any
ciscon9k-x9736c-ex*any
ciscon9k-x9636c-rx_firmware9.3\(5\)any
ciscon9k-x9636c-rx*any
ciscon9k-x9636c-r_firmware9.3\(5\)any
ciscon9k-x9636c-r*any
ciscon9k-x9432c-s_firmware9.3\(5\)any
ciscon9k-x9432c-s*any
cisconexus_9716d-gx_firmware9.3\(5\)any
cisconexus_9716d-gx*any
cisconexus_9504_firmware9.3\(5\)any
cisconexus_9504*any
cisconexus_9508_firmware9.3\(5\)any
cisconexus_9508*any
cisconexus_9516_firmware9.3\(5\)any
cisconexus_9516*any
cisconexus_92160yc-x_firmware9.3\(5\)any
cisconexus_92160yc-x*any
cisconexus_9272q_firmware9.3\(5\)any
cisconexus_9272q*any
cisconexus_92304qc_firmware9.3\(5\)any
cisconexus_92304qc*any
cisconexus_9236c_firmware9.3\(5\)any
cisconexus_9236c*any
cisconexus_92300yc_firmware9.3\(5\)any
cisconexus_92300yc*any
cisconexus_92348gc-x_firmware9.3\(5\)any
cisconexus_92348gc-x*any
cisconexus_9364c_firmware9.3\(5\)any
cisconexus_9364c*any
cisconexus_9336c-fx2_firmware9.3\(5\)any
cisconexus_9336c-fx2*any
cisconexus_9336c-fx2-e_firmware9.3\(5\)any
cisconexus_9336c-fx2-e*any
cisconexus_9332c_firmware9.3\(5\)any
cisconexus_9332c*any
cisconexus_9364c-gx_firmware9.3\(5\)any
cisconexus_9364c-gx*any
cisconexus_9800_firmware9.3\(5\)any
cisconexus_9800*any
ciscosf500-24_firmware3.0.0.61any
ciscosf500-24*any
ciscosf-500-24mp_firmware3.0.0.61any
ciscosf-500-24mp*any
ciscosf500-24p_firmware3.0.0.61any
ciscosf500-24p*any
ciscosf500-48_firmware3.0.0.61any
ciscosf500-48*any
ciscosf500-48mp_firmware3.0.0.61any
ciscosf500-48mp*any
ciscosf500-18p_firmware3.0.0.61any
ciscosf500-18p*any
ciscosg500-28_firmware3.0.0.61any
ciscosg500-28*any
ciscosg500-28mpp_firmware3.0.0.61any
ciscosg500-28mpp*any
ciscosg500-28p_firmware3.0.0.61any
ciscosg500-28p*any
ciscosg500-52_firmware3.0.0.61any
ciscosg500-52*any
ciscosg500-52mp_firmware3.0.0.61any
ciscosg500-52mp*any
ciscosg500-52p_firmware3.0.0.61any
ciscosg500-52p*any
ciscosg500x-24_firmware3.0.0.61any
ciscosg500x-24*any
ciscosg500x-24mpp_firmware3.0.0.61any
ciscosg500x-24mpp*any
ciscosg500x-24p_firmware3.0.0.61any
ciscosg500x-24p*any
ciscosg500x-48_firmware3.0.0.61any
ciscosg500x-48*any
ciscosg500x-48mpp_firmware3.0.0.61any
ciscosg500x-48mpp*any
ciscosg500x-48p_firmware3.0.0.61any
ciscosg500x-48p*any

References 7

  • blog.champtar.fr https://blog.champtar.fr/VLAN0_LLC_SNAP/
    ExploitThird Party Advisory
  • datatracker.ietf.org https://datatracker.ietf.org/doc/draft-ietf-v6ops-ra-guard/08/
    Technical DescriptionThird Party Advisory
  • kb.cert.org https://kb.cert.org/vuls/id/855201
    Third Party AdvisoryUS Government Resource
  • standards.ieee.org https://standards.ieee.org/ieee/802.1Q/10323/
    Vendor Advisory
  • standards.ieee.org https://standards.ieee.org/ieee/802.2/1048/
    Vendor Advisory
  • tools.cisco.com https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-VU855201-J3z8CKTX
    Third Party Advisory
  • kb.cert.org https://www.kb.cert.org/vuls/id/855201

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.