November 20, 2023
Severity Medium Analysis Summary Agent Tesla is a very popular spyware Trojan built for the.NET framework. Since its initial appearance in 2014, this has been deployed […]
Rewterz Threat Advisory – Multiple Cisco Products Vulnerabilities
September 28, 2022Rewterz Threat Advisory – Multiple Google Chrome Vulnerabilities
September 28, 2022Rewterz Threat Advisory – Multiple Cisco Products Vulnerabilities
September 28, 2022Rewterz Threat Advisory – Multiple Google Chrome Vulnerabilities
September 28, 2022
Severity
Medium
Analysis Summary
CVE-2021-27862 CVSS:4.7
Multiple Cisco Products could allow a remote attacker to bypass security restrictions, caused by improper validation of SNAP/LLC Ethernet frames. By sending a specially-crafted SNAP/LLC Ethernet header, an attacker could exploit this vulnerability to bypass layer 2 network filtering capabilities such as IPv6 RA guard.
CVE-2021-27861 CVSS:4.7
Multiple Cisco Products could allow a remote attacker to bypass security restrictions, caused by improper validation of SNAP/LLC Ethernet frames. By sending a specially-crafted SNAP/LLC Ethernet header, an attacker could exploit this vulnerability to bypass layer 2 network filtering capabilities such as IPv6 RA guard.
CVE-2021-27853 CVSS:4.7
Multiple Cisco Products could allow a remote attacker to bypass security restrictions, caused by a flaw in the processing of stacked Ethernet tag headers. By sending a specially-crafted request using a combination of VLAN 0 headers and LLC/SNAP headers, an attacker could exploit this vulnerability to bypass layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection.
Impact
Security Bypass
Indicators Of Compromise
CVE
- CVE-2022-20728
- CVE-2021-27854
Affected Vendors
Cisco
Affected Products
- Cisco Nexus 3000 Series Switches
- Cisco Nexus 7000 Series Switches
- Cisco Nexus 5600 Platform Switches
- Cisco 350 Series Managed Switches
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.
Cisco Security Advisory