This vulnerability is due to the platforms forwarding frames when the upper-layer protocol cannot be determined to invoke a Layer 3 FHS feature. CVE-2021-27853Ī vulnerability in the processing of stacked Ethernet tag headers of multiple Cisco products could allow an unauthenticated, adjacent attacker to bypass the FHS feature of an affected device. In addition, a software release that is affected by one of the vulnerabilities may not be affected by the other vulnerabilities. Exploitation of one of the vulnerabilities is not required to exploit another vulnerability. The vulnerabilities are not dependent on one another. Catalyst 4500E and 4500X Series Switches.IOS XE Routers when configured with Ethernet virtual circuits. Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode.CVE-2021-27853Ĭisco has confirmed that this vulnerability does not affect the following Cisco products: Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability. See the Details section of this advisory for more information about affected configurations.Ĭisco evaluated this vulnerability based on its impact on FHS features that are configured on Cisco Access points. The following table lists Cisco products that are affected by the vulnerability that is described in CVE-2021-27861. No impact was observed.Īs part of the investigation into the impact to Cisco Access Points, another vulnerability was found, and a companion advisory has been published: Cisco Access Points VLAN Bypass from Native VLAN Vulnerability. Nexus 9000 Series Switches (Standalone Mode)Ĭisco evaluated this vulnerability based on its impact on FHS features that are configured on Cisco Access Points. Fixed software will not be made available. Impact is only for Dynamic ARP Inspection. IOS XR Routers configured with L2 Transport services IOS XE Routers configured with Ethernet virtual circuits Fixed Software will not be made available. A fix is available for all FHS features except Dynamic ARP inspection.ĬSCwb01481 is relevant for Dynamic ARP Inspection and impacts all releases. Cisco Productįixed software will not be made available.Ĭatalyst Digital Building Series SwitchesĬSCvz91291 affects Cisco IOS XE Software releases 17.6.1 and later. Note: End of life products have not been evaluated. See the Details section of this advisory for more information about affected configurations. The following table lists Cisco products that are affected by the vulnerability that is described in CVE-2021-27853. This advisory is available at the following link:
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |