VAR-202209-1859
Vulnerability from variot - Updated: 2025-11-18 15:12Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers. Layer-2 (L2) network security controls provided by various devices, such as switches, routers, and operating systems, can be bypassed by stacking Ethernet protocol headers. An attacker can send crafted packets through vulnerable devices to cause Denial-of-service (DoS) or to perform a man-in-the-middle (MitM) attack against a target network.CVE-2021-27853 Affected CVE-2021-27854 Affected CVE-2021-27861 Affected CVE-2021-27862 AffectedCVE-2021-27853 Affected CVE-2021-27854 Affected CVE-2021-27861 Affected CVE-2021-27862 Affected. IEEE of ieee 802.2 Products from multiple other vendors contain vulnerabilities related to authentication bypass through spoofing.Information may be tampered with
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202209-1859",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "meraki ms420",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "nexus 93108tc-fx",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "n9k-x9464px",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "nexus 9736pq",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "nexus x9636q-r",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "meraki ms350",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sg500x-48p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0.61"
},
{
"model": "nexus 9516",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "n9k-x9736c-ex",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "catalyst 6509-v-e",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "15.5\\(01.01.85\\)sy07"
},
{
"model": "nexus 93108tc-ex",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "sg500-28mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0.61"
},
{
"model": "n9k-c9348d-gx2a",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "sf-500-24mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0.61"
},
{
"model": "meraki ms250",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "nexus 9364c-gx",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "n9k-x9636c-rx",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "nexus 9336c-fx2-e",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "sf500-18p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0.61"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "17.4.1"
},
{
"model": "meraki ms450",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "sf500-48mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0.61"
},
{
"model": "catalyst 6503-e",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "15.5\\(01.01.85\\)sy07"
},
{
"model": "n9k-x9788tc-fx",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "nexus 9716d-gx",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "sf500-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0.61"
},
{
"model": "sg500x-48",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0.61"
},
{
"model": "nexus 93108tc-fx3p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "nexus 9636pq",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "n9k-x9636c-r",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "sg500-28",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0.61"
},
{
"model": "sg500x-24mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0.61"
},
{
"model": "nexus 92160yc-x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "catalyst c6840-x-le-40g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "15.5\\(01.01.85\\)sy07"
},
{
"model": "sg500-52mp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0.61"
},
{
"model": "802.2",
"scope": "lte",
"trust": 1.0,
"vendor": "ieee",
"version": "802.2h-1997"
},
{
"model": "sg500-28p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0.61"
},
{
"model": "catalyst 6880-x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "15.5\\(01.01.85\\)sy07"
},
{
"model": "nexus 93240yc-fx2",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "catalyst 6506-e",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "15.5\\(01.01.85\\)sy07"
},
{
"model": "n9k-x9564px",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "nexus 9508",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "n9k-c93600cd-gx",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "sg500x-48mpp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0.61"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "17.6.1"
},
{
"model": "nexus 92348gc-x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "nexus 9536pq",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "meraki ms390",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst 6509-neb-a",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "15.5\\(01.01.85\\)sy07"
},
{
"model": "catalyst 6509-e",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "15.5\\(01.01.85\\)sy07"
},
{
"model": "n9k-x9732c-fx",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "meraki ms425",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "nexus 9236c",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "nexus 9504",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "nexus 93120tx",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "nexus 9364c",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "n9k-x9464tx2",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "n9k-x9732c-ex",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "meraki ms410",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "nexus 93216tc-fx2",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "n9k-c9364d-gx2a",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "15.2\\(07\\)e03"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "15.2\\(07\\)e02"
},
{
"model": "meraki ms210",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "nexus 93180yc-fx",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "nexus 92304qc",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "catalyst 6513-e",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "15.5\\(01.01.85\\)sy07"
},
{
"model": "catalyst c6824-x-le-40g",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "15.5\\(01.01.85\\)sy07"
},
{
"model": "catalyst c6832-x-le",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "15.5\\(01.01.85\\)sy07"
},
{
"model": "sg500-52p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0.61"
},
{
"model": "nexus 92300yc",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "nexus 93360yc-fx2",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "nexus 93180yc-fx3",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "nexus 9348gc-fxp",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "sf500-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0.61"
},
{
"model": "n9k-c9316d-gx",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "nexus 9272q",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "catalyst 6800ia",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "15.5\\(01.01.85\\)sy07"
},
{
"model": "catalyst 6840-x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "15.5\\(01.01.85\\)sy07"
},
{
"model": "nexus 9800",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "sg500-52",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0.61"
},
{
"model": "catalyst 6504-e",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "15.5\\(01.01.85\\)sy07"
},
{
"model": "nexus 93180yc-ex",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "sg500x-24p",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0.61"
},
{
"model": "sg500x-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0.61"
},
{
"model": "n9k-x9564tx",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "sf500-24",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0.61"
},
{
"model": "n9k-x9432c-s",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "17.3.3"
},
{
"model": "n9k-x9736c-fx",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "n9k-c9332d-gx2b",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "p802.1q",
"scope": "lte",
"trust": 1.0,
"vendor": "ietf",
"version": "d1.0"
},
{
"model": "catalyst 6807-xl",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "15.5\\(01.01.85\\)sy07"
},
{
"model": "nexus 9432pq",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "nexus 9336c-fx2",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "nexus 9332c",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "meraki ms355",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "catalyst c6816-x-le",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "15.5\\(01.01.85\\)sy07"
},
{
"model": "n9k-x97160yc-ex",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(5\\)"
},
{
"model": "meraki ms225",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "cisco ios xe",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "802.2",
"scope": null,
"trust": 0.8,
"vendor": "ieee",
"version": null
},
{
"model": "catalyst 6509-e",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "catalyst 6840-x",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "catalyst 6509-neb-a",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "catalyst 6506-e",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "catalyst c6816-x-le",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "ios xe",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "catalyst c6824-x-le-40g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "catalyst 6509-v-e",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "p802.1q",
"scope": null,
"trust": 0.8,
"vendor": "\u30a4\u30f3\u30bf\u30fc\u30cd\u30c3\u30c8\u6280\u8853\u30bf\u30b9\u30af\u30d5\u30a9\u30fc\u30b9 ietf",
"version": null
},
{
"model": "catalyst 6880-x",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "catalyst 6807-xl",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "catalyst c6832-x-le",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "catalyst 6800ia",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "catalyst c6840-x-le-40g",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "catalyst 6503-e",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "catalyst 6504-e",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "catalyst 6513-e",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-020376"
},
{
"db": "NVD",
"id": "CVE-2021-27853"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "This document was written by Timur Snoke.Statement Date:\u00a0\u00a0 September 27, 2022",
"sources": [
{
"db": "CERT/CC",
"id": "VU#855201"
}
],
"trust": 0.8
},
"cve": "CVE-2021-27853",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2021-27853",
"impactScore": 1.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.7,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2021-27853",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-27853",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2021-27853",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2021-27853",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202209-2794",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202209-2794"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020376"
},
{
"db": "NVD",
"id": "CVE-2021-27853"
},
{
"db": "NVD",
"id": "CVE-2021-27853"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers. Layer-2 (L2) network security controls provided by various devices, such as switches, routers, and operating systems, can be bypassed by stacking Ethernet protocol headers. An attacker can send crafted packets through vulnerable devices to cause Denial-of-service (DoS) or to perform a man-in-the-middle (MitM) attack against a target network.CVE-2021-27853 Affected\nCVE-2021-27854 Affected\nCVE-2021-27861 Affected\nCVE-2021-27862 AffectedCVE-2021-27853 Affected\nCVE-2021-27854 Affected\nCVE-2021-27861 Affected\nCVE-2021-27862 Affected. IEEE of ieee 802.2 Products from multiple other vendors contain vulnerabilities related to authentication bypass through spoofing.Information may be tampered with",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-27853"
},
{
"db": "CERT/CC",
"id": "VU#855201"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020376"
},
{
"db": "VULMON",
"id": "CVE-2021-27853"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-27853",
"trust": 4.1
},
{
"db": "CERT/CC",
"id": "VU#855201",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020376",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.4805",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202209-2794",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-27853",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#855201"
},
{
"db": "VULMON",
"id": "CVE-2021-27853"
},
{
"db": "CNNVD",
"id": "CNNVD-202209-2794"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020376"
},
{
"db": "NVD",
"id": "CVE-2021-27853"
}
]
},
"id": "VAR-202209-1859",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 1.0
},
"last_update_date": "2025-11-18T15:12:14.158000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "draft-ietf-v6ops-ra-guard-08 Cisco Systems Cisco\u00a0Security\u00a0Advisory",
"trust": 0.8,
"url": "https://standards.ieee.org/ieee/802.1Q/10323/"
},
{
"title": "Multiple Cisco Product security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=209667"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202209-2794"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020376"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-290",
"trust": 1.0
},
{
"problemtype": "Avoid authentication by spoofing (CWE-290) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-020376"
},
{
"db": "NVD",
"id": "CVE-2021-27853"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://blog.champtar.fr/vlan0_llc_snap/"
},
{
"trust": 2.4,
"url": "https://kb.cert.org/vuls/id/855201"
},
{
"trust": 1.7,
"url": "https://standards.ieee.org/ieee/802.2/1048/"
},
{
"trust": 1.7,
"url": "https://datatracker.ietf.org/doc/draft-ietf-v6ops-ra-guard/08/"
},
{
"trust": 1.7,
"url": "https://standards.ieee.org/ieee/802.1q/10323/"
},
{
"trust": 1.7,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-vu855201-j3z8cktx"
},
{
"trust": 1.0,
"url": "https://www.kb.cert.org/vuls/id/855201"
},
{
"trust": 0.8,
"url": "https://jvn.jp/ta/jvnta96784241/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-27853"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2021-27853/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.4805"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/cisco-juniper-ingress-filtrering-bypass-via-layer-2-39380"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-27853"
},
{
"db": "CNNVD",
"id": "CNNVD-202209-2794"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020376"
},
{
"db": "NVD",
"id": "CVE-2021-27853"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#855201"
},
{
"db": "VULMON",
"id": "CVE-2021-27853"
},
{
"db": "CNNVD",
"id": "CNNVD-202209-2794"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-020376"
},
{
"db": "NVD",
"id": "CVE-2021-27853"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-09-27T00:00:00",
"db": "CERT/CC",
"id": "VU#855201"
},
{
"date": "2022-09-27T00:00:00",
"db": "VULMON",
"id": "CVE-2021-27853"
},
{
"date": "2022-09-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202209-2794"
},
{
"date": "2023-10-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-020376"
},
{
"date": "2022-09-27T18:15:09.527000",
"db": "NVD",
"id": "CVE-2021-27853"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-10-03T00:00:00",
"db": "CERT/CC",
"id": "VU#855201"
},
{
"date": "2022-09-27T00:00:00",
"db": "VULMON",
"id": "CVE-2021-27853"
},
{
"date": "2022-10-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202209-2794"
},
{
"date": "2023-10-20T06:17:00",
"db": "JVNDB",
"id": "JVNDB-2021-020376"
},
{
"date": "2025-11-04T20:15:59.233000",
"db": "NVD",
"id": "CVE-2021-27853"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202209-2794"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "L2 network security controls can be bypassed using VLAN 0 stacking and/or 802.3 headers",
"sources": [
{
"db": "CERT/CC",
"id": "VU#855201"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202209-2794"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…