CVE-2021-27862 - OpenCVE

Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length and Ethernet to Wifi frame conversion (and optionally VLAN0 headers).

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Ieee	Ieee 802.2
Ietf	P802.1q

Configuration 1 [-]

cpe:2.3:a:ieee:ieee_802.2:*:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:a:ietf:p802.1q:*:*:*:*:*:*:*:*

References

Link	Resource
https://blog.champtar.fr/VLAN0_LLC_SNAP/
https://datatracker.ietf.org/doc/draft-ietf-v6ops-ra-guard/08/	Vendor Advisory
https://kb.cert.org/vuls/id/855201
https://standards.ieee.org/ieee/802.2/1048/	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: certcc

Published: 2022-09-27T00:00:00

Updated: 2022-10-12T00:00:00

Reserved: 2021-03-01T00:00:00

Link: CVE-2021-27862

JSON object: View

NVD Information

Status : Modified

Published: 2022-09-27T19:15:09.403

Modified: 2022-10-12T13:15:10.630

Link: CVE-2021-27862

JSON object: View

Redhat Information

No data.

CWE

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ieee:ieee_802.2:*:*:*:*:*:*:*:*", "matchCriteriaId": "D5B0DDC2-21C5-4682-9AA2-055BF7C722DA", "versionEndIncluding": "802.2h-1997", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ietf:p802.1q:*:*:*:*:*:*:*:*", "matchCriteriaId": "94105D2E-950F-4290-8840-301FA908BC8C", "versionEndIncluding": "d1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length and Ethernet to Wifi frame conversion (and optionally VLAN0 headers)."}, {"lang": "es", "value": "Las capacidades de filtrado de red de capa 2, como la protecci\u00f3n RA de IPv6, pueden omitirse usando encabezados LLC/SNAP con una longitud no v\u00e1lida y la conversi\u00f3n de tramas de Ethernet a Wifi (y, opcionalmente, encabezados VLAN0)"}], "id": "CVE-2021-27862", "lastModified": "2022-10-12T13:15:10.630", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-09-27T19:15:09.403", "references": [{"source": "cret@cert.org", "url": "https://blog.champtar.fr/VLAN0_LLC_SNAP/"}, {"source": "cret@cert.org", "tags": ["Vendor Advisory"], "url": "https://datatracker.ietf.org/doc/draft-ietf-v6ops-ra-guard/08/"}, {"source": "cret@cert.org", "url": "https://kb.cert.org/vuls/id/855201"}, {"source": "cret@cert.org", "tags": ["Vendor Advisory"], "url": "https://standards.ieee.org/ieee/802.2/1048/"}], "sourceIdentifier": "cret@cert.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-290"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-130"}, {"lang": "en", "value": "CWE-290"}], "source": "cret@cert.org", "type": "Secondary"}]}