CVE-2021-27854

Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using combinations of VLAN 0 headers, LLC/SNAP headers, and converting frames from Ethernet to Wifi and its reverse.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.7 MEDIUM
ADJACENT_NETWORK
LOW
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
certccCNA
---
---
CVEADP
---
---
CISA-ADPADP
4.7 MEDIUM
ADJACENT_NETWORK
LOW
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 1%
VendorProductVersion
ieeeieee_802.2
𝑥
≤ 802.2h-1997
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://blog.champtar.fr/VLAN0_LLC_SNAP/
https://datatracker.ietf.org/doc/draft-ietf-v6ops-ra-guard/08/
https://kb.cert.org/vuls/id/855201
https://standards.ieee.org/ieee/802.1Q/10323/
https://standards.ieee.org/ieee/802.2/1048/
https://blog.champtar.fr/VLAN0_LLC_SNAP/
https://datatracker.ietf.org/doc/draft-ietf-v6ops-ra-guard/08/
https://kb.cert.org/vuls/id/855201
https://standards.ieee.org/ieee/802.1Q/10323/
https://standards.ieee.org/ieee/802.2/1048/