Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-27854

Summary
Assigner-certcc
Assigner Org ID-37e5125f-f79b-445b-8fad-9564f167944b
Published At-27 Sep, 2022 | 18:40
Updated At-21 May, 2025 | 15:06
Rejected At-
Credits

L2 network filtering bypass using stacked VLAN0, LLC/SNAP headers, and Ethernet to Wifi frame translation

Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using combinations of VLAN 0 headers, LLC/SNAP headers, and converting frames from Ethernet to Wifi and its reverse.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:certcc
Assigner Org ID:37e5125f-f79b-445b-8fad-9564f167944b
Published At:27 Sep, 2022 | 18:40
Updated At:21 May, 2025 | 15:06
Rejected At:
▼CVE Numbering Authority (CNA)
L2 network filtering bypass using stacked VLAN0, LLC/SNAP headers, and Ethernet to Wifi frame translation

Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using combinations of VLAN 0 headers, LLC/SNAP headers, and converting frames from Ethernet to Wifi and its reverse.

Affected Products
Vendor
The IETF Administration LLC (IETF LLC)IETF
Product
P802.1Q
Versions
Affected
  • From D1.0 through D1.0 (custom)
Vendor
The IETF Administration LLC (IETF LLC)IETF
Product
draft-ietf-v6ops-ra-guard
Versions
Affected
  • From 08 through 08 (custom)
Vendor
IEEE
Product
802.2
Versions
Affected
  • From 802.2h-1997 through 802.2h-1997 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-290CWE-290: Authentication Bypass by Spoofing
Type: CWE
CWE ID: CWE-290
Description: CWE-290: Authentication Bypass by Spoofing
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Etienne Champetier (@champtar) <champetier.etienne@gmail.com>
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://datatracker.ietf.org/doc/draft-ietf-v6ops-ra-guard/08/
N/A
https://standards.ieee.org/ieee/802.2/1048/
N/A
https://standards.ieee.org/ieee/802.1Q/10323/
N/A
https://kb.cert.org/vuls/id/855201
N/A
https://blog.champtar.fr/VLAN0_LLC_SNAP/
N/A
Hyperlink: https://datatracker.ietf.org/doc/draft-ietf-v6ops-ra-guard/08/
Resource: N/A
Hyperlink: https://standards.ieee.org/ieee/802.2/1048/
Resource: N/A
Hyperlink: https://standards.ieee.org/ieee/802.1Q/10323/
Resource: N/A
Hyperlink: https://kb.cert.org/vuls/id/855201
Resource: N/A
Hyperlink: https://blog.champtar.fr/VLAN0_LLC_SNAP/
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://datatracker.ietf.org/doc/draft-ietf-v6ops-ra-guard/08/
x_transferred
https://standards.ieee.org/ieee/802.2/1048/
x_transferred
https://standards.ieee.org/ieee/802.1Q/10323/
x_transferred
https://kb.cert.org/vuls/id/855201
x_transferred
https://blog.champtar.fr/VLAN0_LLC_SNAP/
x_transferred
Hyperlink: https://datatracker.ietf.org/doc/draft-ietf-v6ops-ra-guard/08/
Resource:
x_transferred
Hyperlink: https://standards.ieee.org/ieee/802.2/1048/
Resource:
x_transferred
Hyperlink: https://standards.ieee.org/ieee/802.1Q/10323/
Resource:
x_transferred
Hyperlink: https://kb.cert.org/vuls/id/855201
Resource:
x_transferred
Hyperlink: https://blog.champtar.fr/VLAN0_LLC_SNAP/
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
3.14.7MEDIUM
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
Version: 3.1
Base score: 4.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cret@cert.org
Published At:27 Sep, 2022 | 19:15
Updated At:21 May, 2025 | 15:15

Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using combinations of VLAN 0 headers, LLC/SNAP headers, and converting frames from Ethernet to Wifi and its reverse.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.14.7MEDIUM
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
Secondary3.14.7MEDIUM
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
Type: Primary
Version: 3.1
Base score: 4.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
Type: Secondary
Version: 3.1
Base score: 4.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
CPE Matches
ieee
ieee
>>ieee_802.2>>Versions up to 802.2h-1997(inclusive)
cpe:2.3:a:ieee:ieee_802.2:*:*:*:*:*:*:*:*
The IETF Administration LLC (IETF LLC)
ietf
>>p802.1q>>Versions up to d1.0(inclusive)
cpe:2.3:a:ietf:p802.1q:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-290Secondarycret@cert.org
CWE-290Primarynvd@nist.gov
CWE ID: CWE-290
Type: Secondary
Source: cret@cert.org
CWE ID: CWE-290
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://blog.champtar.fr/VLAN0_LLC_SNAP/cret@cert.org
N/A
https://datatracker.ietf.org/doc/draft-ietf-v6ops-ra-guard/08/cret@cert.org
Vendor Advisory
https://kb.cert.org/vuls/id/855201cret@cert.org
N/A
https://standards.ieee.org/ieee/802.1Q/10323/cret@cert.org
Vendor Advisory
https://standards.ieee.org/ieee/802.2/1048/cret@cert.org
Vendor Advisory
https://blog.champtar.fr/VLAN0_LLC_SNAP/af854a3a-2127-422b-91ae-364da2661108
N/A
https://datatracker.ietf.org/doc/draft-ietf-v6ops-ra-guard/08/af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
https://kb.cert.org/vuls/id/855201af854a3a-2127-422b-91ae-364da2661108
N/A
https://standards.ieee.org/ieee/802.1Q/10323/af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
https://standards.ieee.org/ieee/802.2/1048/af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Hyperlink: https://blog.champtar.fr/VLAN0_LLC_SNAP/
Source: cret@cert.org
Resource: N/A
Hyperlink: https://datatracker.ietf.org/doc/draft-ietf-v6ops-ra-guard/08/
Source: cret@cert.org
Resource:
Vendor Advisory
Hyperlink: https://kb.cert.org/vuls/id/855201
Source: cret@cert.org
Resource: N/A
Hyperlink: https://standards.ieee.org/ieee/802.1Q/10323/
Source: cret@cert.org
Resource:
Vendor Advisory
Hyperlink: https://standards.ieee.org/ieee/802.2/1048/
Source: cret@cert.org
Resource:
Vendor Advisory
Hyperlink: https://blog.champtar.fr/VLAN0_LLC_SNAP/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://datatracker.ietf.org/doc/draft-ietf-v6ops-ra-guard/08/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: https://kb.cert.org/vuls/id/855201
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://standards.ieee.org/ieee/802.1Q/10323/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: https://standards.ieee.org/ieee/802.2/1048/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

5Records found
CVE-2021-27861
Matching Score-10
Assigner-CERT/CC
ShareView Details
Matching Score-10
Assigner-CERT/CC
CVSS Score-4.7||MEDIUM
EPSS-0.01% / 0.47%
||
7 Day CHG~0.00%
Published-27 Sep, 2022 | 18:40
Updated-21 May, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
L2 network filtering bypass using stacked VLAN0 and LLC/SNAP headers with invalid lengths

Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length (and optionally VLAN0 headers)

Action-Not Available
Vendor-ieeeIEEEThe IETF Administration LLC (IETF LLC)
Product-ieee_802.2p802.1q802.2draft-ietf-v6ops-ra-guardP802.1Q
CWE ID-CWE-130
Improper Handling of Length Parameter Inconsistency
CWE ID-CWE-290
Authentication Bypass by Spoofing
CVE-2021-27853
Matching Score-10
Assigner-CERT/CC
ShareView Details
Matching Score-10
Assigner-CERT/CC
CVSS Score-4.7||MEDIUM
EPSS-0.03% / 8.18%
||
7 Day CHG~0.00%
Published-27 Sep, 2022 | 17:55
Updated-21 May, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
L2 network filtering can be bypassed using stacked VLAN0 and LLC/SNAP headers

Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers.

Action-Not Available
Vendor-ieeeIEEEThe IETF Administration LLC (IETF LLC)Cisco Systems, Inc.
Product-catalyst_3650-48pd-ln9k-x9788tc-fxcatalyst_3650-48fqm-snexus_92300ycn9k-c93600cd-gx_firmwarecatalyst_3850-24xu-en9k-x9788tc-fx_firmwarecatalyst_3650-24ps-lsg500-52nexus_9536pq_firmwaresf500-48mp_firmwarenexus_9364c-gxn9k-x9636c-r_firmwaresg500x-24mppcatalyst_3650-12x48uz-ssg500-28nexus_9516catalyst_6509-v-enexus_x9636q-rsg500-28mppnexus_92300yc_firmwaren9k-x9432c-snexus_93360yc-fx2_firmwarecatalyst_3850-24p-lp802.1qcatalyst_3650-48fq-scatalyst_3650-24pd-ln9k-c9316d-gxcatalyst_9400catalyst_6800ia_firmwarecatalyst_3650-48fs-lcatalyst_3650-24pdm-ecatalyst_3850-16xs-ecatalyst_3850-48u-snexus_93240yc-fx2sf-500-24mp_firmwarecatalyst_3650-8x24uq-sn9k-x9464tx2_firmwarecatalyst_6506-enexus_9636pqnexus_9336c-fx2-e_firmwarecatalyst_3650-48fd-scatalyst_3650-12x48uq-enexus_9716d-gxcatalyst_c3850-12x48u-scatalyst_3650-24ts-ecatalyst_c6816-x-len9k-x9736c-fxnexus_9336c-fx2-ecatalyst_3650-48fs-ecatalyst_6800iacatalyst_3650-48ts-snexus_93180yc-fxcatalyst_3850-12xs-ecatalyst_3650-24td-lcatalyst_3650-12x48ur-ssf500-24_firmwaremeraki_ms390_firmwarecatalyst_9600catalyst_3650-12x48fd-scatalyst_3850-24p-en9k-c9332d-gx2b_firmwarenexus_9364c_firmwarenexus_9348gc-fxpcatalyst_3650-24ps-emeraki_ms250catalyst_6503-e_firmwarecatalyst_6503-ecatalyst_3650-48ts-lcatalyst_6880-xmeraki_ms410_firmwarecatalyst_3650-48fqm-lnexus_9516_firmwaren9k-x9464tx2meraki_ms355_firmwarecatalyst_3650-24ps-snexus_9236c_firmwarenexus_93180yc-ex_firmwaresg500x-48mpp_firmwarenexus_92304qc_firmwaremeraki_ms210catalyst_3850-48t-eieee_802.2n9k-x97160yc-ex_firmwarecatalyst_3850-48f-lsg500x-24p_firmwarecatalyst_3850-24xs-ecatalyst_3650-24pd-scatalyst_3850-32xs-sn9k-x9564px_firmwarecatalyst_9300lmsg500-52p_firmwarecatalyst_3650-48fd-lcatalyst_c6824-x-le-40g_firmwaremeraki_ms450catalyst_3850-24pw-scatalyst_6509-neb-anexus_9716d-gx_firmwarecatalyst_3650-24ts-lnexus_9432pq_firmwarecatalyst_3650-24pdm-snexus_93180yc-fx3_firmwarenexus_93108tc-fx3p_firmwarecatalyst_6807-xl_firmwaren9k-x9564pxsg500x-24pnexus_93108tc-fxcatalyst_3650-8x24pd-lmeraki_ms410catalyst_9200cxnexus_93216tc-fx2_firmwaren9k-x97160yc-exnexus_93180yc-fx_firmwaresg500-52mpnexus_93108tc-fx_firmwarecatalyst_9500hcatalyst_6506-e_firmwarecatalyst_3850-48t-ssf500-18p_firmwaresg500-52mp_firmwarecatalyst_6513-ecatalyst_3850-48xs-f-en9k-x9736c-excatalyst_3850-12xs-snexus_9332cmeraki_ms350_firmwarecatalyst_3650-12x48uz-enexus_9236ccatalyst_6880-x_firmwarecatalyst_3650-48fd-esf500-48catalyst_3650-24td-ecatalyst_9600xnexus_93120tx_firmwarecatalyst_6807-xlcatalyst_6840-xnexus_9736pqn9k-c9364d-gx2acatalyst_3850-24t-esg500x-48p_firmwaren9k-c9332d-gx2bsg500x-48mppcatalyst_3650-24pdm-lsg500x-24mpp_firmwarenexus_9736pq_firmwarecatalyst_3650-48tq-esg500-28psf500-48mpsg500x-24meraki_ms250_firmwaren9k-x9736c-ex_firmwarecatalyst_6509-e_firmwarecatalyst_3650-12x48fd-lcatalyst_3850-48pw-snexus_93120txcatalyst_6509-ecatalyst_c6824-x-le-40gcatalyst_3650-48fs-scatalyst_3650-48ts-ecatalyst_3850-48p-ecatalyst_3650-48fq-ecatalyst_3650-48tq-scatalyst_6504-e_firmwarecatalyst_c6832-x-le_firmwarenexus_93180yc-fx3nexus_9800_firmwarecatalyst_3850-24xs-smeraki_ms225_firmwarecatalyst_3650-8x24pd-ssf500-18pcatalyst_6509-neb-a_firmwaresg500-52pmeraki_ms350meraki_ms420catalyst_3850-48f-ecatalyst_3850-48xs-f-scatalyst_3650-12x48fd-ecatalyst_6504-ecatalyst_3650-48td-lnexus_9432pqsf500-48_firmwarecatalyst_3650-12x48ur-lcatalyst_3850-48xs-ecatalyst_3850-48u-esg500x-24_firmwarecatalyst_3650-48ps-enexus_93180yc-excatalyst_3650-48td-scatalyst_3850-24t-lcatalyst_6509-v-e_firmwarenexus_93216tc-fx2sf-500-24mpcatalyst_3650-12x48uq-lcatalyst_9300lcatalyst_3850-48p-ln9k-c9348d-gx2a_firmwarenexus_9272q_firmwarecatalyst_3850-24xu-smeraki_ms450_firmwarecatalyst_3850-24s-en9k-x9432c-s_firmwarenexus_93240yc-fx2_firmwarecatalyst_3850-24t-snexus_9364c-gx_firmwarecatalyst_3650-48fq-lnexus_92348gc-x_firmwaren9k-x9736c-fx_firmwaren9k-c9316d-gx_firmwarecatalyst_3650-12x48uz-lcatalyst_3650-48td-eios_xecatalyst_3650-48pd-scatalyst_3850-12s-smeraki_ms225nexus_92160yc-xcatalyst_3650-8x24uq-ecatalyst_9200sg500-52_firmwarecatalyst_9200ln9k-x9636c-rnexus_9336c-fx2catalyst_3850-48xs-scatalyst_3850-24u-ecatalyst_9500catalyst_c6840-x-le-40gnexus_x9636q-r_firmwaresf500-24p_firmwaresg500-28_firmwarenexus_9800nexus_9636pq_firmwarecatalyst_c6832-x-len9k-x9732c-fxnexus_9504_firmwarecatalyst_9300nexus_9332c_firmwarecatalyst_3850-48p-scatalyst_c6840-x-le-40g_firmwaren9k-x9564tx_firmwarecatalyst_3650-12x48uq-sn9k-x9732c-excatalyst_3650-8x24pd-enexus_93360yc-fx2catalyst_3850-32xs-enexus_92348gc-xnexus_9272qn9k-c9364d-gx2a_firmwaremeraki_ms390catalyst_3850-24xu-lcatalyst_3650-48tq-ln9k-x9564txsg500x-48_firmwarecatalyst_9300xn9k-x9464pxnexus_9508_firmwaren9k-x9732c-fx_firmwarenexus_93108tc-exn9k-x9636c-rxn9k-c9348d-gx2anexus_9536pqmeraki_ms210_firmwaremeraki_ms425_firmwarecatalyst_3650-48pq-ln9k-c93600cd-gxnexus_9504catalyst_3650-48fqm-emeraki_ms355meraki_ms420_firmwarecatalyst_3650-24ts-sn9k-x9464px_firmwarecatalyst_3850-48f-scatalyst_3850-24u-lcatalyst_3650-48pq-scatalyst_3650-48pd-esg500-28mpp_firmwaresf500-24catalyst_c6816-x-le_firmwarecatalyst_3850-48u-lnexus_93108tc-fx3pcatalyst_3650-48pq-ecatalyst_6840-x_firmwarecatalyst_3850-24u-snexus_9364csf500-24pmeraki_ms425catalyst_3650-12x48ur-enexus_93108tc-ex_firmwarecatalyst_3650-48ps-scatalyst_c3850-12x48u-ecatalyst_3850-48t-lnexus_9336c-fx2_firmwarecatalyst_3850-16xs-snexus_9348gc-fxp_firmwaresg500-28p_firmwarecatalyst_3650-8x24uq-lsg500x-48pcatalyst_3650-24pd-enexus_92160yc-x_firmwaren9k-x9732c-ex_firmwaren9k-x9636c-rx_firmwarecatalyst_3850-12s-ecatalyst_3650-48ps-lsg500x-48catalyst_6513-e_firmwarenexus_92304qcnexus_9508catalyst_c3850-12x48u-lcatalyst_3850-24s-scatalyst_3650-24td-s802.2draft-ietf-v6ops-ra-guardP802.1Q
CWE ID-CWE-290
Authentication Bypass by Spoofing
CVE-2021-27862
Matching Score-10
Assigner-CERT/CC
ShareView Details
Matching Score-10
Assigner-CERT/CC
CVSS Score-4.7||MEDIUM
EPSS-0.02% / 3.72%
||
7 Day CHG~0.00%
Published-27 Sep, 2022 | 18:40
Updated-21 May, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
L2 network filtering bypass using stacked VLAN0 and LLC/SNAP headers with an invalid length during Ethernet to Wifi frame translation

Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length and Ethernet to Wifi frame conversion (and optionally VLAN0 headers).

Action-Not Available
Vendor-ieeeIEEEThe IETF Administration LLC (IETF LLC)
Product-ieee_802.2p802.1qdraft-ietf-v6ops-ra-guard-08802.2
CWE ID-CWE-130
Improper Handling of Length Parameter Inconsistency
CWE ID-CWE-290
Authentication Bypass by Spoofing
CVE-2022-47522
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-14.29% / 94.14%
||
7 Day CHG~0.00%
Published-15 Apr, 2023 | 00:00
Updated-06 Feb, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The IEEE 802.11 specifications through 802.11ax allow physically proximate attackers to intercept (possibly cleartext) target-destined frames by spoofing a target's MAC address, sending Power Save frames to the access point, and then sending other frames to the access point (such as authentication frames or re-association frames) to remove the target's original security context. This behavior occurs because the specifications do not require an access point to purge its transmit queue before removing a client's pairwise encryption key.

Action-Not Available
Vendor-ieeen/aSonicWall Inc.
Product-sonicwave_681tz270tz600ptz570_firmwaresonicwave_231ctz500tz570w_firmwaretz350tz600p_firmwaresonicwave_432otz300tz570p_firmwaretz500wtz300pieee_802.11tz470tz400w_firmwaretz300p_firmwaretz300_firmwaresoho_250sonicwave_224wtz370wsonicwave_621tz670_firmwaretz500w_firmwaretz270_firmwaretz470w_firmwaretz300w_firmwaretz270w_firmwaretz370_firmwaretz470wsonicwave_224w_firmwaresoho_250_firmwaretz570wtz350_firmwaresoho_250wsonicwave_681_firmwaretz570tz400_firmwaresonicwave_432o_firmwaretz370w_firmwaretz600tz350w_firmwaretz300wtz570ptz600_firmwaretz670tz400wtz350wsonicwave_641soho_250w_firmwaresonicwave_641_firmwaretz470_firmwaretz270wtz500_firmwaresonicwave_231c_firmwaretz370sonicwave_621_firmwaretz400n/a
CWE ID-CWE-290
Authentication Bypass by Spoofing
CVE-2020-10136
Matching Score-6
Assigner-CERT/CC
ShareView Details
Matching Score-6
Assigner-CERT/CC
CVSS Score-5.3||MEDIUM
EPSS-19.96% / 95.25%
||
7 Day CHG~0.00%
Published-02 Jun, 2020 | 08:35
Updated-17 Sep, 2024 | 00:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IP-in-IP protocol allows a remote, unauthenticated attacker to route arbitrary network traffic

IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing.

Action-Not Available
Vendor-treckdigiCisco Systems, Inc.HP Inc.The IETF Administration LLC (IETF LLC)
Product-nexus_93180lc-exnexus_56128pnexus_3132qnexus_9332pqnexus_93108tc-exucs_6332-16upnexus_3016x3220nr_firmwarenx-osnexus_9372pxnexus_9508nexus_5696qnexus_93120txnexus_92304qcnexus_93128txnexus_9336pq_aci_spineucs_6248upnexus_6004nexus_1000venexus_9504nexus_3048nexus_6001nexus_9372tx-enexus_93108tc-fxnexus_93360yc-fx2sarosucs_6324nexus_9396txnexus_9332cnexus_9364cnexus_7000nexus_92348gc-xnexus_5020nexus_3064nexus_9336c-fx2unified_computing_systemucs_6332nexus_5548pnexus_5548upnexus_5648qnexus_9348gc-fxpnexus_3172nexus_9272qnexus_9396pxucs_6296upnexus_5010nexus_93216tc-fx2nexus_1000vnexus_5672upnexus_5596tnexus_93240yc-fx2nexus_93180yc-fxnexus_9372txnexus_5624qnexus_3064-tucs_managernexus_93180yc-exnexus_9372px-enexus_9236cnexus_9516nexus_5596upnexus_7700tcp\/ipRFC2003 - IP Encapsulation within IP
CWE ID-CWE-290
Authentication Bypass by Spoofing
Details not found