![]() ![]() While Juniper Networks considers the severity of these bugs to be under their “threshold for publication,” this week Cisco issued an advisory to share details on potentially impacted devices. Victim devices experience either a DoS (blackholing traffic) or MitM (observing the unencrypted traffic and maybe breaking encryption),” CERT/CC’s advisory reads.ĬERT/CC says that more than 200 vendors have been warned of these vulnerabilities, but that only two of them have confirmed impact, namely Cisco and Juniper Networks. “An attacker can bypass security controls and deceive a locally connected target host to route traffic to arbitrary destinations. The bugs allow for stacking of virtual local area network (VLAN) headers and 802.2 LLC/SNAP headers, enabling an attacker to bypass a device’s various filtering capabilities, including IPv6 RA Guard, Dynamic ARP inspection, and IPv6 Neighbor Discovery (ND) protection. Tracked as CVE-2021-27853, CVE-2021-27854, CVE-2021-27861 and CVE-2021-27862, each of these vulnerabilities represents a different type of bypass of Layer 2 network packet inspection functionality. ![]() Cisco this week has confirmed that tens of its enterprise routers and switches are impacted by bypass vulnerabilities in the Layer-2 (L2) network security controls.Īn attacker can bypass the controls provided by these enterprise devices by sending crafted packets that would trigger a denial-of-service (DoS) or allow them to perform a man-in-the-middle (MitM) attack.Ī total of four medium-severity security issues were found in the L2 network security controls, in the Ethernet encapsulation protocols, the CERT Coordination Center (CERT/CC) at the Carnegie Mellon University notes in an advisory. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |