Severity
Medium
Analysis Summary
CVE-2022-20728 CVSS:4.7
Cisco Access Points could allow a remote attacker to bypass security restrictions, caused by a logic error on the AP. By obtaining access to the native VLAN and directing traffic directly to the client through their MAC/IP combination, an attacker could exploit this vulnerability to bypass VLAN separation and potentially also bypass any Layer 3 protection mechanisms.
CVE-2021-27854 CVSS:4.7
Multiple Cisco Products could allow a remote attacker to bypass security restrictions, caused by a flaw in the processing of stacked Ethernet tag headers. By sending a specially-crafted request using a combination of VLAN 0 headers, LLC/SNAP headers, and converting frames, an attacker could exploit this vulnerability to bypass layer 2 network filtering capabilities such as IPv6 RA guard.
Impact
Security Bypass
Indicators Of Compromise
CVE
- CVE-2022-20728
- CVE-2021-27854
Affected Vendors
Cisco
Affected Products
- Cisco Aironet 1800 Series Access Point
- Cisco Aironet 3800 Series Access Point
- Cisco Aironet 1560 Series Access Point
- Cisco Aironet 1540 Series Access Point
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.