Vulnerabilities > Ietf > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-09-27 CVE-2021-27854 Authentication Bypass by Spoofing vulnerability in multiple products
Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using combinations of VLAN 0 headers, LLC/SNAP headers, and converting frames from Ethernet to Wifi and its reverse.
low complexity
ieee ietf CWE-290
4.7
2022-09-27 CVE-2021-27861 Authentication Bypass by Spoofing vulnerability in multiple products
Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length (and optionally VLAN0 headers)
low complexity
ieee ietf CWE-290
4.7
2022-09-27 CVE-2021-27862 Authentication Bypass by Spoofing vulnerability in multiple products
Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length and Ethernet to Wifi frame conversion (and optionally VLAN0 headers).
low complexity
ieee ietf CWE-290
4.7
2022-09-27 CVE-2021-27853 Authentication Bypass by Spoofing vulnerability in multiple products
Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers.
low complexity
ieee ietf cisco CWE-290
4.7
2021-01-20 CVE-2020-20949 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in STM32 cryptographic firmware library software expansion for STM32Cube (UM1924).
network
high complexity
st ietf CWE-327
5.9
2021-01-19 CVE-2020-20950 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in Microchip Libraries for Applications 2018-11-26 All up to 2018-11-26.
network
high complexity
ietf microchip CWE-327
5.9
2018-09-06 CVE-2018-5389 Weak Password Requirements vulnerability in Ietf Internet KEY Exchange 1.0
The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks.
network
high complexity
ietf CWE-521
5.9