L2 Network Security Control Bypass Flaws Impact Multiple Cisco Products


This week, Cisco disclosed that bypass vulnerabilities in the Layer-2 (L2) network security measures affect tens of its enterprise routers and switches.�By sending specially constructed packets that would cause a denial-of-service (DoS) or enable them to conduct a man-in-the-middle (MitM) attack, an attacker can get around the security measures offered by these enterprise devices.

The Ethernet encapsulation protocols’ L2 network security measures have a total of four medium-severity security flaws, according to an advisory from the CERT Coordination Center (CERT/CC) at Carnegie Mellon University. Read More…