← Back

CVE-2021-28504

nvd nist
Published: Apr 1, 2022Modified: Nov 21, 2024

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

On Arista Strata family products which have “TCAM profile” feature enabled when Port IPv4 access-list has a rule which matches on “vxlan” as protocol then that rule and subsequent rules ( rules declared after it in ACL ) do not match on IP protocol field as expected.

Affected (2)

Products: Arista: Eos
Arista
1 product
Eos
Configuration A
2 vulnerable · 17 platform
Vulnerable SoftwareAffected Versions
Arista
Eos
From 4.26 to 4.26.4m
Eos
From 4.27 to 4.27.1f
Running on/withPlatform Versions
Arista
Ccs 710p 12
All versions
Arista
Ccs 710p 16p
All versions
Arista
Ccs 720xp 24y6
All versions
Arista
Ccs 720xp 24zy4
All versions
Arista
Ccs 720xp 48y6
All versions
Arista
Ccs 720xp 48zc2
All versions
Arista
Ccs 720xp 96zc2
All versions
Arista
Ccs 722xpm 48y4
All versions
Arista
Ccs 722xpm 48zy8
All versions
Arista
Dcs 7010tx 48
All versions
Arista
Dcs 7050cx3 32s
All versions
Arista
Dcs 7050cx3m 32s
All versions
Arista
Dcs 7050sx3 48c8
All versions
Arista
Dcs 7050sx3 48yc12
All versions
Arista
Dcs 7050sx3 48yc8
All versions
Arista
Dcs 7050sx3 96yc8
All versions
Arista
Dcs 7050tx3 48c8
All versions

Related CWEs

CWE-284
Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
CWE-863
Incorrect Authorization
The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.

References (2)

Source: psirt@arista.com
MitigationVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
MitigationVendor Advisory

Timeline

No history available yet.