7.5
CVE-2021-28505
- EPSS 0.2%
- Veröffentlicht 14.04.2022 21:15:08
- Zuletzt bearbeitet 21.11.2024 05:59:47
- Quelle psirt@arista.com
- Teams Watchlist Login
- Unerledigt Login
On affected Arista EOS platforms, if a VXLAN match rule exists in an IPv4 access-list that is applied to the ingress of an L2 or an L3 port/SVI, the VXLAN rule and subsequent ACL rules in that access list will ignore the specified IP protocol.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Arista ≫ Eos Version >= 4.26 < 4.26.4m
Arista ≫ Ccs-710p-12 Version-
Arista ≫ Ccs-710p-16p Version-
Arista ≫ Ccs-720xp-24y6 Version-
Arista ≫ Ccs-720xp-24zy4 Version-
Arista ≫ Ccs-720xp-48y6 Version-
Arista ≫ Ccs-720xp-48zc2 Version-
Arista ≫ Ccs-720xp-96zc2 Version-
Arista ≫ Ccs-722xpm-48y4 Version-
Arista ≫ Ccs-722xpm-48zy8 Version-
Arista ≫ Dcs-7010tx-48 Version-
Arista ≫ Dcs-7050cx3-32s Version-
Arista ≫ Dcs-7050cx3m-32s Version-
Arista ≫ Dcs-7050sx3-48c8 Version-
Arista ≫ Dcs-7050sx3-48yc12 Version-
Arista ≫ Dcs-7050sx3-48yc8 Version-
Arista ≫ Dcs-7050sx3-96yc8 Version-
Arista ≫ Dcs-7050tx3-48c8 Version-
Arista ≫ Ccs-710p-16p Version-
Arista ≫ Ccs-720xp-24y6 Version-
Arista ≫ Ccs-720xp-24zy4 Version-
Arista ≫ Ccs-720xp-48y6 Version-
Arista ≫ Ccs-720xp-48zc2 Version-
Arista ≫ Ccs-720xp-96zc2 Version-
Arista ≫ Ccs-722xpm-48y4 Version-
Arista ≫ Ccs-722xpm-48zy8 Version-
Arista ≫ Dcs-7010tx-48 Version-
Arista ≫ Dcs-7050cx3-32s Version-
Arista ≫ Dcs-7050cx3m-32s Version-
Arista ≫ Dcs-7050sx3-48c8 Version-
Arista ≫ Dcs-7050sx3-48yc12 Version-
Arista ≫ Dcs-7050sx3-48yc8 Version-
Arista ≫ Dcs-7050sx3-96yc8 Version-
Arista ≫ Dcs-7050tx3-48c8 Version-
Arista ≫ Eos Version >= 4.27 < 4.27.1f
Arista ≫ Ccs-710p-12 Version-
Arista ≫ Ccs-710p-16p Version-
Arista ≫ Ccs-720xp-24y6 Version-
Arista ≫ Ccs-720xp-24zy4 Version-
Arista ≫ Ccs-720xp-48y6 Version-
Arista ≫ Ccs-720xp-48zc2 Version-
Arista ≫ Ccs-720xp-96zc2 Version-
Arista ≫ Ccs-722xpm-48y4 Version-
Arista ≫ Ccs-722xpm-48zy8 Version-
Arista ≫ Dcs-7010tx-48 Version-
Arista ≫ Dcs-7050cx3-32s Version-
Arista ≫ Dcs-7050cx3m-32s Version-
Arista ≫ Dcs-7050sx3-48c8 Version-
Arista ≫ Dcs-7050sx3-48yc12 Version-
Arista ≫ Dcs-7050sx3-48yc8 Version-
Arista ≫ Dcs-7050sx3-96yc8 Version-
Arista ≫ Dcs-7050tx3-48c8 Version-
Arista ≫ Ccs-710p-16p Version-
Arista ≫ Ccs-720xp-24y6 Version-
Arista ≫ Ccs-720xp-24zy4 Version-
Arista ≫ Ccs-720xp-48y6 Version-
Arista ≫ Ccs-720xp-48zc2 Version-
Arista ≫ Ccs-720xp-96zc2 Version-
Arista ≫ Ccs-722xpm-48y4 Version-
Arista ≫ Ccs-722xpm-48zy8 Version-
Arista ≫ Dcs-7010tx-48 Version-
Arista ≫ Dcs-7050cx3-32s Version-
Arista ≫ Dcs-7050cx3m-32s Version-
Arista ≫ Dcs-7050sx3-48c8 Version-
Arista ≫ Dcs-7050sx3-48yc12 Version-
Arista ≫ Dcs-7050sx3-48yc8 Version-
Arista ≫ Dcs-7050sx3-96yc8 Version-
Arista ≫ Dcs-7050tx3-48c8 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.2% | 0.429 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:P/A:N
|
| psirt@arista.com | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
|
CWE-284 Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
CWE-863 Incorrect Authorization
The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.