Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveAristaCVE-2021-28510
HistoryJan 26, 2023 - 9:15 p.m.

CVE-2021-28510

2023-01-2621:15:22
CWE-1284
CWE-400
Arista
web.nvd.nist.gov
25
cve
2021
28510
eos
precision time protocol
ptp
management message
signaling message
tlv
nvd

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.4

Confidence

High

EPSS

0.001

Percentile

37.4%

JSON

For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling message with an invalid Type-Length-Value (TLV) causes the PTP agent to restart. Repeated restarts of the service will make the service unavailable.

Affected configurations

Nvd
Node
aristaeosRange<4.23.10
OR
aristaeosRange4.24.04.24.8
OR
aristaeosRange4.25.04.25.6
OR
aristaeosRange4.26.04.26.4
OR
aristaeosRange4.27.04.27.1
AND
arista7020rMatch-
OR
arista7050cx3-32sMatch-
OR
arista7050cx3m-32sMatch-
OR
arista7050qx-32sMatch-
OR
arista7050qx2-32sMatch-
OR
arista7050sx-128Match-
OR
arista7050sx-64Match-
OR
arista7050sx-72qMatch-
OR
arista7050sx2-128Match-
OR
arista7050sx2-72qMatch-
OR
arista7050sx3-48c8Match-
OR
arista7050sx3-48ycMatch-
OR
arista7050sx3-48yc12Match-
OR
arista7050sx3-48yc8Match-
OR
arista7050sx3-96yc8Match-
OR
arista7050tx-48Match-
OR
arista7050tx-64Match-
OR
arista7050tx-72qMatch-
OR
arista7050tx2-128Match-
OR
arista7050tx3-48c8Match-
OR
arista7060cx-32sMatch-
OR
arista7060cx2-32sMatch-
OR
arista7060dx4-32Match-
OR
arista7060px4-32Match-
OR
arista7060sx2-48yc6Match-
OR
arista7150s-24Match-
OR
arista7150s-52Match-
OR
arista7150s-64Match-
OR
arista7150sc-24Match-
OR
arista7150sc-64Match-
OR
arista7170-32cMatch-
OR
arista7170-32cdMatch-
OR
arista7170-64cMatch-
OR
arista720xp-24y6Match-
OR
arista720xp-24zy4Match-
OR
arista720xp-48y6Match-
OR
arista720xp-48zc2Match-
OR
arista720xp-96zc2Match-
OR
arista7250qx-64Match-
OR
arista7260cxMatch-
OR
arista7260cx3Match-
OR
arista7260cx3-64Match-
OR
arista7260qxMatch-
OR
arista7280eMatch-
OR
arista7280rMatch-
OR
arista7280r2Match-
OR
arista7280r3Match-
OR
arista7280sr3-48yc8Match-
OR
arista7280sr3k-48yc8Match-
OR
arista7300x-32qMatch-
OR
arista7300x-64sMatch-
OR
arista7300x-64tMatch-
OR
arista7300x3-32cMatch-
OR
arista7300x3-48yc4Match-
OR
arista7304x3Match-
OR
arista7308x3Match-
OR
arista7320x-32cMatch-
OR
arista7324xMatch-
OR
arista7328xMatch-
OR
arista7368x4Match-
OR
arista7500eMatch-
OR
arista7500rMatch-
OR
arista7500r2Match-
OR
arista7500r3Match-
OR
arista7500r3-24dMatch-
OR
arista7500r3-24pMatch-
OR
arista7500r3-36cqMatch-
OR
arista7500r3k-36cqMatch-
OR
arista7504r3Match-
OR
arista7508r3Match-
OR
arista7512r3Match-
OR
arista7800r3-36pMatch-
OR
arista7800r3-48cqMatch-
OR
arista7800r3k-48cqMatch-
OR
arista7804r3Match-
OR
arista7808r3Match-
VendorProductVersionCPE
aristaeos*cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*
arista7020r-cpe:2.3:h:arista:7020r:-:*:*:*:*:*:*:*
arista7050cx3-32s-cpe:2.3:h:arista:7050cx3-32s:-:*:*:*:*:*:*:*
arista7050cx3m-32s-cpe:2.3:h:arista:7050cx3m-32s:-:*:*:*:*:*:*:*
arista7050qx-32s-cpe:2.3:h:arista:7050qx-32s:-:*:*:*:*:*:*:*
arista7050qx2-32s-cpe:2.3:h:arista:7050qx2-32s:-:*:*:*:*:*:*:*
arista7050sx-128-cpe:2.3:h:arista:7050sx-128:-:*:*:*:*:*:*:*
arista7050sx-64-cpe:2.3:h:arista:7050sx-64:-:*:*:*:*:*:*:*
arista7050sx-72q-cpe:2.3:h:arista:7050sx-72q:-:*:*:*:*:*:*:*
arista7050sx2-128-cpe:2.3:h:arista:7050sx2-128:-:*:*:*:*:*:*:*
Rows per page:
1-10 of 771

CNA Affected

[
  {
    "vendor": "Arista Networks",
    "product": "EOS",
    "versions": [
      {
        "version": "4.22",
        "status": "affected"
      },
      {
        "version": "4.27.1",
        "status": "affected",
        "lessThanOrEqual": "4.27.0",
        "versionType": "custom"
      },
      {
        "version": "4.26.4",
        "status": "affected",
        "lessThanOrEqual": "4.26.0",
        "versionType": "custom"
      },
      {
        "version": "4.25.6",
        "status": "affected",
        "lessThanOrEqual": "4.25.0",
        "versionType": "custom"
      },
      {
        "version": "4.24.8",
        "status": "affected",
        "lessThanOrEqual": "4.24.0",
        "versionType": "custom"
      },
      {
        "version": "4.23.10",
        "status": "affected",
        "lessThanOrEqual": "4.23.0",
        "versionType": "custom"
      }
    ]
  }
]

Related

arista 1
cvelist 1
prion 1
nvd 1
arista
arista
Security Advisory 0076
2022-04-26 00:00:00
cvelist
cvelist
CVE-2021-28510 For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling message with an invalid Type-Length-Value (TLV) causes the PTP agent to restart. Repeated restarts of the service will make the service unavailable.
2023-01-24 00:00:00
prion
prion
Code injection
2023-01-26 21:15:00
nvd
nvd
CVE-2021-28510
2023-01-26 21:15:22

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.4

Confidence

High

EPSS

0.001

Percentile

37.4%

JSON
Related for CVE-2021-28510
arista1cvelist1prion1nvd1