CVE-2021-28511 This advisory documents the impact of an internally found vulnerability in Arista EOS for security ACL bypass. The impact of this vulnerability is that the security ACL drop rule might be bypassed if a NAT ACL rule filter with permit action matches t ...

🗓️ 05 Aug 2022 16:47:31Reported by AristaType

Impact of Arista EOS vulnerability in security ACL bypas

Reporter	Title	Published	Views	Family All 9
Arista	Security Advisory 0078	19 Jul 202200:00	–	arista
CNNVD	Arista Networks Arista EOS 安全漏洞	5 Aug 202200:00	–	cnnvd
CVE	CVE-2021-28511	5 Aug 202216:47	–	cve
EUVD	EUVD-2021-15187	7 Oct 202500:30	–	euvd
NVD	CVE-2021-28511	5 Aug 202217:15	–	nvd
OSV	CVE-2021-28511	5 Aug 202217:15	–	osv
Prion	Design/Logic Flaw	5 Aug 202217:15	–	prion
Positive Technologies	PT-2022-9903 · Arista · Arista Eos	19 Jul 202200:00	–	ptsecurity
Vulnrichment	CVE-2021-28511 This advisory documents the impact of an internally found vulnerability in Arista EOS for security ACL bypass. The impact of this vulnerability is that the security ACL drop rule might be bypassed if a NAT ACL rule filter with permit action matches t ...	5 Aug 202216:47	–	vulnrichment

[
  {
    "product": "EOS",
    "vendor": "Arista Networks",
    "versions": [
      {
        "lessThanOrEqual": "4.24.9",
        "status": "affected",
        "version": "4.24.0",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "4.25.8",
        "status": "affected",
        "version": "4.25.0",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "4.26.5",
        "status": "affected",
        "version": "4.26.0",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "4.27.3",
        "status": "affected",
        "version": "4.27.0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
arista	www.arista.com/en/support/advisories-notices/security-advisory/15862-security-advisory-0078

05 Aug 2022 16:47Current

6.7Medium risk

Vulners AI Score6.7

CVSS 3.15.8

EPSS0.00493

CWE-284