Eos@* Security Vulnerabilities and Issues — Eos@* CVE List

Lucene search

AristaEos*

9 matches found

CVE•added 2022/02/04 11:15 p.m.•160 views

CVE-2021-28503

The impact of this vulnerability is that Arista's EOS eAPI may skip re-evaluating user credentials when certificate based authentication is used, which allows remote attackers to access the device via eAPI.

9.8CVSS8.8AI score0.00445EPSS

CVE•added 2022/04/01 11:15 p.m.•88 views

CVE-2021-28504

On Arista Strata family products which have “TCAM profile” feature enabled when Port IPv4 access-list has a rule which matches on “vxlan” as protocol then that rule and subsequent rules ( rules declared after it in ACL ) do not match on IP protocol field as expected.

7.5CVSS7.5AI score0.00184EPSS

CVE•added 2022/04/14 9:15 p.m.•58 views

CVE-2021-28505

On affected Arista EOS platforms, if a VXLAN match rule exists in an IPv4 access-list that is applied to the ingress of an L2 or an L3 port/SVI, the VXLAN rule and subsequent ACL rules in that access list will ignore the specified IP protocol.

7.5CVSS7.5AI score0.00203EPSS

CVE•added 2022/08/05 5:15 p.m.•54 views

CVE-2021-28511

This advisory documents the impact of an internally found vulnerability in Arista EOS for security ACL bypass. The impact of this vulnerability is that the security ACL drop rule might be bypassed if a NAT ACL rule filter with permit action matches the packet flow. This could allow a host with an I...

6.5CVSS6.1AI score0.0006EPSS

CVE•added 2022/01/14 8:15 p.m.•47 views

CVE-2021-28500

An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local users with nopassword configuration.

9.1CVSS7.7AI score0.00312EPSS

CVE•added 2022/01/14 8:15 p.m.•46 views

CVE-2021-28506

An issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip authorization and authentication which could potentially allow a factory reset of the device.

9.4CVSS9.4AI score0.00279EPSS

CVE•added 2022/05/26 8:15 p.m.•44 views

CVE-2021-28508

This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak IPsec sensitive data in clear text in CVP to ot...

6.8CVSS6.2AI score0.0015EPSS

CVE•added 2022/05/26 8:15 p.m.•43 views

CVE-2021-28509

6.1CVSS6.2AI score0.00142EPSS

CVE•added 2022/01/14 8:15 p.m.•32 views

CVE-2021-28507

An issue has recently been discovered in Arista EOS where, under certain conditions, the service ACL configured for OpenConfig gNOI and OpenConfig RESTCONF might be bypassed, which results in the denied requests being forwarded to the agent.

7.1CVSS6.1AI score0.00141EPSS