1. Home
  2. CVE Database
  3. CVE-2021-28505
HIGH · 7.5

CVE-2021-28505

On affected Arista EOS platforms, if a VXLAN match rule exists in an IPv4 access-list that is applied to the ingress of an L2 or an L3 port/SVI, the VXLAN rule and subsequent ACL rules in that access ...

Vulnerability Description

On affected Arista EOS platforms, if a VXLAN match rule exists in an IPv4 access-list that is applied to the ingress of an L2 or an L3 port/SVI, the VXLAN rule and subsequent ACL rules in that access list will ignore the specified IP protocol.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
HIGH
Availability
NONE

Affected Products

VendorProductVersions
AristaEos>= 4.26, < 4.26.4m
AristaCcs-710P-12-
AristaCcs-710P-16P-
AristaCcs-720Xp-24Y6-
AristaCcs-720Xp-24Zy4-
AristaCcs-720Xp-48Y6-
AristaCcs-720Xp-48Zc2-
AristaCcs-720Xp-96Zc2-
AristaCcs-722Xpm-48Y4-
AristaCcs-722Xpm-48Zy8-
AristaDcs-7010Tx-48-
AristaDcs-7050Cx3-32S-
AristaDcs-7050Cx3M-32S-
AristaDcs-7050Sx3-48C8-
AristaDcs-7050Sx3-48Yc12-
AristaDcs-7050Sx3-48Yc8-
AristaDcs-7050Sx3-96Yc8-
AristaDcs-7050Tx3-48C8-

Related Weaknesses (CWE)

CWE-284CWE-863

References

FAQ

What is CVE-2021-28505?

CVE-2021-28505 is a vulnerability with a CVSS score of 7.5 (HIGH). On affected Arista EOS platforms, if a VXLAN match rule exists in an IPv4 access-list that is applied to the ingress of an L2 or an L3 port/SVI, the VXLAN rule and subsequent ACL rules in that access ...

How severe is CVE-2021-28505?

CVE-2021-28505 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-28505?

Check the references section above for vendor advisories and patch information. Affected products include: Arista Eos, Arista Ccs-710P-12, Arista Ccs-710P-16P, Arista Ccs-720Xp-24Y6, Arista Ccs-720Xp-24Zy4.