Описание
On affected Arista EOS platforms, if a VXLAN match rule exists in an IPv4 access-list that is applied to the ingress of an L2 or an L3 port/SVI, the VXLAN rule and subsequent ACL rules in that access list will ignore the specified IP protocol.
Уязвимые конфигурации
Конфигурация 1Версия от 4.26 (включая) до 4.26.4m (исключая)Версия от 4.27 (включая) до 4.27.1f (исключая)
Одновременно
Одно из
cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*
cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*
Одно из
cpe:2.3:h:arista:ccs-710p-12:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:ccs-710p-16p:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:ccs-720xp-24y6:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:ccs-720xp-24zy4:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:ccs-720xp-48y6:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:ccs-720xp-48zc2:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:ccs-720xp-96zc2:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:ccs-722xpm-48y4:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:ccs-722xpm-48zy8:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:dcs-7010tx-48:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:dcs-7050cx3-32s:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:dcs-7050cx3m-32s:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:dcs-7050sx3-48c8:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:dcs-7050sx3-48yc12:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:dcs-7050sx3-48yc8:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:dcs-7050sx3-96yc8:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:dcs-7050tx3-48c8:-:*:*:*:*:*:*:*
EPSS
Процентиль: 42%
0.00203
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-284
CWE-863
Связанные уязвимости
CVSS3: 7.5
github
почти 4 года назад
On affected Arista EOS platforms, if a VXLAN match rule exists in an IPv4 access-list that is applied to the ingress of an L2 or an L3 port/SVI, the VXLAN rule and subsequent ACL rules in that access list will ignore the specified IP protocol.
EPSS
Процентиль: 42%
0.00203
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-284
CWE-863