exploitDog

CVE-2021-28510

Опубликовано: 26 янв. 2023

Источник: nvd

CVSS3: 5.3

CVSS3: 7.5

EPSS Низкий

Описание

For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling message with an invalid Type-Length-Value (TLV) causes the PTP agent to restart. Repeated restarts of the service will make the service unavailable.

Ссылки

https://www.arista.com/en/support/advisories-notices/security-advisory/15439-security-advisory-0076
Exploit
Mitigation
Vendor Advisory
https://www.arista.com/en/support/advisories-notices/security-advisory/15439-security-advisory-0076
Exploit
Mitigation
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*

Версия до 4.23.10 (исключая)

cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*

Версия от 4.24.0 (включая) до 4.24.8 (исключая)

cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*

Версия от 4.25.0 (включая) до 4.25.6 (исключая)

cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*

Версия от 4.26.0 (включая) до 4.26.4 (исключая)

cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*

Версия от 4.27.0 (включая) до 4.27.1 (исключая)

Одно из

cpe:2.3:h:arista:7020r:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7050cx3-32s:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7050cx3m-32s:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7050qx-32s:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7050qx2-32s:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7050sx-128:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7050sx-64:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7050sx-72q:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7050sx2-128:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7050sx2-72q:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7050sx3-48c8:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7050sx3-48yc:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7050sx3-48yc12:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7050sx3-48yc8:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7050sx3-96yc8:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7050tx-48:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7050tx-64:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7050tx-72q:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7050tx2-128:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7050tx3-48c8:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7060cx-32s:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7060cx2-32s:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7060dx4-32:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7060px4-32:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7060sx2-48yc6:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7150s-24:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7150s-52:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7150s-64:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7150sc-24:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7150sc-64:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7170-32c:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7170-32cd:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7170-64c:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:720xp-24y6:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:720xp-24zy4:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:720xp-48y6:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:720xp-48zc2:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:720xp-96zc2:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7250qx-64:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7260cx:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7260cx3:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7260cx3-64:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7260qx:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7280e:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7280r:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7280r2:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7280r3:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7280sr3-48yc8:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7280sr3k-48yc8:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7300x-32q:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7300x-64s:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7300x-64t:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7300x3-32c:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7300x3-48yc4:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7304x3:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7308x3:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7320x-32c:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7324x:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7328x:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7368x4:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7500e:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7500r:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7500r2:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7500r3:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7500r3-24d:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7500r3-24p:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7500r3-36cq:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7500r3k-36cq:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7504r3:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7508r3:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7512r3:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7800r3-36p:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7800r3-48cq:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7800r3k-48cq:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7804r3:-:*:*:*:*:*:*:*

cpe:2.3:h:arista:7808r3:-:*:*:*:*:*:*:*

EPSS

Процентиль: 68%

0.00566

Низкий

5.3 Medium

CVSS3

7.5 High

CVSS3

Дефекты

CWE-400

CWE-1284

Связанные уязвимости

GHSA-c5c5-rwc6-67m5

CVSS3: 7.5

github

около 3 лет назад

For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling message with an invalid Type-Length-Value (TLV) causes the PTP agent to restart. Repeated restarts of the service will make the service unavailable.

EPSS

Процентиль: 68%

0.00566

Низкий

5.3 Medium

CVSS3

7.5 High

CVSS3

Дефекты

CWE-400

CWE-1284