7.5
CWE
863 284
Advisory Published
Updated

CVE-2021-28504: On Arista Strata family products which have “TCAM profile” feature enabled when Port IPv4 access-list has a rule which matches on “vxlan” as protocol then that rule and subsequent rules ( rules declared after it in ACL ) do not match on IP protocol fi ...

First published: Fri Apr 01 2022(Updated: )

On Arista Strata family products which have “TCAM profile” feature enabled when Port IPv4 access-list has a rule which matches on “vxlan” as protocol then that rule and subsequent rules ( rules declared after it in ACL ) do not match on IP protocol field as expected.

Credit: psirt@arista.com

Affected SoftwareAffected VersionHow to fix
Arista EOS>=4.26<4.26.4m
Arista EOS>=4.27<4.27.1f
Arista Ccs-710p-12
Arista Ccs-710p-16p
Arista Ccs-720xp-24y6
Arista Ccs-720xp-24zy4
Arista Ccs-720xp-48y6
Arista Ccs-720xp-48zc2
Arista Ccs-720xp-96zc2
Arista Ccs-722xpm-48y4
Arista Ccs-722xpm-48zy8
Arista Dcs-7010tx-48
Arista Dcs-7050cx3-32s
Arista Dcs-7050cx3m-32s
Arista Dcs-7050sx3-48c8
Arista Dcs-7050sx3-48yc12
Arista Dcs-7050sx3-48yc8
Arista Dcs-7050sx3-96yc8
Arista Dcs-7050tx3-48c8

Remedy

The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Artista recommends customers move to the latest version of each release that contains all the fixes listed below. CVE-2021-28504 has been fixed in the following releases: 4.26.4F and later releases in the 4.26.x train 4.27.1M and later releases in the 4.27.x train

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is the vulnerability ID for this Arista Strata family products vulnerability?

    The vulnerability ID for this Arista Strata family products vulnerability is CVE-2021-28504.

  • How does the vulnerability impact Arista Strata family products?

    The vulnerability impacts Arista Strata family products with the "TCAM profile" feature enabled.

  • Which version of Arista EOS is affected by this vulnerability?

    The vulnerability affects Arista EOS versions 4.26 to 4.26.4m and 4.27 to 4.27.1f.

  • What is the severity of CVE-2021-28504?

    The severity of CVE-2021-28504 is high, with a severity value of 7.5.

  • How can I fix this vulnerability?

    To fix this vulnerability, update your Arista EOS software to a version that is not vulnerable.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203