CVE-2021-28509 - Vulnerability Details

Vendors	Products
Arista	7050cx3-32s 7050cx3m-32s 7050sx3-48c8 7050sx3-48yc 7050sx3-48yc12 7050sx3-48yc8 7050sx3-96yc8 7050tx3-48c8 7280cr2ak-30 7280cr2k-60 7280cr3-32d4 7280cr3-32p4 7280cr3-96 7280cr3k-32d4 7280cr3k-32p4 7280cr3k-96 7280dr3-24 7280dr3k-24 7280pr3-24 7280pr3k-24 7280r2 7280r3 7280sr3-48yc8 7280sr3k-48yc8 7388x5 7500r2 7500r3 7500r3-24d 7500r3-24p 7500r3-36cq 7500r3k-36cq 7800r3-36p 7800r3-48cq 7800r3k-48cq Ccs-722xpm-48y4 Ccs-722xpm-48zy8 Dcs-7050cx3-32s Dcs-7050cx3-32s-r Dcs-7050cx3m-32s Dcs-7050sx3-48c8 Dcs-7050sx3-48yc12 Dcs-7050sx3-48yc8 Dcs-7050sx3-96yc8 Eos Terminattr

Link	Providers
https://www.arista.com/en/support/advisories-notices/security-advisories/15484-security-advisory-0077

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "Arista EOS", "vendor": "Arista Networks", "versions": [{"lessThanOrEqual": "4.23.11", "status": "affected", "version": "4.23", "versionType": "custom"}, {"lessThanOrEqual": "4.24.9", "status": "affected", "version": "4.24", "versionType": "custom"}, {"lessThanOrEqual": "4.25.7", "status": "affected", "version": "4.25", "versionType": "custom"}, {"lessThanOrEqual": "4.26.5", "status": "affected", "version": "4.26", "versionType": "custom"}, {"lessThanOrEqual": "4.27.3", "status": "affected", "version": "4.27", "versionType": "custom"}]}, {"product": "Arista TerminAttr", "vendor": "Arista Networks", "versions": [{"lessThanOrEqual": "v1.10.10", "status": "affected", "version": "v1.10", "versionType": "custom"}, {"lessThanOrEqual": "v1.16.7", "status": "affected", "version": "v1.16", "versionType": "custom"}, {"lessThanOrEqual": "v1.19.1", "status": "affected", "version": "v1.19", "versionType": "custom"}]}], "datePublic": "2022-05-25T00:00:00", "descriptions": [{"lang": "en", "value": "This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak MACsec sensitive data in clear text in CVP to other authorized users, which could cause MACsec traffic to be decrypted or modified by other authorized users on the device."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-255", "description": "CWE-255 Credentials Management", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-05-26T19:50:36", "orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7", "shortName": "Arista"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/15484-security-advisory-0077"}], "solutions": [{"lang": "en", "value": "The recommended resolution is to upgrade to a remediated software version at your earliest convenience.\n\nThe vulnerability is fixed in the following versions:\n\nEOS versions:\n   4.24.10 and later release in the 4.24.x train\n   4.25.8 and later releases in the 4.25.x train\n   4.26.6 and later releases in the 4.26.x train\n   4.27.4 and later releases in the 4.27.x train\nTerminAttr versions:\n   TerminAttr v1.10.11 and later releases in the v1.10.x train\n   TerminAttr v1.16.8 and later releases in the v1.16.x train\n   TerminAttr v1.19.2 and later releases"}], "source": {"advisory": "Security Advisory 0077", "defect": ["CVE-2021-28509"], "discovery": "INTERNAL"}, "title": "TerminAttr streams MACsec sensitive data in clear text to other authorized users in CVP", "workarounds": [{"lang": "en", "value": "On the affected versions, the vulnerabilities can be mitigated by disabling TerminAttr agent."}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@arista.com", "DATE_PUBLIC": "2022-05-25T16:10:00.000Z", "ID": "CVE-2021-28509", "STATE": "PUBLIC", "TITLE": "TerminAttr streams MACsec sensitive data in clear text to other authorized users in CVP"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Arista EOS", "version": {"version_data": [{"version_affected": "<=", "version_name": "4.23", "version_value": "4.23.11"}, {"version_affected": "<=", "version_name": "4.24", "version_value": "4.24.9"}, {"version_affected": "<=", "version_name": "4.25", "version_value": "4.25.7"}, {"version_affected": "<=", "version_name": "4.26", "version_value": "4.26.5"}, {"version_affected": "<=", "version_name": "4.27", "version_value": "4.27.3"}]}}, {"product_name": "Arista TerminAttr", "version": {"version_data": [{"version_affected": "<=", "version_name": "v1.10", "version_value": "v1.10.10"}, {"version_affected": "<=", "version_name": "v1.16", "version_value": "v1.16.7"}, {"version_affected": "<=", "version_name": "v1.19", "version_value": "v1.19.1"}]}}]}, "vendor_name": "Arista Networks"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak MACsec sensitive data in clear text in CVP to other authorized users, which could cause MACsec traffic to be decrypted or modified by other authorized users on the device."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-255 Credentials Management"}]}]}, "references": {"reference_data": [{"name": "https://www.arista.com/en/support/advisories-notices/security-advisories/15484-security-advisory-0077", "refsource": "MISC", "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/15484-security-advisory-0077"}]}, "solution": [{"lang": "en", "value": "The recommended resolution is to upgrade to a remediated software version at your earliest convenience.\n\nThe vulnerability is fixed in the following versions:\n\nEOS versions:\n   4.24.10 and later release in the 4.24.x train\n   4.25.8 and later releases in the 4.25.x train\n   4.26.6 and later releases in the 4.26.x train\n   4.27.4 and later releases in the 4.27.x train\nTerminAttr versions:\n   TerminAttr v1.10.11 and later releases in the v1.10.x train\n   TerminAttr v1.16.8 and later releases in the v1.16.x train\n   TerminAttr v1.19.2 and later releases"}], "source": {"advisory": "Security Advisory 0077", "defect": ["CVE-2021-28509"], "discovery": "INTERNAL"}, "work_around": [{"lang": "en", "value": "On the affected versions, the vulnerabilities can be mitigated by disabling TerminAttr agent."}]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T21:47:32.596Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/15484-security-advisory-0077"}]}]}, "cveMetadata": {"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7", "assignerShortName": "Arista", "cveId": "CVE-2021-28509", "datePublished": "2022-05-26T19:50:36.432905Z", "dateReserved": "2021-03-16T00:00:00", "dateUpdated": "2024-09-16T20:32:30.399Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : Arista EOS (string)

vendor : Arista Networks (string)

versions : [ »

0 : { »

lessThanOrEqual : 4.23.11 (string)

status : affected (string)

version : 4.23 (string)

versionType : custom (string)

}

1 : { »

lessThanOrEqual : 4.24.9 (string)

status : affected (string)

version : 4.24 (string)

versionType : custom (string)

}

2 : { »

lessThanOrEqual : 4.25.7 (string)

status : affected (string)

version : 4.25 (string)

versionType : custom (string)

}

3 : { »

lessThanOrEqual : 4.26.5 (string)

status : affected (string)

version : 4.26 (string)

versionType : custom (string)

}

4 : { »

lessThanOrEqual : 4.27.3 (string)

status : affected (string)

version : 4.27 (string)

versionType : custom (string)

}

]

}

1 : { »

product : Arista TerminAttr (string)

vendor : Arista Networks (string)

versions : [ »

0 : { »

lessThanOrEqual : v1.10.10 (string)

status : affected (string)

version : v1.10 (string)

versionType : custom (string)

}

1 : { »

lessThanOrEqual : v1.16.7 (string)

status : affected (string)

version : v1.16 (string)

versionType : custom (string)

}

2 : { »

lessThanOrEqual : v1.19.1 (string)

status : affected (string)

version : v1.19 (string)

versionType : custom (string)

}

]

}

]

datePublic : 2022-05-25T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak MACsec sensitive data in clear text in CVP to other authorized users, which could cause MACsec traffic to be decrypted or modified by other authorized users on the device. (string)

}

]

metrics : [ »

0 : { »

cvssV3_1 : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : NONE (string)

baseScore : 6.1 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

privilegesRequired : HIGH (string)

scope : UNCHANGED (string)

userInteraction : REQUIRED (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N (string)

version : 3.1 (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

cweId : CWE-255 (string)

description : CWE-255 Credentials Management (string)

lang : en (string)

type : CWE (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2022-05-26T19:50:36 (string)

orgId : c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7 (string)

shortName : Arista (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://www.arista.com/en/support/advisories-notices/security-advisories/15484-security-advisory-0077 (string)

}

]

solutions : [ »

0 : { »

lang : en (string)

value : The recommended resolution is to upgrade to a remediated software version at your earliest convenience. The vulnerability is fixed in the following versions: EOS versions: 4.24.10 and later release in the 4.24.x train 4.25.8 and later releases in the 4.25.x train 4.26.6 and later releases in the 4.26.x train 4.27.4 and later releases in the 4.27.x train TerminAttr versions: TerminAttr v1.10.11 and later releases in the v1.10.x train TerminAttr v1.16.8 and later releases in the v1.16.x train TerminAttr v1.19.2 and later releases (string)

}

]

source : { »

advisory : Security Advisory 0077 (string)

defect : [ »

0 : CVE-2021-28509 (string)

]

discovery : INTERNAL (string)

}

title : TerminAttr streams MACsec sensitive data in clear text to other authorized users in CVP (string)

workarounds : [ »

0 : { »

lang : en (string)

value : On the affected versions, the vulnerabilities can be mitigated by disabling TerminAttr agent. (string)

}

]

x_generator : { »

engine : Vulnogram 0.0.9 (string)

}

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : psirt@arista.com (string)

DATE_PUBLIC : 2022-05-25T16:10:00.000Z (string)

ID : CVE-2021-28509 (string)

STATE : PUBLIC (string)

TITLE : TerminAttr streams MACsec sensitive data in clear text to other authorized users in CVP (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : Arista EOS (string)

version : { »

version_data : [ »

0 : { »

version_affected : <= (string)

version_name : 4.23 (string)

version_value : 4.23.11 (string)

}

1 : { »

version_affected : <= (string)

version_name : 4.24 (string)

version_value : 4.24.9 (string)

}

2 : { »

version_affected : <= (string)

version_name : 4.25 (string)

version_value : 4.25.7 (string)

}

3 : { »

version_affected : <= (string)

version_name : 4.26 (string)

version_value : 4.26.5 (string)

}

4 : { »

version_affected : <= (string)

version_name : 4.27 (string)

version_value : 4.27.3 (string)

}

]

}

1 : { »

product_name : Arista TerminAttr (string)

version : { »

version_data : [ »

0 : { »

version_affected : <= (string)

version_name : v1.10 (string)

version_value : v1.10.10 (string)

}

1 : { »

version_affected : <= (string)

version_name : v1.16 (string)

version_value : v1.16.7 (string)

}

2 : { »

version_affected : <= (string)

version_name : v1.19 (string)

version_value : v1.19.1 (string)

}

]

}

]

}

vendor_name : Arista Networks (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak MACsec sensitive data in clear text in CVP to other authorized users, which could cause MACsec traffic to be decrypted or modified by other authorized users on the device. (string)

}

]

}

generator : { »

engine : Vulnogram 0.0.9 (string)

}

impact : { »

cvss : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : NONE (string)

baseScore : 6.1 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

privilegesRequired : HIGH (string)

scope : UNCHANGED (string)

userInteraction : REQUIRED (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N (string)

version : 3.1 (string)

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : CWE-255 Credentials Management (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : https://www.arista.com/en/support/advisories-notices/security-advisories/15484-security-advisory-0077 (string)

refsource : MISC (string)

url : https://www.arista.com/en/support/advisories-notices/security-advisories/15484-security-advisory-0077 (string)

}

]

}

solution : [ »

0 : { »

lang : en (string)

value : The recommended resolution is to upgrade to a remediated software version at your earliest convenience. The vulnerability is fixed in the following versions: EOS versions: 4.24.10 and later release in the 4.24.x train 4.25.8 and later releases in the 4.25.x train 4.26.6 and later releases in the 4.26.x train 4.27.4 and later releases in the 4.27.x train TerminAttr versions: TerminAttr v1.10.11 and later releases in the v1.10.x train TerminAttr v1.16.8 and later releases in the v1.16.x train TerminAttr v1.19.2 and later releases (string)

}

]

source : { »

advisory : Security Advisory 0077 (string)

defect : [ »

0 : CVE-2021-28509 (string)

]

discovery : INTERNAL (string)

}

work_around : [ »

0 : { »

lang : en (string)

value : On the affected versions, the vulnerabilities can be mitigated by disabling TerminAttr agent. (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-03T21:47:32.596Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://www.arista.com/en/support/advisories-notices/security-advisories/15484-security-advisory-0077 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7 (string)

assignerShortName : Arista (string)

cveId : CVE-2021-28509 (string)

datePublished : 2022-05-26T19:50:36.432905Z (string)

dateReserved : 2021-03-16T00:00:00 (string)

dateUpdated : 2024-09-16T20:32:30.399Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*", "matchCriteriaId": "D3871AE3-43FC-4004-ACBD-8460FB89DED5", "versionEndExcluding": "1.10.11", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*", "matchCriteriaId": "FC2E40AC-033C-4A35-AE27-6429B1DF27E7", "versionEndExcluding": "1.16.8", "versionStartIncluding": "1.11.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*", "matchCriteriaId": "A5302364-97A9-470A-A2CE-B12B51DAF845", "versionEndExcluding": "1.19.2", "versionStartIncluding": "1.17.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "matchCriteriaId": "16525FC4-B685-49F7-A4D1-6581E27A1FE2", "versionEndIncluding": "4.23.11", "versionStartIncluding": "4.23", "vulnerable": true}, {"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "matchCriteriaId": "BC54BB20-D62F-476D-8A15-8F4D3B8AF389", "versionEndExcluding": "4.24.10", "versionStartIncluding": "4.24", "vulnerable": true}, {"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "matchCriteriaId": "AD6AD50F-4318-4F22-A5F2-AC4A62156A51", "versionEndExcluding": "4.25.8", "versionStartIncluding": "4.25", "vulnerable": true}, {"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "matchCriteriaId": "69E76257-58E0-49F3-BE6E-063F6B061243", "versionEndExcluding": "4.26.6", "versionStartIncluding": "4.26", "vulnerable": true}, {"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "matchCriteriaId": "033E2C2B-5214-4E6F-A6ED-BA0B1EA0D09C", "versionEndExcluding": "4.27.4", "versionStartIncluding": "4.27", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:arista:ccs-722xpm-48y4:-:*:*:*:*:*:*:*", "matchCriteriaId": "074CBF00-1D2C-4388-874A-62453B1D4564", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:ccs-722xpm-48zy8:-:*:*:*:*:*:*:*", "matchCriteriaId": "D15C1D00-5F35-4F67-8075-D84D3BD9CE73", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*", "matchCriteriaId": "D3871AE3-43FC-4004-ACBD-8460FB89DED5", "versionEndExcluding": "1.10.11", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*", "matchCriteriaId": "FC2E40AC-033C-4A35-AE27-6429B1DF27E7", "versionEndExcluding": "1.16.8", "versionStartIncluding": "1.11.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*", "matchCriteriaId": "A5302364-97A9-470A-A2CE-B12B51DAF845", "versionEndExcluding": "1.19.2", "versionStartIncluding": "1.17.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "matchCriteriaId": "16525FC4-B685-49F7-A4D1-6581E27A1FE2", "versionEndIncluding": "4.23.11", "versionStartIncluding": "4.23", "vulnerable": true}, {"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "matchCriteriaId": "BC54BB20-D62F-476D-8A15-8F4D3B8AF389", "versionEndExcluding": "4.24.10", "versionStartIncluding": "4.24", "vulnerable": true}, {"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "matchCriteriaId": "AD6AD50F-4318-4F22-A5F2-AC4A62156A51", "versionEndExcluding": "4.25.8", "versionStartIncluding": "4.25", "vulnerable": true}, {"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "matchCriteriaId": "69E76257-58E0-49F3-BE6E-063F6B061243", "versionEndExcluding": "4.26.6", "versionStartIncluding": "4.26", "vulnerable": true}, {"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "matchCriteriaId": "033E2C2B-5214-4E6F-A6ED-BA0B1EA0D09C", "versionEndExcluding": "4.27.4", "versionStartIncluding": "4.27", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:arista:7050cx3-32s:-:*:*:*:*:*:*:*", "matchCriteriaId": "E1FF0290-C671-4ABC-8A12-05E4D55FC4AE", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7050cx3m-32s:-:*:*:*:*:*:*:*", "matchCriteriaId": "828C6E4F-814A-4060-8F5E-7FF359C8739C", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7050sx3-48c8:-:*:*:*:*:*:*:*", "matchCriteriaId": "FE35C17F-0C60-4A40-9949-D4C5D94D1D7A", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7050sx3-48yc:-:*:*:*:*:*:*:*", "matchCriteriaId": "07BA078E-30B7-4E2C-B240-BF64E98143E9", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7050sx3-48yc12:-:*:*:*:*:*:*:*", "matchCriteriaId": "EBFD0706-CACB-40FA-A41B-46B39C6E1D33", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7050sx3-48yc8:-:*:*:*:*:*:*:*", "matchCriteriaId": "5951D243-CB68-4B41-A913-D879CE502795", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7050sx3-96yc8:-:*:*:*:*:*:*:*", "matchCriteriaId": "73156612-D338-4E20-8C82-0E65DAA72331", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7050tx3-48c8:-:*:*:*:*:*:*:*", "matchCriteriaId": "388C57D8-4B3C-4E5D-84AA-0CB7506F825A", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:dcs-7050cx3-32s:-:*:*:*:*:*:*:*", "matchCriteriaId": "E7C133EA-753A-4770-AEF8-11AC8E901F1A", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:dcs-7050cx3-32s-r:-:*:*:*:*:*:*:*", "matchCriteriaId": "E6F270D9-1B05-4CBC-BEE0-0850C94BB9F0", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:dcs-7050cx3m-32s:-:*:*:*:*:*:*:*", "matchCriteriaId": "5D11D6B9-1E68-4A65-A9CD-8DD299EC6B25", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:dcs-7050sx3-48c8:-:*:*:*:*:*:*:*", "matchCriteriaId": "11B7A876-587F-4C51-BE49-C82F6508C536", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:dcs-7050sx3-48yc12:-:*:*:*:*:*:*:*", "matchCriteriaId": "EEB629B5-7E62-4972-A288-EF76FFA3E441", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:dcs-7050sx3-48yc8:-:*:*:*:*:*:*:*", "matchCriteriaId": "33079D44-2255-4682-A4BC-4B071D8EDCFA", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:dcs-7050sx3-96yc8:-:*:*:*:*:*:*:*", "matchCriteriaId": "69F1C5CA-19D7-4F40-93EB-97F44DCD5DCB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*", "matchCriteriaId": "D3871AE3-43FC-4004-ACBD-8460FB89DED5", "versionEndExcluding": "1.10.11", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*", "matchCriteriaId": "FC2E40AC-033C-4A35-AE27-6429B1DF27E7", "versionEndExcluding": "1.16.8", "versionStartIncluding": "1.11.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*", "matchCriteriaId": "A5302364-97A9-470A-A2CE-B12B51DAF845", "versionEndExcluding": "1.19.2", "versionStartIncluding": "1.17.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "matchCriteriaId": "16525FC4-B685-49F7-A4D1-6581E27A1FE2", "versionEndIncluding": "4.23.11", "versionStartIncluding": "4.23", "vulnerable": true}, {"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "matchCriteriaId": "BC54BB20-D62F-476D-8A15-8F4D3B8AF389", "versionEndExcluding": "4.24.10", "versionStartIncluding": "4.24", "vulnerable": true}, {"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "matchCriteriaId": "AD6AD50F-4318-4F22-A5F2-AC4A62156A51", "versionEndExcluding": "4.25.8", "versionStartIncluding": "4.25", "vulnerable": true}, {"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "matchCriteriaId": "69E76257-58E0-49F3-BE6E-063F6B061243", "versionEndExcluding": "4.26.6", "versionStartIncluding": "4.26", "vulnerable": true}, {"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "matchCriteriaId": "033E2C2B-5214-4E6F-A6ED-BA0B1EA0D09C", "versionEndExcluding": "4.27.4", "versionStartIncluding": "4.27", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:arista:7280cr2ak-30:-:*:*:*:*:*:*:*", "matchCriteriaId": "99506386-8D68-46F4-AEA9-4C16C16545B9", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7280cr2k-60:-:*:*:*:*:*:*:*", "matchCriteriaId": "5F569286-C19F-48CB-AB24-89C4A1EB6F81", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7280cr3-32d4:-:*:*:*:*:*:*:*", "matchCriteriaId": "7FEC18B3-7980-4EBF-8E15-F8E92DADD062", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7280cr3-32p4:-:*:*:*:*:*:*:*", "matchCriteriaId": "87E85F7C-F33B-49C1-A526-ACC1BEF3B65C", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7280cr3-96:-:*:*:*:*:*:*:*", "matchCriteriaId": "2E54F451-CA87-4F32-A088-AE18123CE07A", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7280cr3k-32d4:-:*:*:*:*:*:*:*", "matchCriteriaId": "16CB1780-6DEC-4140-A771-9139C77A8A88", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7280cr3k-32p4:-:*:*:*:*:*:*:*", "matchCriteriaId": "11DE9CB6-4453-4EED-B7FC-6374F9225B83", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7280cr3k-96:-:*:*:*:*:*:*:*", "matchCriteriaId": "A98C94CB-7DFC-4CAC-9D98-B3E80BF1EE56", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7280dr3-24:-:*:*:*:*:*:*:*", "matchCriteriaId": "85D9E9FF-564E-4B16-8070-33A366F48FE9", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7280dr3k-24:-:*:*:*:*:*:*:*", "matchCriteriaId": "56AF4A54-7568-4FE0-BE5F-02BD9FADDCE5", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7280pr3-24:-:*:*:*:*:*:*:*", "matchCriteriaId": "F14163D2-B236-4C78-9DB4-97DE6D996EBC", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7280pr3k-24:-:*:*:*:*:*:*:*", "matchCriteriaId": "4057906A-B27B-4B53-97F6-3F5F35794990", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7280r2:-:*:*:*:*:*:*:*", "matchCriteriaId": "21CB1AAF-FC82-4A80-9932-42E8EFA3906A", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7280r3:-:*:*:*:*:*:*:*", "matchCriteriaId": "60FC964C-9835-443A-A584-3A5D6022E914", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7280sr3-48yc8:-:*:*:*:*:*:*:*", "matchCriteriaId": "8143579F-AD53-4D74-AE3E-4D465DCD7A57", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7280sr3k-48yc8:-:*:*:*:*:*:*:*", "matchCriteriaId": "79AB0F1D-ACCA-490C-96F2-FC23A8611CB8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*", "matchCriteriaId": "D3871AE3-43FC-4004-ACBD-8460FB89DED5", "versionEndExcluding": "1.10.11", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*", "matchCriteriaId": "FC2E40AC-033C-4A35-AE27-6429B1DF27E7", "versionEndExcluding": "1.16.8", "versionStartIncluding": "1.11.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*", "matchCriteriaId": "A5302364-97A9-470A-A2CE-B12B51DAF845", "versionEndExcluding": "1.19.2", "versionStartIncluding": "1.17.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "matchCriteriaId": "16525FC4-B685-49F7-A4D1-6581E27A1FE2", "versionEndIncluding": "4.23.11", "versionStartIncluding": "4.23", "vulnerable": true}, {"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "matchCriteriaId": "BC54BB20-D62F-476D-8A15-8F4D3B8AF389", "versionEndExcluding": "4.24.10", "versionStartIncluding": "4.24", "vulnerable": true}, {"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "matchCriteriaId": "AD6AD50F-4318-4F22-A5F2-AC4A62156A51", "versionEndExcluding": "4.25.8", "versionStartIncluding": "4.25", "vulnerable": true}, {"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "matchCriteriaId": "69E76257-58E0-49F3-BE6E-063F6B061243", "versionEndExcluding": "4.26.6", "versionStartIncluding": "4.26", "vulnerable": true}, {"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "matchCriteriaId": "033E2C2B-5214-4E6F-A6ED-BA0B1EA0D09C", "versionEndExcluding": "4.27.4", "versionStartIncluding": "4.27", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:arista:7500r2:-:*:*:*:*:*:*:*", "matchCriteriaId": "583725F6-8583-425C-A847-700DBB9169E7", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7500r3:-:*:*:*:*:*:*:*", "matchCriteriaId": "1C6A4B3C-FF12-4DCD-9945-8450AD0BDEED", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7500r3-24d:-:*:*:*:*:*:*:*", "matchCriteriaId": "BE1BB565-2668-4242-8A00-5CC9C30B9AC9", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7500r3-24p:-:*:*:*:*:*:*:*", "matchCriteriaId": "15F1A605-8836-4A64-AC5E-ADAB34F8F104", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7500r3-36cq:-:*:*:*:*:*:*:*", "matchCriteriaId": "BE8A047A-9FD9-4AE1-9E47-457A46BAE3A4", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7500r3k-36cq:-:*:*:*:*:*:*:*", "matchCriteriaId": "019B0670-389B-4A4E-8C72-52202E3AA8EF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*", "matchCriteriaId": "D3871AE3-43FC-4004-ACBD-8460FB89DED5", "versionEndExcluding": "1.10.11", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*", "matchCriteriaId": "FC2E40AC-033C-4A35-AE27-6429B1DF27E7", "versionEndExcluding": "1.16.8", "versionStartIncluding": "1.11.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*", "matchCriteriaId": "A5302364-97A9-470A-A2CE-B12B51DAF845", "versionEndExcluding": "1.19.2", "versionStartIncluding": "1.17.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "matchCriteriaId": "16525FC4-B685-49F7-A4D1-6581E27A1FE2", "versionEndIncluding": "4.23.11", "versionStartIncluding": "4.23", "vulnerable": true}, {"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "matchCriteriaId": "BC54BB20-D62F-476D-8A15-8F4D3B8AF389", "versionEndExcluding": "4.24.10", "versionStartIncluding": "4.24", "vulnerable": true}, {"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "matchCriteriaId": "AD6AD50F-4318-4F22-A5F2-AC4A62156A51", "versionEndExcluding": "4.25.8", "versionStartIncluding": "4.25", "vulnerable": true}, {"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "matchCriteriaId": "69E76257-58E0-49F3-BE6E-063F6B061243", "versionEndExcluding": "4.26.6", "versionStartIncluding": "4.26", "vulnerable": true}, {"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "matchCriteriaId": "033E2C2B-5214-4E6F-A6ED-BA0B1EA0D09C", "versionEndExcluding": "4.27.4", "versionStartIncluding": "4.27", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:arista:7800r3-36p:-:*:*:*:*:*:*:*", "matchCriteriaId": "D19E86BF-AA91-4262-8EF9-B7FC48C6F3F8", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7800r3-48cq:-:*:*:*:*:*:*:*", "matchCriteriaId": "58443CDE-33D8-4460-A861-CDC07431AA22", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7800r3k-48cq:-:*:*:*:*:*:*:*", "matchCriteriaId": "64BE8C68-FE98-4162-A3D3-54494D5444F5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*", "matchCriteriaId": "D3871AE3-43FC-4004-ACBD-8460FB89DED5", "versionEndExcluding": "1.10.11", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*", "matchCriteriaId": "FC2E40AC-033C-4A35-AE27-6429B1DF27E7", "versionEndExcluding": "1.16.8", "versionStartIncluding": "1.11.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*", "matchCriteriaId": "A5302364-97A9-470A-A2CE-B12B51DAF845", "versionEndExcluding": "1.19.2", "versionStartIncluding": "1.17.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "matchCriteriaId": "16525FC4-B685-49F7-A4D1-6581E27A1FE2", "versionEndIncluding": "4.23.11", "versionStartIncluding": "4.23", "vulnerable": true}, {"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "matchCriteriaId": "BC54BB20-D62F-476D-8A15-8F4D3B8AF389", "versionEndExcluding": "4.24.10", "versionStartIncluding": "4.24", "vulnerable": true}, {"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "matchCriteriaId": "AD6AD50F-4318-4F22-A5F2-AC4A62156A51", "versionEndExcluding": "4.25.8", "versionStartIncluding": "4.25", "vulnerable": true}, {"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "matchCriteriaId": "69E76257-58E0-49F3-BE6E-063F6B061243", "versionEndExcluding": "4.26.6", "versionStartIncluding": "4.26", "vulnerable": true}, {"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "matchCriteriaId": "033E2C2B-5214-4E6F-A6ED-BA0B1EA0D09C", "versionEndExcluding": "4.27.4", "versionStartIncluding": "4.27", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:arista:7388x5:-:*:*:*:*:*:*:*", "matchCriteriaId": "B66E706E-56FB-4A49-BD90-76A8CB6BE391", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak MACsec sensitive data in clear text in CVP to other authorized users, which could cause MACsec traffic to be decrypted or modified by other authorized users on the device."}, {"lang": "es", "value": "Este aviso documenta el impacto de una vulnerabilidad encontrada internamente en los protocolos de transporte TerminAttr y OpenConfig del agente de telemetr\u00eda de transmisi\u00f3n de estados de Arista EOS. El impacto de esta vulnerabilidad es que, en determinadas condiciones, TerminAttr podr\u00eda filtrar datos confidenciales MACsec en texto sin cifrar en CVP a otros usuarios autorizados, lo que podr\u00eda causar que el tr\u00e1fico MACsec sea descifrado o modificado por otros usuarios autorizados en el dispositivo"}], "id": "CVE-2021-28509", "lastModified": "2024-11-21T05:59:48.463", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:S/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 5.2, "source": "psirt@arista.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-05-26T20:15:08.500", "references": [{"source": "psirt@arista.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/15484-security-advisory-0077"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Vendor Advisory"], "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/15484-security-advisory-0077"}], "sourceIdentifier": "psirt@arista.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-255"}], "source": "psirt@arista.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-319"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:* (string)

matchCriteriaId : D3871AE3-43FC-4004-ACBD-8460FB89DED5 (string)

versionEndExcluding : 1.10.11 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:* (string)

matchCriteriaId : FC2E40AC-033C-4A35-AE27-6429B1DF27E7 (string)

versionEndExcluding : 1.16.8 (string)

versionStartIncluding : 1.11.0 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:* (string)

matchCriteriaId : A5302364-97A9-470A-A2CE-B12B51DAF845 (string)

versionEndExcluding : 1.19.2 (string)

versionStartIncluding : 1.17.0 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 16525FC4-B685-49F7-A4D1-6581E27A1FE2 (string)

versionEndIncluding : 4.23.11 (string)

versionStartIncluding : 4.23 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* (string)

matchCriteriaId : BC54BB20-D62F-476D-8A15-8F4D3B8AF389 (string)

versionEndExcluding : 4.24.10 (string)

versionStartIncluding : 4.24 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* (string)

matchCriteriaId : AD6AD50F-4318-4F22-A5F2-AC4A62156A51 (string)

versionEndExcluding : 4.25.8 (string)

versionStartIncluding : 4.25 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 69E76257-58E0-49F3-BE6E-063F6B061243 (string)

versionEndExcluding : 4.26.6 (string)

versionStartIncluding : 4.26 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 033E2C2B-5214-4E6F-A6ED-BA0B1EA0D09C (string)

versionEndExcluding : 4.27.4 (string)

versionStartIncluding : 4.27 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:arista:ccs-722xpm-48y4:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 074CBF00-1D2C-4388-874A-62453B1D4564 (string)

vulnerable : false (boolean)

}

1 : { »

criteria : cpe:2.3:h:arista:ccs-722xpm-48zy8:-:*:*:*:*:*:*:* (string)

matchCriteriaId : D15C1D00-5F35-4F67-8075-D84D3BD9CE73 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

1 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:* (string)

matchCriteriaId : D3871AE3-43FC-4004-ACBD-8460FB89DED5 (string)

versionEndExcluding : 1.10.11 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:* (string)

matchCriteriaId : FC2E40AC-033C-4A35-AE27-6429B1DF27E7 (string)

versionEndExcluding : 1.16.8 (string)

versionStartIncluding : 1.11.0 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:* (string)

matchCriteriaId : A5302364-97A9-470A-A2CE-B12B51DAF845 (string)

versionEndExcluding : 1.19.2 (string)

versionStartIncluding : 1.17.0 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 16525FC4-B685-49F7-A4D1-6581E27A1FE2 (string)

versionEndIncluding : 4.23.11 (string)

versionStartIncluding : 4.23 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* (string)

matchCriteriaId : BC54BB20-D62F-476D-8A15-8F4D3B8AF389 (string)

versionEndExcluding : 4.24.10 (string)

versionStartIncluding : 4.24 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* (string)

matchCriteriaId : AD6AD50F-4318-4F22-A5F2-AC4A62156A51 (string)

versionEndExcluding : 4.25.8 (string)

versionStartIncluding : 4.25 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 69E76257-58E0-49F3-BE6E-063F6B061243 (string)

versionEndExcluding : 4.26.6 (string)

versionStartIncluding : 4.26 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 033E2C2B-5214-4E6F-A6ED-BA0B1EA0D09C (string)

versionEndExcluding : 4.27.4 (string)

versionStartIncluding : 4.27 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:arista:7050cx3-32s:-:*:*:*:*:*:*:* (string)

matchCriteriaId : E1FF0290-C671-4ABC-8A12-05E4D55FC4AE (string)

vulnerable : false (boolean)

}

1 : { »

criteria : cpe:2.3:h:arista:7050cx3m-32s:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 828C6E4F-814A-4060-8F5E-7FF359C8739C (string)

vulnerable : false (boolean)

}

2 : { »

criteria : cpe:2.3:h:arista:7050sx3-48c8:-:*:*:*:*:*:*:* (string)

matchCriteriaId : FE35C17F-0C60-4A40-9949-D4C5D94D1D7A (string)

vulnerable : false (boolean)

}

3 : { »

criteria : cpe:2.3:h:arista:7050sx3-48yc:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 07BA078E-30B7-4E2C-B240-BF64E98143E9 (string)

vulnerable : false (boolean)

}

4 : { »

criteria : cpe:2.3:h:arista:7050sx3-48yc12:-:*:*:*:*:*:*:* (string)

matchCriteriaId : EBFD0706-CACB-40FA-A41B-46B39C6E1D33 (string)

vulnerable : false (boolean)

}

5 : { »

criteria : cpe:2.3:h:arista:7050sx3-48yc8:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 5951D243-CB68-4B41-A913-D879CE502795 (string)

vulnerable : false (boolean)

}

6 : { »

criteria : cpe:2.3:h:arista:7050sx3-96yc8:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 73156612-D338-4E20-8C82-0E65DAA72331 (string)

vulnerable : false (boolean)

}

7 : { »

criteria : cpe:2.3:h:arista:7050tx3-48c8:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 388C57D8-4B3C-4E5D-84AA-0CB7506F825A (string)

vulnerable : false (boolean)

}

8 : { »

criteria : cpe:2.3:h:arista:dcs-7050cx3-32s:-:*:*:*:*:*:*:* (string)

matchCriteriaId : E7C133EA-753A-4770-AEF8-11AC8E901F1A (string)

vulnerable : false (boolean)

}

9 : { »

criteria : cpe:2.3:h:arista:dcs-7050cx3-32s-r:-:*:*:*:*:*:*:* (string)

matchCriteriaId : E6F270D9-1B05-4CBC-BEE0-0850C94BB9F0 (string)

vulnerable : false (boolean)

}

10 : { »

criteria : cpe:2.3:h:arista:dcs-7050cx3m-32s:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 5D11D6B9-1E68-4A65-A9CD-8DD299EC6B25 (string)

vulnerable : false (boolean)

}

11 : { »

criteria : cpe:2.3:h:arista:dcs-7050sx3-48c8:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 11B7A876-587F-4C51-BE49-C82F6508C536 (string)

vulnerable : false (boolean)

}

12 : { »

criteria : cpe:2.3:h:arista:dcs-7050sx3-48yc12:-:*:*:*:*:*:*:* (string)

matchCriteriaId : EEB629B5-7E62-4972-A288-EF76FFA3E441 (string)

vulnerable : false (boolean)

}

13 : { »

criteria : cpe:2.3:h:arista:dcs-7050sx3-48yc8:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 33079D44-2255-4682-A4BC-4B071D8EDCFA (string)

vulnerable : false (boolean)

}

14 : { »

criteria : cpe:2.3:h:arista:dcs-7050sx3-96yc8:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 69F1C5CA-19D7-4F40-93EB-97F44DCD5DCB (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

2 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:* (string)

matchCriteriaId : D3871AE3-43FC-4004-ACBD-8460FB89DED5 (string)

versionEndExcluding : 1.10.11 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:* (string)

matchCriteriaId : FC2E40AC-033C-4A35-AE27-6429B1DF27E7 (string)

versionEndExcluding : 1.16.8 (string)

versionStartIncluding : 1.11.0 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:* (string)

matchCriteriaId : A5302364-97A9-470A-A2CE-B12B51DAF845 (string)

versionEndExcluding : 1.19.2 (string)

versionStartIncluding : 1.17.0 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 16525FC4-B685-49F7-A4D1-6581E27A1FE2 (string)

versionEndIncluding : 4.23.11 (string)

versionStartIncluding : 4.23 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* (string)

matchCriteriaId : BC54BB20-D62F-476D-8A15-8F4D3B8AF389 (string)

versionEndExcluding : 4.24.10 (string)

versionStartIncluding : 4.24 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* (string)

matchCriteriaId : AD6AD50F-4318-4F22-A5F2-AC4A62156A51 (string)

versionEndExcluding : 4.25.8 (string)

versionStartIncluding : 4.25 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 69E76257-58E0-49F3-BE6E-063F6B061243 (string)

versionEndExcluding : 4.26.6 (string)

versionStartIncluding : 4.26 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 033E2C2B-5214-4E6F-A6ED-BA0B1EA0D09C (string)

versionEndExcluding : 4.27.4 (string)

versionStartIncluding : 4.27 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:arista:7280cr2ak-30:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 99506386-8D68-46F4-AEA9-4C16C16545B9 (string)

vulnerable : false (boolean)

}

1 : { »

criteria : cpe:2.3:h:arista:7280cr2k-60:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 5F569286-C19F-48CB-AB24-89C4A1EB6F81 (string)

vulnerable : false (boolean)

}

2 : { »

criteria : cpe:2.3:h:arista:7280cr3-32d4:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 7FEC18B3-7980-4EBF-8E15-F8E92DADD062 (string)

vulnerable : false (boolean)

}

3 : { »

criteria : cpe:2.3:h:arista:7280cr3-32p4:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 87E85F7C-F33B-49C1-A526-ACC1BEF3B65C (string)

vulnerable : false (boolean)

}

4 : { »

criteria : cpe:2.3:h:arista:7280cr3-96:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 2E54F451-CA87-4F32-A088-AE18123CE07A (string)

vulnerable : false (boolean)

}

5 : { »

criteria : cpe:2.3:h:arista:7280cr3k-32d4:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 16CB1780-6DEC-4140-A771-9139C77A8A88 (string)

vulnerable : false (boolean)

}

6 : { »

criteria : cpe:2.3:h:arista:7280cr3k-32p4:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 11DE9CB6-4453-4EED-B7FC-6374F9225B83 (string)

vulnerable : false (boolean)

}

7 : { »

criteria : cpe:2.3:h:arista:7280cr3k-96:-:*:*:*:*:*:*:* (string)

matchCriteriaId : A98C94CB-7DFC-4CAC-9D98-B3E80BF1EE56 (string)

vulnerable : false (boolean)

}

8 : { »

criteria : cpe:2.3:h:arista:7280dr3-24:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 85D9E9FF-564E-4B16-8070-33A366F48FE9 (string)

vulnerable : false (boolean)

}

9 : { »

criteria : cpe:2.3:h:arista:7280dr3k-24:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 56AF4A54-7568-4FE0-BE5F-02BD9FADDCE5 (string)

vulnerable : false (boolean)

}

10 : { »

criteria : cpe:2.3:h:arista:7280pr3-24:-:*:*:*:*:*:*:* (string)

matchCriteriaId : F14163D2-B236-4C78-9DB4-97DE6D996EBC (string)

vulnerable : false (boolean)

}

11 : { »

criteria : cpe:2.3:h:arista:7280pr3k-24:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 4057906A-B27B-4B53-97F6-3F5F35794990 (string)

vulnerable : false (boolean)

}

12 : { »

criteria : cpe:2.3:h:arista:7280r2:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 21CB1AAF-FC82-4A80-9932-42E8EFA3906A (string)

vulnerable : false (boolean)

}

13 : { »

criteria : cpe:2.3:h:arista:7280r3:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 60FC964C-9835-443A-A584-3A5D6022E914 (string)

vulnerable : false (boolean)

}

14 : { »

criteria : cpe:2.3:h:arista:7280sr3-48yc8:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 8143579F-AD53-4D74-AE3E-4D465DCD7A57 (string)

vulnerable : false (boolean)

}

15 : { »

criteria : cpe:2.3:h:arista:7280sr3k-48yc8:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 79AB0F1D-ACCA-490C-96F2-FC23A8611CB8 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

3 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:* (string)

matchCriteriaId : D3871AE3-43FC-4004-ACBD-8460FB89DED5 (string)

versionEndExcluding : 1.10.11 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:* (string)

matchCriteriaId : FC2E40AC-033C-4A35-AE27-6429B1DF27E7 (string)

versionEndExcluding : 1.16.8 (string)

versionStartIncluding : 1.11.0 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:* (string)

matchCriteriaId : A5302364-97A9-470A-A2CE-B12B51DAF845 (string)

versionEndExcluding : 1.19.2 (string)

versionStartIncluding : 1.17.0 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 16525FC4-B685-49F7-A4D1-6581E27A1FE2 (string)

versionEndIncluding : 4.23.11 (string)

versionStartIncluding : 4.23 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* (string)

matchCriteriaId : BC54BB20-D62F-476D-8A15-8F4D3B8AF389 (string)

versionEndExcluding : 4.24.10 (string)

versionStartIncluding : 4.24 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* (string)

matchCriteriaId : AD6AD50F-4318-4F22-A5F2-AC4A62156A51 (string)

versionEndExcluding : 4.25.8 (string)

versionStartIncluding : 4.25 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 69E76257-58E0-49F3-BE6E-063F6B061243 (string)

versionEndExcluding : 4.26.6 (string)

versionStartIncluding : 4.26 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 033E2C2B-5214-4E6F-A6ED-BA0B1EA0D09C (string)

versionEndExcluding : 4.27.4 (string)

versionStartIncluding : 4.27 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:arista:7500r2:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 583725F6-8583-425C-A847-700DBB9169E7 (string)

vulnerable : false (boolean)

}

1 : { »

criteria : cpe:2.3:h:arista:7500r3:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 1C6A4B3C-FF12-4DCD-9945-8450AD0BDEED (string)

vulnerable : false (boolean)

}

2 : { »

criteria : cpe:2.3:h:arista:7500r3-24d:-:*:*:*:*:*:*:* (string)

matchCriteriaId : BE1BB565-2668-4242-8A00-5CC9C30B9AC9 (string)

vulnerable : false (boolean)

}

3 : { »

criteria : cpe:2.3:h:arista:7500r3-24p:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 15F1A605-8836-4A64-AC5E-ADAB34F8F104 (string)

vulnerable : false (boolean)

}

4 : { »

criteria : cpe:2.3:h:arista:7500r3-36cq:-:*:*:*:*:*:*:* (string)

matchCriteriaId : BE8A047A-9FD9-4AE1-9E47-457A46BAE3A4 (string)

vulnerable : false (boolean)

}

5 : { »

criteria : cpe:2.3:h:arista:7500r3k-36cq:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 019B0670-389B-4A4E-8C72-52202E3AA8EF (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

4 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:* (string)

matchCriteriaId : D3871AE3-43FC-4004-ACBD-8460FB89DED5 (string)

versionEndExcluding : 1.10.11 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:* (string)

matchCriteriaId : FC2E40AC-033C-4A35-AE27-6429B1DF27E7 (string)

versionEndExcluding : 1.16.8 (string)

versionStartIncluding : 1.11.0 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:* (string)

matchCriteriaId : A5302364-97A9-470A-A2CE-B12B51DAF845 (string)

versionEndExcluding : 1.19.2 (string)

versionStartIncluding : 1.17.0 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 16525FC4-B685-49F7-A4D1-6581E27A1FE2 (string)

versionEndIncluding : 4.23.11 (string)

versionStartIncluding : 4.23 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* (string)

matchCriteriaId : BC54BB20-D62F-476D-8A15-8F4D3B8AF389 (string)

versionEndExcluding : 4.24.10 (string)

versionStartIncluding : 4.24 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* (string)

matchCriteriaId : AD6AD50F-4318-4F22-A5F2-AC4A62156A51 (string)

versionEndExcluding : 4.25.8 (string)

versionStartIncluding : 4.25 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 69E76257-58E0-49F3-BE6E-063F6B061243 (string)

versionEndExcluding : 4.26.6 (string)

versionStartIncluding : 4.26 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 033E2C2B-5214-4E6F-A6ED-BA0B1EA0D09C (string)

versionEndExcluding : 4.27.4 (string)

versionStartIncluding : 4.27 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:arista:7800r3-36p:-:*:*:*:*:*:*:* (string)

matchCriteriaId : D19E86BF-AA91-4262-8EF9-B7FC48C6F3F8 (string)

vulnerable : false (boolean)

}

1 : { »

criteria : cpe:2.3:h:arista:7800r3-48cq:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 58443CDE-33D8-4460-A861-CDC07431AA22 (string)

vulnerable : false (boolean)

}

2 : { »

criteria : cpe:2.3:h:arista:7800r3k-48cq:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 64BE8C68-FE98-4162-A3D3-54494D5444F5 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

5 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:* (string)

matchCriteriaId : D3871AE3-43FC-4004-ACBD-8460FB89DED5 (string)

versionEndExcluding : 1.10.11 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:* (string)

matchCriteriaId : FC2E40AC-033C-4A35-AE27-6429B1DF27E7 (string)

versionEndExcluding : 1.16.8 (string)

versionStartIncluding : 1.11.0 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:* (string)

matchCriteriaId : A5302364-97A9-470A-A2CE-B12B51DAF845 (string)

versionEndExcluding : 1.19.2 (string)

versionStartIncluding : 1.17.0 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 16525FC4-B685-49F7-A4D1-6581E27A1FE2 (string)

versionEndIncluding : 4.23.11 (string)

versionStartIncluding : 4.23 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* (string)

matchCriteriaId : BC54BB20-D62F-476D-8A15-8F4D3B8AF389 (string)

versionEndExcluding : 4.24.10 (string)

versionStartIncluding : 4.24 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* (string)

matchCriteriaId : AD6AD50F-4318-4F22-A5F2-AC4A62156A51 (string)

versionEndExcluding : 4.25.8 (string)

versionStartIncluding : 4.25 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 69E76257-58E0-49F3-BE6E-063F6B061243 (string)

versionEndExcluding : 4.26.6 (string)

versionStartIncluding : 4.26 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 033E2C2B-5214-4E6F-A6ED-BA0B1EA0D09C (string)

versionEndExcluding : 4.27.4 (string)

versionStartIncluding : 4.27 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:arista:7388x5:-:*:*:*:*:*:*:* (string)

matchCriteriaId : B66E706E-56FB-4A49-BD90-76A8CB6BE391 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak MACsec sensitive data in clear text in CVP to other authorized users, which could cause MACsec traffic to be decrypted or modified by other authorized users on the device. (string)

}

1 : { »

lang : es (string)

value : Este aviso documenta el impacto de una vulnerabilidad encontrada internamente en los protocolos de transporte TerminAttr y OpenConfig del agente de telemetría de transmisión de estados de Arista EOS. El impacto de esta vulnerabilidad es que, en determinadas condiciones, TerminAttr podría filtrar datos confidenciales MACsec en texto sin cifrar en CVP a otros usuarios autorizados, lo que podría causar que el tráfico MACsec sea descifrado o modificado por otros usuarios autorizados en el dispositivo (string)

}

]

id : CVE-2021-28509 (string)

lastModified : 2024-11-21T05:59:48.463 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : LOW (string)

cvssData : { »

accessComplexity : HIGH (string)

accessVector : NETWORK (string)

authentication : SINGLE (string)

availabilityImpact : NONE (string)

baseScore : 3.6 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : PARTIAL (string)

vectorString : AV:N/AC:H/Au:S/C:P/I:P/A:N (string)

version : 2.0 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 4.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : true (boolean)

}

]

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : NONE (string)

baseScore : 6.1 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

privilegesRequired : HIGH (string)

scope : UNCHANGED (string)

userInteraction : REQUIRED (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N (string)

version : 3.1 (string)

}

exploitabilityScore : 0.9 (number)

impactScore : 5.2 (number)

source : psirt@arista.com (string)

type : Secondary (string)

}

1 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : NONE (string)

baseScore : 6.1 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

privilegesRequired : HIGH (string)

scope : UNCHANGED (string)

userInteraction : REQUIRED (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N (string)

version : 3.1 (string)

}

exploitabilityScore : 0.9 (number)

impactScore : 5.2 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2022-05-26T20:15:08.500 (string)

references : [ »

0 : { »

source : psirt@arista.com (string)

tags : [ »

0 : Exploit (string)

1 : Vendor Advisory (string)

]

url : https://www.arista.com/en/support/advisories-notices/security-advisories/15484-security-advisory-0077 (string)

}

1 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Exploit (string)

1 : Vendor Advisory (string)

]

url : https://www.arista.com/en/support/advisories-notices/security-advisories/15484-security-advisory-0077 (string)

}

]

sourceIdentifier : psirt@arista.com (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-255 (string)

}

]

source : psirt@arista.com (string)

type : Secondary (string)

}

1 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-319 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity High

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity High

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object