CVE-2021-28511 : This advisory documents the impact of an internally found vulnerability in Arist

This advisory documents the impact of an internally found vulnerability in Arista EOS for security ACL bypass. The impact of this vulnerability is that the security ACL drop rule might be bypassed if a NAT ACL rule filter with permit action matches the packet flow. This could allow a host with an IP address in a range that matches the range allowed by a NAT ACL and a range denied by a Security ACL to be forwarded incorrectly as it should have been denied by the Security ACL. This can enable an ACL bypass.

Published 2022-08-05 17:15:08

Updated 2022-08-15 20:50:21

Source Arista Networks, Inc.

View at NVD, CVE.org

Vulnerability category: BypassGain privilege

Products affected by CVE-2021-28511

Arista » EOS
Versions from including (>=) 4.27.0 and up to, including, (<=) 4.27.3
cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*
Matching versions
When used together with: Arista » 7050cx3-32s » Version: N/A
When used together with: Arista » 7050cx3m-32s » Version: N/A
When used together with: Arista » 7050sx3-48c8 » Version: N/A
When used together with: Arista » 7050sx3-48yc » Version: N/A
When used together with: Arista » 7050sx3-48yc12 » Version: N/A
When used together with: Arista » 7050sx3-48yc8 » Version: N/A
When used together with: Arista » 7050sx3-96yc8 » Version: N/A
When used together with: Arista » 7050tx3-48c8 » Version: N/A
When used together with: Arista » 720xp-24y6 » Version: N/A
When used together with: Arista » 720xp-24zy4 » Version: N/A
When used together with: Arista » 720xp-48y6 » Version: N/A
When used together with: Arista » 720xp-48zc2 » Version: N/A
When used together with: Arista » 720xp-96zc2 » Version: N/A
When used together with: Arista » 7300x3-32c » Version: N/A
When used together with: Arista » 7300x3-48yc4 » Version: N/A
Arista » EOS
Versions from including (>=) 4.26.0 and up to, including, (<=) 4.26.5
cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*
Matching versions
When used together with: Arista » 7050cx3-32s » Version: N/A
When used together with: Arista » 7050cx3m-32s » Version: N/A
When used together with: Arista » 7050sx3-48c8 » Version: N/A
When used together with: Arista » 7050sx3-48yc » Version: N/A
When used together with: Arista » 7050sx3-48yc12 » Version: N/A
When used together with: Arista » 7050sx3-48yc8 » Version: N/A
When used together with: Arista » 7050sx3-96yc8 » Version: N/A
When used together with: Arista » 7050tx3-48c8 » Version: N/A
When used together with: Arista » 720xp-24y6 » Version: N/A
When used together with: Arista » 720xp-24zy4 » Version: N/A
When used together with: Arista » 720xp-48y6 » Version: N/A
When used together with: Arista » 720xp-48zc2 » Version: N/A
When used together with: Arista » 720xp-96zc2 » Version: N/A
When used together with: Arista » 7300x3-32c » Version: N/A
When used together with: Arista » 7300x3-48yc4 » Version: N/A
Arista » EOS
Versions up to, including, (<=) 4.24.9
cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*
Matching versions
When used together with: Arista » 7050cx3-32s » Version: N/A
When used together with: Arista » 7050cx3m-32s » Version: N/A
When used together with: Arista » 7050sx3-48c8 » Version: N/A
When used together with: Arista » 7050sx3-48yc » Version: N/A
When used together with: Arista » 7050sx3-48yc12 » Version: N/A
When used together with: Arista » 7050sx3-48yc8 » Version: N/A
When used together with: Arista » 7050sx3-96yc8 » Version: N/A
When used together with: Arista » 7050tx3-48c8 » Version: N/A
When used together with: Arista » 720xp-24y6 » Version: N/A
When used together with: Arista » 720xp-24zy4 » Version: N/A
When used together with: Arista » 720xp-48y6 » Version: N/A
When used together with: Arista » 720xp-48zc2 » Version: N/A
When used together with: Arista » 720xp-96zc2 » Version: N/A
When used together with: Arista » 7300x3-32c » Version: N/A
When used together with: Arista » 7300x3-48yc4 » Version: N/A
Arista » EOS
Versions from including (>=) 4.25.0 and up to, including, (<=) 4.25.8
cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*
Matching versions
When used together with: Arista » 7050cx3-32s » Version: N/A
When used together with: Arista » 7050cx3m-32s » Version: N/A
When used together with: Arista » 7050sx3-48c8 » Version: N/A
When used together with: Arista » 7050sx3-48yc » Version: N/A
When used together with: Arista » 7050sx3-48yc12 » Version: N/A
When used together with: Arista » 7050sx3-48yc8 » Version: N/A
When used together with: Arista » 7050sx3-96yc8 » Version: N/A
When used together with: Arista » 7050tx3-48c8 » Version: N/A
When used together with: Arista » 720xp-24y6 » Version: N/A
When used together with: Arista » 720xp-24zy4 » Version: N/A
When used together with: Arista » 720xp-48y6 » Version: N/A
When used together with: Arista » 720xp-48zc2 » Version: N/A
When used together with: Arista » 720xp-96zc2 » Version: N/A
When used together with: Arista » 7300x3-32c » Version: N/A
When used together with: Arista » 7300x3-48yc4 » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2021-28511

EPSS FAQ

0.06%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 18 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2021-28511

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.5	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N	3.9	2.5	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: Low Integrity: Low Availability: None
5.8	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N	3.9	1.4	Arista Networks, Inc.
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Changed Confidentiality: None Integrity: Low Availability: None

CWE ids for CVE-2021-28511

CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

Assigned by: psirt@arista.com (Secondary)

References for CVE-2021-28511

https://www.arista.com/en/support/advisories-notices/security-advisory/15862-security-advisory-0078

Exploit;Mitigation;Vendor Advisory

Jump to

Vulnerability Details : CVE-2021-28511

Products affected by CVE-2021-28511

Exploit prediction scoring system (EPSS) score for CVE-2021-28511

CVSS scores for CVE-2021-28511

CWE ids for CVE-2021-28511

References for CVE-2021-28511