Known Vulnerabilities for Eos by Arista
Listed below are 10 of the newest known vulnerabilities associated with "Eos" by "Arista".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-28510 | For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling message with an invalid Typ... | 7.5 - HIGH | 2023-01-26 | 2023-06-30 |
| CVE-2021-28509 | This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminA... | 6.1 - MEDIUM | 2022-05-26 | 2022-06-09 |
| CVE-2021-28508 | This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminA... | 6.1 - MEDIUM | 2022-05-26 | 2022-06-09 |
| CVE-2021-28507 | An issue has recently been discovered in Arista EOS where, under certain conditions, the service ACL configured for OpenConfi... | 7.1 - HIGH | 2022-01-14 | 2022-07-14 |
| CVE-2021-28506 | An issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip authorization and authentication... | 9.1 - CRITICAL | 2022-01-14 | 2022-07-14 |
| CVE-2021-28505 | On affected Arista EOS platforms, if a VXLAN match rule exists in an IPv4 access-list that is applied to the ingress of an L2... | 7.5 - HIGH | 2022-04-14 | 2022-04-26 |
| CVE-2021-28504 | On Arista Strata family products which have “TCAM profile” feature enabled when Port IPv4 access-list has a rule which ma... | 7.5 - HIGH | 2022-04-01 | 2022-04-12 |
| CVE-2021-28503 | The impact of this vulnerability is that Arista's EOS eAPI may skip re-evaluating user credentials when certificate based aut... | 9.8 - CRITICAL | 2022-02-04 | 2022-08-02 |
| CVE-2021-28500 | An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by the OpenConfig and Termin... | 7.8 - HIGH | 2022-01-14 | 2023-08-17 |
| CVE-2021-28496 | On systems running Arista EOS and CloudEOS with the affected release version, when using shared secret profiles the password ... | 6.5 - MEDIUM | 2021-10-21 | 2022-07-30 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Arista | Eos | 4.24.2f | All | All | All |
| Operating System | Arista | Eos | 4.24.0f | All | All | All |
| Operating System | Arista | Eos | 4.23.5m | All | All | All |
| Operating System | Arista | Eos | 4.23.2f | All | All | All |
| Operating System | Arista | Eos | 4.23.1f | All | All | All |
| Operating System | Arista | Eos | 4.23.0f | All | All | All |
| Operating System | Arista | Eos | 4.23 | All | All | All |
| Operating System | Arista | Eos | 4.22.7m | All | All | All |
| Operating System | Arista | Eos | 4.22.4m | All | All | All |
| Operating System | Arista | Eos | 4.22.3m | All | All | All |
| Operating System | Arista | Eos | 4.22 | All | All | All |
| Operating System | Arista | Eos | 4.21.9m | All | All | All |
| Operating System | Arista | Eos | 4.21.8m | All | All | All |
| Operating System | Arista | Eos | 4.21.8 | All | All | All |
| Operating System | Arista | Eos | 4.21.3 | All | All | All |
| Operating System | Arista | Eos | 4.21.2.4 | All | All | All |
| Operating System | Arista | Eos | 4.21.1f | All | All | All |
| Operating System | Arista | Eos | 4.21.12m | All | All | All |
| Operating System | Arista | Eos | 4.21.11m | All | All | All |
| Operating System | Arista | Eos | 4.21.0f | All | All | All |