Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

dcs-7010tx-48

Source -

NVD

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

3
Related CVEsRelated VendorsRelated AssignersReports
3Vulnerabilities found
CVE-2023-24512
Assigner-Arista Networks, Inc.
ShareView Details
Assigner-Arista Networks, Inc.
CVSS Score-8.8||HIGH
EPSS-0.09% / 25.96%
||
7 Day CHG~0.00%
Published-25 Apr, 2023 | 00:00
Updated-03 Feb, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
On affected platforms running Arista EOS, an authorized attacker with permissions to perform gNMI requests could craft a request allowing it to update arbitrary configurations in the switch.

On affected platforms running Arista EOS, an authorized attacker with permissions to perform gNMI requests could craft a request allowing it to update arbitrary configurations in the switch. This situation occurs only when the Streaming Telemetry Agent (referred to as the TerminAttr agent) is enabled and gNMI access is configured on the agent. Note: This gNMI over the Streaming Telemetry Agent scenario is mostly commonly used when streaming to a 3rd party system and is not used by default when streaming to CloudVision

Action-Not Available
Vendor-Arista Networks, Inc.
Product-7060sx2-48yc67280dr3-247050qx-32s720dt-24s7170b-64c7150s-647812r37020sr-24c2veos-lab7260qx7500r3-36cq7300x-64tceos-lab7060cx-32sdcs-7010tx-487020sr-32c27160-32cqdcs-7500e-6c2-lc7300x-64s7130-48g3sdcs-7500e-48s-lc7280dr3k-247250qx-647050sx3-48yc7130-16g3s7050sx3-48yc87358x47060dx4-32720xp-24y67280sr3k-48yc87300x3-32cdcs-7500e-72s-lc7260cx96lbs7150s-247320x-32c7280cr3-32d4720xp-24zy47260cx37170-64c7280cr3-32p47804r37050sx-72q7816r37280e7280pr3-247050cx3-32s7050sx2-72q48s6qdeos7150sc-247020tra-487050sx2-1287020tr-487130-96s7150s-52dcs-7500-12cq-lc7300x3-48yc47050sx-647170-32c720xp-48zc2720xp-96zc27050sx3-48yc12720xp-48y67500r3-24d7500r3-24p7160-48tc67300x-32q7170-32cd7050cx3m-32s720dt-48s7368x4720dp-24s7050sx-12848ehs32qd720df-48y720dp-48s7010t-487050tx-647260sx2dcs-7500e-12cm-lc7050tx3-48c87280cr3-967050tx-72q7280pr3k-247060px4-3248lbas7150sc-64dcs-7500r-36q-lccloudeos7280cr3k-967060cx2-32s7280cr2k-60dcs-7500r-48s2cq-lc48lbs7388x57050tx-487050qx2-32s7500r3k-36cq7808r37160-48yc67050tx2-128dcs-7500e-36q-lc7050sx3-96yc87280cr3k-32p47280cr3k-32d47050sx3-48c87280sr3-48yc8dcs-7500r-36cq-lcTerminattr
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-863
Incorrect Authorization
CVE-2021-28505
Assigner-Arista Networks, Inc.
ShareView Details
Assigner-Arista Networks, Inc.
CVSS Score-7.5||HIGH
EPSS-0.20% / 42.60%
||
7 Day CHG~0.00%
Published-14 Apr, 2022 | 20:05
Updated-16 Sep, 2024 | 16:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
On affected Arista EOS platforms, if a VXLAN match rule exists in an IPv4 access-list that is applied to the ingress of an L2 or an L3 port/SVI, the VXLAN rule and subsequent ACL rules in that access list will ignore the specified IP protocol.

On affected Arista EOS platforms, if a VXLAN match rule exists in an IPv4 access-list that is applied to the ingress of an L2 or an L3 port/SVI, the VXLAN rule and subsequent ACL rules in that access list will ignore the specified IP protocol.

Action-Not Available
Vendor-Arista Networks, Inc.
Product-ccs-720xp-24zy4dcs-7050sx3-96yc8ccs-710p-12ccs-720xp-48y6dcs-7050cx3m-32sccs-722xpm-48zy8dcs-7050tx3-48c8ccs-720xp-24y6ccs-722xpm-48y4ccs-720xp-48zc2dcs-7010tx-48dcs-7050cx3-32sdcs-7050sx3-48yc12dcs-7050sx3-48yc8ccs-710p-16pdcs-7050sx3-48c8eosccs-720xp-96zc2EOS
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-863
Incorrect Authorization
CVE-2021-28504
Assigner-Arista Networks, Inc.
ShareView Details
Assigner-Arista Networks, Inc.
CVSS Score-7.5||HIGH
EPSS-0.18% / 40.33%
||
7 Day CHG~0.00%
Published-01 Apr, 2022 | 22:17
Updated-03 Aug, 2024 | 21:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
On Arista Strata family products which have “TCAM profile” feature enabled when Port IPv4 access-list has a rule which matches on “vxlan” as protocol then that rule and subsequent rules ( rules declared after it in ACL ) do not match on IP protocol fi ...

On Arista Strata family products which have “TCAM profile” feature enabled when Port IPv4 access-list has a rule which matches on “vxlan” as protocol then that rule and subsequent rules ( rules declared after it in ACL ) do not match on IP protocol field as expected.

Action-Not Available
Vendor-Arista Networks, Inc.
Product-ccs-720xp-24zy4dcs-7050sx3-96yc8ccs-710p-12ccs-720xp-48y6dcs-7050cx3m-32sccs-722xpm-48zy8dcs-7050tx3-48c8ccs-720xp-24y6ccs-722xpm-48y4ccs-720xp-48zc2dcs-7010tx-48dcs-7050cx3-32sdcs-7050sx3-48yc12dcs-7050sx3-48yc8ccs-710p-16pdcs-7050sx3-48c8eosccs-720xp-96zc2EOS
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-863
Incorrect Authorization