How severe is CVE-2021-28506?

CVE-2021-28506 has a CVSS v3 score of 9.1 (CRITICAL).

CVE-2021-28506

Name: eos
Author: arista

9.1CRITICAL

An issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip authorization and authentication which could potentially allow a factory reset of the device.

Опубликовано: 1/14/2022Обновлено: 11/21/2024

Описание

An issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip authorization and authentication which could potentially allow a factory reset of the device.

ИИ-АнализНа базе ИИ

Затронутые продукты

aristaeos

Ссылки

https://www.arista.com/en/support/advisories-notices/security-advisories/13449-security-advisory-0071
ExploitMitigationPatchVendor Advisory
https://www.arista.com/en/support/advisories-notices/security-advisories/13449-security-advisory-0071
ExploitMitigationPatchVendor Advisory