Unrated severityNVD Advisory· Published Feb 4, 2022· Updated Sep 16, 2024
In Arista's EOS software affected releases, eAPI might skip re-evaluating user credentials when certificate based authentication is used, which allows remote attackers to access the device via eAPI.
CVE-2021-28503
Description
The impact of this vulnerability is that Arista's EOS eAPI may skip re-evaluating user credentials when certificate based authentication is used, which allows remote attackers to access the device via eAPI.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Arista Networks/Arista EOSv5Range: EOS-4.23
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.