CVE-2021-28510

For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling message with an invalid Type-Length-Value (TLV) causes the PTP agent to restart. Repeated restarts of the service will make the service unavailable.

CVSS v3.0 7.5 HIGH

7.5^/10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.arista.com/en/support/advisories-notices/security-advisory/15439-security-advisory-0076	Exploit Mitigation Vendor Advisory

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:o:arista:eos::::::::
	cpe:2.3:o:arista:eos::::::::
	cpe:2.3:o:arista:eos::::::::
	cpe:2.3:o:arista:eos::::::::
	cpe:2.3:o:arista:eos::::::::

OR	cpe:2.3:h:arista:7020r:-:::::::*
	cpe:2.3:h:arista:7050cx3-32s:-:::::::*
	cpe:2.3:h:arista:7050cx3m-32s:-:::::::*
	cpe:2.3:h:arista:7050qx-32s:-:::::::*
	cpe:2.3:h:arista:7050qx2-32s:-:::::::*
	cpe:2.3:h:arista:7050sx-128:-:::::::*
	cpe:2.3:h:arista:7050sx-64:-:::::::*
	cpe:2.3:h:arista:7050sx-72q:-:::::::*
	cpe:2.3:h:arista:7050sx2-128:-:::::::*
	cpe:2.3:h:arista:7050sx2-72q:-:::::::*
	cpe:2.3:h:arista:7050sx3-48c8:-:::::::*
	cpe:2.3:h:arista:7050sx3-48yc:-:::::::*
	cpe:2.3:h:arista:7050sx3-48yc12:-:::::::*
	cpe:2.3:h:arista:7050sx3-48yc8:-:::::::*
	cpe:2.3:h:arista:7050sx3-96yc8:-:::::::*
	cpe:2.3:h:arista:7050tx-48:-:::::::*
	cpe:2.3:h:arista:7050tx-64:-:::::::*
	cpe:2.3:h:arista:7050tx-72q:-:::::::*
	cpe:2.3:h:arista:7050tx2-128:-:::::::*
	cpe:2.3:h:arista:7050tx3-48c8:-:::::::*
	cpe:2.3:h:arista:7060cx-32s:-:::::::*
	cpe:2.3:h:arista:7060cx2-32s:-:::::::*
	cpe:2.3:h:arista:7060dx4-32:-:::::::*
	cpe:2.3:h:arista:7060px4-32:-:::::::*
	cpe:2.3:h:arista:7060sx2-48yc6:-:::::::*
	cpe:2.3:h:arista:7150s-24:-:::::::*
	cpe:2.3:h:arista:7150s-52:-:::::::*
	cpe:2.3:h:arista:7150s-64:-:::::::*
	cpe:2.3:h:arista:7150sc-24:-:::::::*
	cpe:2.3:h:arista:7150sc-64:-:::::::*
	cpe:2.3:h:arista:7170-32c:-:::::::*
	cpe:2.3:h:arista:7170-32cd:-:::::::*
	cpe:2.3:h:arista:7170-64c:-:::::::*
	cpe:2.3:h:arista:720xp-24y6:-:::::::*
	cpe:2.3:h:arista:720xp-24zy4:-:::::::*
	cpe:2.3:h:arista:720xp-48y6:-:::::::*
	cpe:2.3:h:arista:720xp-48zc2:-:::::::*
	cpe:2.3:h:arista:720xp-96zc2:-:::::::*
	cpe:2.3:h:arista:7250qx-64:-:::::::*
	cpe:2.3:h:arista:7260cx:-:::::::*
	cpe:2.3:h:arista:7260cx3:-:::::::*
	cpe:2.3:h:arista:7260cx3-64:-:::::::*
	cpe:2.3:h:arista:7260qx:-:::::::*
	cpe:2.3:h:arista:7280e:-:::::::*
	cpe:2.3:h:arista:7280r:-:::::::*
	cpe:2.3:h:arista:7280r2:-:::::::*
	cpe:2.3:h:arista:7280r3:-:::::::*
	cpe:2.3:h:arista:7280sr3-48yc8:-:::::::*
	cpe:2.3:h:arista:7280sr3k-48yc8:-:::::::*
	cpe:2.3:h:arista:7300x-32q:-:::::::*
	cpe:2.3:h:arista:7300x-64s:-:::::::*
	cpe:2.3:h:arista:7300x-64t:-:::::::*
	cpe:2.3:h:arista:7300x3-32c:-:::::::*
	cpe:2.3:h:arista:7300x3-48yc4:-:::::::*
	cpe:2.3:h:arista:7304x3:-:::::::*
	cpe:2.3:h:arista:7308x3:-:::::::*
	cpe:2.3:h:arista:7320x-32c:-:::::::*
	cpe:2.3:h:arista:7324x:-:::::::*
	cpe:2.3:h:arista:7328x:-:::::::*
	cpe:2.3:h:arista:7368x4:-:::::::*
	cpe:2.3:h:arista:7500e:-:::::::*
	cpe:2.3:h:arista:7500r:-:::::::*
	cpe:2.3:h:arista:7500r2:-:::::::*
	cpe:2.3:h:arista:7500r3:-:::::::*
cpe:2.3:h:arista:7500r3-24d:-:::::::*
cpe:2.3:h:arista:7500r3-24p:-:::::::*
cpe:2.3:h:arista:7500r3-36cq:-:::::::*
cpe:2.3:h:arista:7500r3k-36cq:-:::::::*
cpe:2.3:h:arista:7504r3:-:::::::*
cpe:2.3:h:arista:7508r3:-:::::::*
cpe:2.3:h:arista:7512r3:-:::::::*
cpe:2.3:h:arista:7800r3-36p:-:::::::*
cpe:2.3:h:arista:7800r3-48cq:-:::::::*
cpe:2.3:h:arista:7800r3k-48cq:-:::::::*
cpe:2.3:h:arista:7804r3:-:::::::*
cpe:2.3:h:arista:7808r3:-:::::::*

Information

Published : 2023-01-26 13:15

Updated : 2023-02-03 11:50

NVD link : CVE-2021-28510

Mitre link : CVE-2021-28510

JSON object : View

CWE

CWE-400

Uncontrolled Resource Consumption

Products Affected

arista

7060cx-32s
7050qx-32s
7050cx3-32s
7050sx3-48yc8
7150s-24
7280r2
7050sx-72q
7060dx4-32
7304x3
7260cx
720xp-48zc2
7050sx2-128
7050sx2-72q
7060sx2-48yc6
7170-64c
7280r3
720xp-96zc2
7500r3-24p
720xp-24zy4
7050cx3m-32s
7512r3
7800r3k-48cq
720xp-24y6
7050sx3-48c8
7050sx3-96yc8
7808r3
7050tx-72q
7260cx3
720xp-48y6
7500r3k-36cq
7328x
7050sx3-48yc12
7500e
7508r3
7800r3-48cq
7500r3
7300x3-32c
7060px4-32
7804r3
7300x-32q
7050qx2-32s
7050tx2-128
7050tx-64
7170-32c
7300x-64t
7050tx3-48c8
7280sr3-48yc8
7260qx
7280sr3k-48yc8
7368x4
7280r
7050sx-128
7500r
7800r3-36p
7504r3
7308x3
7324x
7150sc-64
7150s-52
7050sx-64
7300x-64s
7500r3-36cq
7150sc-24
7170-32cd
7320x-32c
7060cx2-32s
eos
7150s-64
7300x3-48yc4
7500r2
7050tx-48
7260cx3-64
7250qx-64
7280e
7500r3-24d
7050sx3-48yc
7020r

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/15439-security-advisory-0076", "name": "https://www.arista.com/en/support/advisories-notices/security-advisory/15439-security-advisory-0076", "tags": ["Exploit", "Mitigation", "Vendor Advisory"], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling message with an invalid Type-Length-Value (TLV) causes the PTP agent to restart. Repeated restarts of the service will make the service unavailable."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-400"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2021-28510", "ASSIGNER": "psirt@arista.com"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}}, "publishedDate": "2023-01-26T21:15Z", "configurations": {"nodes": [{"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "4.23.10"}, {"cpe23Uri": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "4.24.8", "versionStartIncluding": "4.24.0"}, {"cpe23Uri": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "4.25.6", "versionStartIncluding": "4.25.0"}, {"cpe23Uri": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "4.26.4", "versionStartIncluding": "4.26.0"}, {"cpe23Uri": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "4.27.1", "versionStartIncluding": "4.27.0"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:arista:7020r:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7050cx3-32s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7050cx3m-32s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7050qx-32s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7050qx2-32s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7050sx-128:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7050sx-64:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7050sx-72q:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7050sx2-128:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7050sx2-72q:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7050sx3-48c8:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7050sx3-48yc:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7050sx3-48yc12:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7050sx3-48yc8:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7050sx3-96yc8:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7050tx-48:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7050tx-64:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7050tx-72q:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7050tx2-128:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7050tx3-48c8:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7060cx-32s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7060cx2-32s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7060dx4-32:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7060px4-32:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7060sx2-48yc6:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7150s-24:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7150s-52:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7150s-64:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7150sc-24:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7150sc-64:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7170-32c:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7170-32cd:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7170-64c:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:720xp-24y6:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:720xp-24zy4:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:720xp-48y6:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:720xp-48zc2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:720xp-96zc2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7250qx-64:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7260cx:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7260cx3:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7260cx3-64:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7260qx:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7280e:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7280r:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7280r2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7280r3:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7280sr3-48yc8:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7280sr3k-48yc8:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7300x-32q:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7300x-64s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7300x-64t:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7300x3-32c:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7300x3-48yc4:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7304x3:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7308x3:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7320x-32c:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7324x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7328x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7368x4:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7500e:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7500r:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7500r2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7500r3:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7500r3-24d:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7500r3-24p:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7500r3-36cq:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7500r3k-36cq:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7504r3:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7508r3:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7512r3:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7800r3-36p:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7800r3-48cq:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7800r3k-48cq:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7804r3:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7808r3:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2023-02-03T19:50Z"}

7.5 /10