On Arista Strata family products which have “TCAM profile” feature enabled when Port IPv4 access-list has a rule which matches on “vxlan” as protocol then that rule and subsequent rules ( rules declared after it in ACL ) do not match on IP protocol field as expected.
2022-04-01T23:15:09.380
2024-11-21T05:59:47.823
Modified
CVSSv3.1: 7.5 (HIGH)
AV:N/AC:M/Au:N/C:N/I:P/A:N
8.6
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | arista | eos | < 4.26.4m | Yes |
| Operating System | arista | eos | < 4.27.1f | Yes |
| Hardware | arista | ccs-710p-12 | - | No |
| Hardware | arista | ccs-710p-16p | - | No |
| Hardware | arista | ccs-720xp-24y6 | - | No |
| Hardware | arista | ccs-720xp-24zy4 | - | No |
| Hardware | arista | ccs-720xp-48y6 | - | No |
| Hardware | arista | ccs-720xp-48zc2 | - | No |
| Hardware | arista | ccs-720xp-96zc2 | - | No |
| Hardware | arista | ccs-722xpm-48y4 | - | No |
| Hardware | arista | ccs-722xpm-48zy8 | - | No |
| Hardware | arista | dcs-7010tx-48 | - | No |
| Hardware | arista | dcs-7050cx3-32s | - | No |
| Hardware | arista | dcs-7050cx3m-32s | - | No |
| Hardware | arista | dcs-7050sx3-48c8 | - | No |
| Hardware | arista | dcs-7050sx3-48yc12 | - | No |
| Hardware | arista | dcs-7050sx3-48yc8 | - | No |
| Hardware | arista | dcs-7050sx3-96yc8 | - | No |
| Hardware | arista | dcs-7050tx3-48c8 | - | No |