On affected Arista EOS platforms, if a VXLAN match rule exists in an IPv4 access-list that is applied to the ingress of an L2 or an L3 port/SVI, the VXLAN rule and subsequent ACL rules in that access list will ignore the specified IP protocol.
2022-04-14T21:15:08.427
2024-11-21T05:59:47.940
Modified
CVSSv3.1: 7.5 (HIGH)
AV:N/AC:L/Au:N/C:N/I:P/A:N
10.0
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | arista | eos | < 4.26.4m | Yes |
| Operating System | arista | eos | < 4.27.1f | Yes |
| Hardware | arista | ccs-710p-12 | - | No |
| Hardware | arista | ccs-710p-16p | - | No |
| Hardware | arista | ccs-720xp-24y6 | - | No |
| Hardware | arista | ccs-720xp-24zy4 | - | No |
| Hardware | arista | ccs-720xp-48y6 | - | No |
| Hardware | arista | ccs-720xp-48zc2 | - | No |
| Hardware | arista | ccs-720xp-96zc2 | - | No |
| Hardware | arista | ccs-722xpm-48y4 | - | No |
| Hardware | arista | ccs-722xpm-48zy8 | - | No |
| Hardware | arista | dcs-7010tx-48 | - | No |
| Hardware | arista | dcs-7050cx3-32s | - | No |
| Hardware | arista | dcs-7050cx3m-32s | - | No |
| Hardware | arista | dcs-7050sx3-48c8 | - | No |
| Hardware | arista | dcs-7050sx3-48yc12 | - | No |
| Hardware | arista | dcs-7050sx3-48yc8 | - | No |
| Hardware | arista | dcs-7050sx3-96yc8 | - | No |
| Hardware | arista | dcs-7050tx3-48c8 | - | No |