The impact of this vulnerability is that Arista's EOS eAPI may skip re-evaluating user credentials when certificate based authentication is used, which allows remote attackers to access the device via eAPI.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Arista
Published: 2022-02-04T22:29:27.998573Z
Updated: 2024-09-16T23:06:02.607Z
Reserved: 2021-03-16T00:00:00
Link: CVE-2021-28503
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-02-04T23:15:11.350
Modified: 2024-11-21T05:59:47.697
Link: CVE-2021-28503
Redhat
No data.