This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak MACsec sensitive data in clear text in CVP to other authorized users, which could cause MACsec traffic to be decrypted or modified by other authorized users on the device.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: Arista

Published: 2022-05-26T19:50:36.432905Z

Updated: 2024-09-16T20:32:30.399Z

Reserved: 2021-03-16T00:00:00

Link: CVE-2021-28509

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-05-26T20:15:08.500

Modified: 2024-11-21T05:59:48.463

Link: CVE-2021-28509

cve-icon Redhat

No data.