CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-28501

An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local users with nopassword configuration.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 52.0%

CVSS Severity

CVSS v3 Score 9.1

CVSS v2 Score 6.9

References

https://www.arista.com/en/support/advisories-notices/security-advisories/13449-security-advisory-0071
https://www.arista.com/en/support/advisories-notices/security-advisories/13449-security-advisory-0071

Products affected by CVE-2021-28501

Arista » Terminattr » Version: N/A

cpe:2.3:a:arista:terminattr:-
Arista » Terminattr » Version: 1.7.2

cpe:2.3:a:arista:terminattr:1.7.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-28501

Products

Pricing

Contact Us