Arista: >> Ccs-720xp-48y6 Security Vulnerabilities
On affected Arista EOS platforms, if a VXLAN match rule exists in an IPv4 access-list that is applied to the ingress of an L2 or an L3 port/SVI, the VXLAN rule and subsequent ACL rules in that access list will ignore the specified IP protocol.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-04-14
On Arista Strata family products which have “TCAM profile” feature enabled when Port IPv4 access-list has a rule which matches on “vxlan” as protocol then that rule and subsequent rules ( rules declared after it in ACL ) do not match on IP protocol field as expected.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-04-01