CVE-2021-28494 Information
Jun 07, 2022
cve
Description
In Arista’s MOS (Metamako Operating System) software which is supported on the 7130 product line under certain conditions authentication is bypassed by unprivileged users who are accessing the Web UI. This issue affects: Arista Metamako Operating System MOS-0.34.0 and prior releases
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Reference
https://www.arista.com/en/support/advisories-notices/security-advisories/12916-security-advisory-68
Attack Complexity
LOW
Privileges Required
LOW
User Interaction Required
LOW
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
HIGH
Base Severity
8.8
Share on: