CVE-2021-28511

Name of the Vulnerable Software and Affected Versions Arista EOS (affected versions not specified)

Description The issue affects the security ACL bypass in Arista EOS. It occurs when a NAT ACL rule filter with permit action matches the packet flow, potentially bypassing the security ACL drop rule. This could allow a host with an IP address in a range that matches the range allowed by a NAT ACL and a range denied by a Security ACL to be forwarded incorrectly. The result is an ACL bypass. This issue was discovered internally, and there is no known malicious use in customer networks.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.