Learn about CVE-2021-28503 affecting Arista's EOS software. Explore the impact, technical details, and mitigation strategies for this authentication bypass vulnerability.
A vulnerability has been identified in Arista's EOS software that allows remote attackers to access the device via EOS eAPI when using certificate-based authentication.
Understanding CVE-2021-28503
This section provides an overview of the vulnerability, its impact, technical details, and mitigation strategies.
What is CVE-2021-28503?
The vulnerability in Arista's EOS software can result in the skipping of user credential re-evaluation when certificate-based authentication is used, enabling unauthorized access via eAPI.
The Impact of CVE-2021-28503
The impact of the vulnerability is rated as HIGH, with attackers being able to access the device through eAPI due to the bypass of credential re-evaluation.
Technical Details of CVE-2021-28503
This section delves into the specific technical aspects of the vulnerability.
Vulnerability Description
Arista's EOS eAPI may skip user credential re-evaluation, compromising device security via remote attacks.
Affected Systems and Versions
The affected versions include EOS-4.23 to EOS-4.26, with specific subversions prone to the vulnerability.
Exploitation Mechanism
Remote attackers exploit this vulnerability by leveraging the omission of user credential re-evaluation in certificate-based authentication scenarios.
Mitigation and Prevention
This section outlines the steps that can be taken to mitigate the risk posed by CVE-2021-28503.
Immediate Steps to Take
Disabling user certificate authentication via eAPI serves as an interim measure to offset the vulnerability's exploitation.
Long-Term Security Practices
Regularly updating the EOS software to the remediated versions is crucial for enhanced security posture.
Patching and Updates
The recommended solution is to upgrade to fixed EOS versions, namely 4.26.3, 4.25.6, 4.24.8, or 4.23.10 and subsequent releases in respective version trains.