Cloud Defense Logo

Products

Solutions

Company

CVE-2021-28503 : Security Advisory and Response

Learn about CVE-2021-28503 affecting Arista's EOS software. Explore the impact, technical details, and mitigation strategies for this authentication bypass vulnerability.

A vulnerability has been identified in Arista's EOS software that allows remote attackers to access the device via EOS eAPI when using certificate-based authentication.

Understanding CVE-2021-28503

This section provides an overview of the vulnerability, its impact, technical details, and mitigation strategies.

What is CVE-2021-28503?

The vulnerability in Arista's EOS software can result in the skipping of user credential re-evaluation when certificate-based authentication is used, enabling unauthorized access via eAPI.

The Impact of CVE-2021-28503

The impact of the vulnerability is rated as HIGH, with attackers being able to access the device through eAPI due to the bypass of credential re-evaluation.

Technical Details of CVE-2021-28503

This section delves into the specific technical aspects of the vulnerability.

Vulnerability Description

Arista's EOS eAPI may skip user credential re-evaluation, compromising device security via remote attacks.

Affected Systems and Versions

The affected versions include EOS-4.23 to EOS-4.26, with specific subversions prone to the vulnerability.

Exploitation Mechanism

Remote attackers exploit this vulnerability by leveraging the omission of user credential re-evaluation in certificate-based authentication scenarios.

Mitigation and Prevention

This section outlines the steps that can be taken to mitigate the risk posed by CVE-2021-28503.

Immediate Steps to Take

Disabling user certificate authentication via eAPI serves as an interim measure to offset the vulnerability's exploitation.

Long-Term Security Practices

Regularly updating the EOS software to the remediated versions is crucial for enhanced security posture.

Patching and Updates

The recommended solution is to upgrade to fixed EOS versions, namely 4.26.3, 4.25.6, 4.24.8, or 4.23.10 and subsequent releases in respective version trains.

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities?
Find Out Now