CVE-2021-28506 - OpenCVE

An issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip authorization and authentication which could potentially allow a factory reset of the device.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:N/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Arista	Eos

Configuration 1 [-]

OR	cpe:2.3:o:arista:eos::::::::
	cpe:2.3:o:arista:eos::::::::
	cpe:2.3:o:arista:eos::::::::
	cpe:2.3:o:arista:eos::::::::
	cpe:2.3:o:arista:eos::::::::

References

Link	Resource
https://www.arista.com/en/support/advisories-notices/security-advisories/13449-security-advisory-0071	Exploit Mitigation Patch Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: Arista

Published: 2022-01-11T00:00:00

Updated: 2022-01-14T19:04:50

Reserved: 2021-03-16T00:00:00

Link: CVE-2021-28506

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-01-14T20:15:10.327

Modified: 2022-07-14T18:47:40.203

Link: CVE-2021-28506

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "EOS", "vendor": "Arista Networks", "versions": [{"lessThanOrEqual": "4.26.0", "status": "affected", "version": "4.26.2F", "versionType": "custom"}, {"lessThanOrEqual": "4.25.5", "status": "affected", "version": "4.25.5.1M", "versionType": "custom"}, {"lessThanOrEqual": "4.25.4", "status": "affected", "version": "4.25.4M", "versionType": "custom"}, {"lessThanOrEqual": "4.25.0", "status": "affected", "version": "4.25.3", "versionType": "custom"}, {"lessThanOrEqual": "4.24.2F", "status": "affected", "version": "4.24.7M", "versionType": "custom"}]}], "datePublic": "2022-01-11T00:00:00", "descriptions": [{"lang": "en", "value": "An issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip authorization and authentication which could potentially allow a factory reset of the device."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-285", "description": "CWE-285 Improper Authorization", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-01-14T19:04:50", "orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7", "shortName": "Arista"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/13449-security-advisory-0071"}], "solutions": [{"lang": "en", "value": "The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release. \nCVE-2021-28506 has been fixed in the following releases:\n4.26.3M and later releases in the 4.26.x train\n4.25.6M and later releases in the 4.25.x train\n4.25.4.1M and later releases in the 4.25.4.x train\n4.24.8M and later releases in the 4.24.x train"}], "source": {"advisory": "71", "defect": ["BUG", "606192"], "discovery": "EXTERNAL"}, "title": "An issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip authorization and authentication which could potentially allow a factory reset of the device.", "workarounds": [{"lang": "en", "value": "No mitigation options available"}, {"lang": "en", "value": "To mitigate CVE-2021-28506 with the continued use of the affected agents, a hotfix employing a proxy service can be deployed. The proxy is configured behind the gNMI/gNOI or RESTCONF server. The hotfix can be downloaded at https://www.arista.com/en/support/advisories-notices/sa-download/?sa=71-SecurityAdvisory0071Hotfix.i386.swix for 32 bit systems and https://www.arista.com/en/support/advisories-notices/sa-download/?sa=71-SecurityAdvisory0071Hotfix.x86_64.swix for 64 bit systems."}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@arista.com", "DATE_PUBLIC": "2022-01-11T22:22:00.000Z", "ID": "CVE-2021-28506", "STATE": "PUBLIC", "TITLE": "An issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip authorization and authentication which could potentially allow a factory reset of the device."}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "EOS", "version": {"version_data": [{"version_affected": "<=", "version_name": "4.26.2F", "version_value": "4.26.0"}, {"version_affected": "<=", "version_name": "4.25.5.1M", "version_value": "4.25.5"}, {"version_affected": "<=", "version_name": "4.25.4M", "version_value": "4.25.4"}, {"version_affected": "<=", "version_name": "4.25.3", "version_value": "4.25.0"}, {"version_affected": "<=", "version_name": "4.24.7M", "version_value": "4.24.2F"}]}}]}, "vendor_name": "Arista Networks"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip authorization and authentication which could potentially allow a factory reset of the device."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-285 Improper Authorization"}]}]}, "references": {"reference_data": [{"name": "https://www.arista.com/en/support/advisories-notices/security-advisories/13449-security-advisory-0071", "refsource": "MISC", "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/13449-security-advisory-0071"}]}, "solution": [{"lang": "en", "value": "The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release. \nCVE-2021-28506 has been fixed in the following releases:\n4.26.3M and later releases in the 4.26.x train\n4.25.6M and later releases in the 4.25.x train\n4.25.4.1M and later releases in the 4.25.4.x train\n4.24.8M and later releases in the 4.24.x train"}], "source": {"advisory": "71", "defect": ["BUG", "606192"], "discovery": "EXTERNAL"}, "work_around": [{"lang": "en", "value": "No mitigation options available"}, {"lang": "en", "value": "To mitigate CVE-2021-28506 with the continued use of the affected agents, a hotfix employing a proxy service can be deployed. The proxy is configured behind the gNMI/gNOI or RESTCONF server. The hotfix can be downloaded at https://www.arista.com/en/support/advisories-notices/sa-download/?sa=71-SecurityAdvisory0071Hotfix.i386.swix for 32 bit systems and https://www.arista.com/en/support/advisories-notices/sa-download/?sa=71-SecurityAdvisory0071Hotfix.x86_64.swix for 64 bit systems."}]}}}, "cveMetadata": {"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7", "assignerShortName": "Arista", "cveId": "CVE-2021-28506", "datePublished": "2022-01-11T00:00:00", "dateReserved": "2021-03-16T00:00:00", "dateUpdated": "2022-01-14T19:04:50", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "matchCriteriaId": "3753CA4E-E3ED-43AC-BD9B-0F41C274EE42", "versionEndIncluding": "4.24.7m", "versionStartIncluding": "4.24.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "matchCriteriaId": "2DCCC623-E1C2-4E97-B5B4-87B15F596334", "versionEndIncluding": "4.25.3", "versionStartIncluding": "4.25.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "matchCriteriaId": "A0144E14-840C-4B5C-9FDF-E090ECC33B9A", "versionEndIncluding": "4.25.4m", "versionStartIncluding": "4.25.4", "vulnerable": true}, {"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "matchCriteriaId": "2D8887C7-7FE8-4CBC-BEE9-1F202E626A0C", "versionEndIncluding": "4.25.5.1m", "versionStartIncluding": "4.25.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "matchCriteriaId": "361E664D-9F0D-478D-A2F6-F8001F464B0A", "versionEndIncluding": "4.26.2f", "versionStartIncluding": "4.26.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip authorization and authentication which could potentially allow a factory reset of the device."}, {"lang": "es", "value": "Se ha detectado recientemente un problema en Arista EOS donde determinadas API de gNOI omiten incorrectamente la autorizaci\u00f3n y la autenticaci\u00f3n, lo que podr\u00eda permitir un restablecimiento de f\u00e1brica del dispositivo"}], "id": "CVE-2021-28506", "lastModified": "2022-07-14T18:47:40.203", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.4, "confidentialityImpact": "NONE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 9.2, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "psirt@arista.com", "type": "Secondary"}]}, "published": "2022-01-14T20:15:10.327", "references": [{"source": "psirt@arista.com", "tags": ["Exploit", "Mitigation", "Patch", "Vendor Advisory"], "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/13449-security-advisory-0071"}], "sourceIdentifier": "psirt@arista.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-306"}, {"lang": "en", "value": "CWE-862"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-285"}], "source": "psirt@arista.com", "type": "Secondary"}]}