Vulnerabilities > CVE-2021-28506 - Missing Authorization vulnerability in Arista EOS
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
An issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip authorization and authentication which could potentially allow a factory reset of the device.