Vulnerabilities > CVE-2021-28510 - Improper Validation of Specified Quantity in Input vulnerability in Arista EOS

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
arista
CWE-1284

Summary

For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling message with an invalid Type-Length-Value (TLV) causes the PTP agent to restart. Repeated restarts of the service will make the service unavailable.

Vulnerable Configurations

Part Description Count
OS
Arista
121
Hardware
Arista
76