Home
MEDIUM: 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:NMEDIUM: 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:NDefault status
unaffected
4.32.0 (custom)
affected
4.31.0 (custom)
affected
4.30.0 (custom)
affected
4.29.0 (custom)
affected
4.28.0 (custom)
affected
4.27.2F (custom) before 4.28.0
affected
Description
On affected platforms running Arista EOS with MACsec and egress ACLs configured on the same interfaces, the ACL policies may not be enforced for packets egressing on those ports. This can cause outgoing packets to incorrectly be allowed or denied.
Problem types
CWE-284 Improper Access Control
Product status
4.32.0 (custom)
4.31.0 (custom)
4.30.0 (custom)
4.29.0 (custom)
4.28.0 (custom)
4.27.2F (custom) before 4.28.0
References
www.arista.com/...rity-advisory/19908-security-advisory-0102