U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2021-28508

Change History

Initial Analysis by NIST 6/09/2022 3:08:34 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:* versions up to (excluding) 1.10.11
          *cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:* versions from (including) 1.11.0 up to (excluding) 1.16.8
          *cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:* versions from (including) 1.17.0 up to (excluding) 1.19.0
          *cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* versions from (including) 4.23 up to (including) 4.23.11
          *cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* versions from (including) 4.24 up to (excluding) 4.24.10
          *cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* versions from (including) 4.25 up to (excluding) 4.25.8
          *cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* versions from (including) 4.26 up to (excluding) 4.26.6
          *cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* versions from (including) 4.27 up to (excluding) 4.27.2
     OR
          cpe:2.3:h:arista:7050cx3-32s:-:*:*:*:*:*:*:*
          cpe:2.3:h:arista:7050cx3m-32s:-:*:*:*:*:*:*:*
          cpe:2.3:h:arista:7050sx3-48c8:-:*:*:*:*:*:*:*
          cpe:2.3:h:arista:7050sx3-48yc:-:*:*:*:*:*:*:*
          cpe:2.3:h:arista:7050sx3-48yc12:-:*:*:*:*:*:*:*
          cpe:2.3:h:arista:7050sx3-48yc8:-:*:*:*:*:*:*:*
          cpe:2.3:h:arista:7050sx3-96yc8:-:*:*:*:*:*:*:*
          cpe:2.3:h:arista:7050tx3-48c8:-:*:*:*:*:*:*:*
          cpe:2.3:h:arista:dcs-7050cx3-32s:-:*:*:*:*:*:*:*
          cpe:2.3:h:arista:dcs-7050cx3-32s-r:-:*:*:*:*:*:*:*
          cpe:2.3:h:arista:dcs-7050cx3m-32s:-:*:*:*:*:*:*:*
          cpe:2.3:h:arista:dcs-7050sx3-48c8:-:*:*:*:*:*:*:*
          cpe:2.3:h:arista:dcs-7050sx3-48yc12:-:*:*:*:*:*:*:*
          cpe:2.3:h:arista:dcs-7050sx3-48yc8:-:*:*:*:*:*:*:*
          cpe:2.3:h:arista:dcs-7050sx3-96yc8:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:* versions up to (excluding) 1.10.11
          *cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:* versions from (including) 1.11.0 up to (excluding) 1.16.8
          *cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:* versions from (including) 1.17.0 up to (excluding) 1.19.0
          *cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* versions from (including) 4.23 up to (including) 4.23.11
          *cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* versions from (including) 4.24 up to (excluding) 4.24.10
          *cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* versions from (including) 4.25 up to (excluding) 4.25.8
          *cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* versions from (including) 4.26 up to (excluding) 4.26.6
          *cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* versions from (including) 4.27 up to (excluding) 4.27.2
     OR
          cpe:2.3:h:arista:7280cr2ak-30:-:*:*:*:*:*:*:*
          cpe:2.3:h:arista:7280cr2k-60:-:*:*:*:*:*:*:*
          cpe:2.3:h:arista:7280cr3-32d4:-:*:*:*:*:*:*:*
          cpe:2.3:h:arista:7280cr3-32p4:-:*:*:*:*:*:*:*
          cpe:2.3:h:arista:7280cr3-96:-:*:*:*:*:*:*:*
          cpe:2.3:h:arista:7280cr3k-32d4:-:*:*:*:*:*:*:*
          cpe:2.3:h:arista:7280cr3k-32p4:-:*:*:*:*:*:*:*
          cpe:2.3:h:arista:7280cr3k-96:-:*:*:*:*:*:*:*
          cpe:2.3:h:arista:7280dr3-24:-:*:*:*:*:*:*:*
          cpe:2.3:h:arista:7280dr3k-24:-:*:*:*:*:*:*:*
          cpe:2.3:h:arista:7280pr3-24:-:*:*:*:*:*:*:*
          cpe:2.3:h:arista:7280pr3k-24:-:*:*:*:*:*:*:*
          cpe:2.3:h:arista:7280r2:-:*:*:*:*:*:*:*
          cpe:2.3:h:arista:7280r3:-:*:*:*:*:*:*:*
          cpe:2.3:h:arista:7280sr3-48yc8:-:*:*:*:*:*:*:*
          cpe:2.3:h:arista:7280sr3k-48yc8:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:* versions up to (excluding) 1.10.11
          *cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:* versions from (including) 1.11.0 up to (excluding) 1.16.8
          *cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:* versions from (including) 1.17.0 up to (excluding) 1.19.0
          *cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* versions from (including) 4.23 up to (including) 4.23.11
          *cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* versions from (including) 4.24 up to (excluding) 4.24.10
          *cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* versions from (including) 4.25 up to (excluding) 4.25.8
          *cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* versions from (including) 4.26 up to (excluding) 4.26.6
          *cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* versions from (including) 4.27 up to (excluding) 4.27.2
     OR
          cpe:2.3:h:arista:7388x5:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:* versions up to (excluding) 1.10.11
          *cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:* versions from (including) 1.11.0 up to (excluding) 1.16.8
          *cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:* versions from (including) 1.17.0 up to (excluding) 1.19.0
          *cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* versions from (including) 4.23 up to (including) 4.23.11
          *cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* versions from (including) 4.24 up to (excluding) 4.24.10
          *cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* versions from (including) 4.25 up to (excluding) 4.25.8
          *cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* versions from (including) 4.26 up to (excluding) 4.26.6
          *cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* versions from (including) 4.27 up to (excluding) 4.27.2
     OR
          cpe:2.3:h:arista:7500r2:-:*:*:*:*:*:*:*
          cpe:2.3:h:arista:7500r3:-:*:*:*:*:*:*:*
          cpe:2.3:h:arista:7500r3-24d:-:*:*:*:*:*:*:*
          cpe:2.3:h:arista:7500r3-24p:-:*:*:*:*:*:*:*
          cpe:2.3:h:arista:7500r3-36cq:-:*:*:*:*:*:*:*
          cpe:2.3:h:arista:7500r3k-36cq:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:* versions up to (excluding) 1.10.11
          *cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:* versions from (including) 1.11.0 up to (excluding) 1.16.8
          *cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:* versions from (including) 1.17.0 up to (excluding) 1.19.0
          *cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* versions from (including) 4.23 up to (including) 4.23.11
          *cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* versions from (including) 4.24 up to (excluding) 4.24.10
          *cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* versions from (including) 4.25 up to (excluding) 4.25.8
          *cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* versions from (including) 4.26 up to (excluding) 4.26.6
          *cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* versions from (including) 4.27 up to (excluding) 4.27.2
     OR
          cpe:2.3:h:arista:7800r3-36p:-:*:*:*:*:*:*:*
          cpe:2.3:h:arista:7800r3-48cq:-:*:*:*:*:*:*:*
          cpe:2.3:h:arista:7800r3k-48cq:-:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:* versions up to (excluding) 1.10.11
          *cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:* versions from (including) 1.11.0 up to (excluding) 1.16.8
          *cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:* versions from (including) 1.17.0 up to (excluding) 1.19.0
          *cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* versions from (including) 4.23 up to (including) 4.23.11
          *cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* versions from (including) 4.24 up to (excluding) 4.24.10
          *cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* versions from (including) 4.25 up to (excluding) 4.25.8
          *cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* versions from (including) 4.26 up to (excluding) 4.26.6
          *cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* versions from (including) 4.27 up to (excluding) 4.27.2
     OR
          cpe:2.3:h:arista:ccs-722xpm-48y4:-:*:*:*:*:*:*:*
          cpe:2.3:h:arista:ccs-722xpm-48zy8:-:*:*:*:*:*:*:*
Added CVSS V2

								
							
							
						
NIST (AV:N/AC:H/Au:S/C:P/I:P/A:N)
Added CVSS V2 Metadata

								
							
							
						
Victim must voluntarily interact with attack mechanism
Added CVSS V3.1

								
							
							
						
NIST AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
Added CWE

								
							
							
						
NIST CWE-319
Changed Reference Type
https://www.arista.com/en/support/advisories-notices/security-advisories/15484-security-advisory-0077 No Types Assigned
https://www.arista.com/en/support/advisories-notices/security-advisories/15484-security-advisory-0077 Exploit, Vendor Advisory