Arista Security Advisories

  Date: September 27th, 2022 Revision Date Changes 1.0 September 27th 2022 Initial release   This security advisory addresses four CVEs: CVE-2021-27853 CVSSv3.1 Base Score: 4.7( CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N ) CWE: CWE-284 Improper Access Control Tracking Bug: BUG615000 CVE-2021-27854 CVSSv3.1 Base Score: 4.7( CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N ) CWE: CWE-284 Improper Access Control Tracking Bug: BUG682330 CVE-2021-27861 ...

  Date: July 26th, 2022 Revision Date Changes 1.0 July 26th 2022 Initial release   CVE-2022-2907 The CVE-ID tracking this issue: CVE-2022-29071 CVSSv3.1 Base Score: 4.0 (AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) Common Weakness Enumeration (CWE): CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor) The internal bug tracking this issue: BUG 695468   Description This advisory documents an internally found vulnerability in the on premises deployment ...

  Date: July 19th, 2022 Revision Date Changes 1.0 July 19th 2022 Initial release   The CVE-ID tracking this issue: CVE-2021-28511 CVSSv3.1 Base Score: 5.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N) Common Weakness Enumeration (CWE): CWE-284 Improper Access Control The internal bug tracking this issue: BUG 641088 Description This advisory documents the impact of an internally found vulnerability in Arista EOS for security ACL bypass. The impact of this vulnerabil ...

Arista Networks announces the upcoming end of sale for the DCS-7280QR-C36 models of the 7280QR Series. The products and part numbers covered by this announcement are listed below in Table 1. The last day to order the affected products is planned for 30 December 2022. Customers with active support contracts for DCS-7280QR-C36 Series products will continue to receive support from Arista TAC (Technical Assistance Center) as long as the systems remain covered under a support contract and the dat ...

Arista Networks announces the upcoming end of sale for the DCS-7280SR2A-48YC6 models of the 7280SR2 Series. The products and part numbers covered by this announcement are listed below in Table 1. The last day to order the affected products is planned for 30 December 2022. Customers with active support contracts for DCS-7280SR2A-48YC6 Series products will continue to receive support from Arista TAC (Technical Assistance Center) as long as the systems remain covered under a support contract an ...

Arista Networks announces the upcoming end of sale for the DCS-7280SR2-48YC6 models of the 7280SR2 Series. The products and part numbers covered by this announcement are listed below in Table 1. The last day to order the affected products is planned for 30 December 2022. Customers with active support contracts for DCS-7280SR2-48YC6 Series products will continue to receive support from Arista TAC (Technical Assistance Center) as long as the systems remain covered under a support contract and ...

Arista Networks announces the upcoming end of sale for the DCS-7280CR2M-30 models of the 7280R Series. The products and part numbers covered by this announcement are listed below in Table 1. The last day to order the affected products is planned for 30 December 2022. Customers with active support contracts for DCS-7280CR2M-30 Series products will continue to receive support from Arista TAC (Technical Assistance Center) as long as the systems remain covered under a support contract and the da ...

Arista Networks announces the upcoming end of sale for the DCS-7280CR2A-30, part of the 7280R Series. The products and part numbers covered by this announcement are listed below in Table 1. The last day to order the affected products is planned for 30 December 2022. Customers with active support contracts for DCS-7280CR2A-30 Series products will continue to receive support from Arista TAC (Technical Assistance Center) as long as the systems remain covered under a support contract and the date ...

Arista Networks announces the upcoming end of sale for the DCS-7280CR2K-30 models of the 7280R Series.  The products and part numbers covered by this announcement are listed below in Table 1. The last day to order the affected products is planned for 30 December 2022. Customers with active support contracts for DCS-7280CR2K-30 Series products will continue to receive support from Arista TAC (Technical Assistance Center) as long as the systems remain covered under a support contract and the da ...

Arista Networks announces the upcoming end of sale for the DCS-7280SR2K-48C6-M part of the 7280 Series. The products and part numbers covered by this announcement are listed below in Table 1. The last day to order the affected products is planned for December 30, 2022. Customers with active support contracts for DCS-7280SR2K-48C6-M Series products will continue to receive support from Arista TAC (Technical Assistance Center) as long as the systems remain covered under a support contract and t ...

Arista Networks announces the upcoming end of sale for the DCS-7280SRAM-48C6 models of the 7280 Series. The products and part numbers covered by this announcement are listed below in Table 1. The last day to order the affected products is planned for December 30, 2022. Customers with active support contracts for DCS-7280SRAM-48C6 Series products will continue to receive support from Arista TAC (Technical Assistance Center) as long as the systems remain covered under a support contract and the ...