ACLs on 7130 Series FPGA Platforms May Cause Incorrect Packet Permission
CVE-2023-6068

3.1LOW

Key Information:

Vendor: Arista Networks
Status: Mos
Vendor: CVE Published:; 4 March 2024

🔔 Create Arista Networks Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2023-6068?

On affected 7130 Series FPGA platforms running MOS and recent versions of the MultiAccess FPGA, application of ACL’s may result in incorrect operation of the configured ACL for a port resulting in some packets that should be denied being permitted and some

Affected Version(s)

MOS 1.7.1

MOS 1.6

References

https://www.arista.com/en/support/advisories-notices/secu...

CVSS V3.1

Score:

3.1

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Jun 28, 2024
Vulnerability published
Mar 4, 2024
Vulnerability Reserved
Nov 9, 2023