FKIE_CVE-2023-6068

Vulnerability from fkie_nvd - Published: 2024-03-04 20:15 - Updated: 2024-11-21 08:43
Severity ?
3.1 (Low) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
Summary
On affected 7130 Series FPGA platforms running MOS and recent versions of the MultiAccess FPGA, application of ACL’s may result in incorrect operation of the configured ACL for a port resulting in some packets that should be denied being permitted and some
References
psirt@arista.comhttps://www.arista.com/en/support/advisories-notices/security-advisory/19023-security-advisory-0091
af854a3a-2127-422b-91ae-364da2661108https://www.arista.com/en/support/advisories-notices/security-advisory/19023-security-advisory-0091
Impacted products
Vendor Product Version
To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "On affected 7130 Series FPGA platforms running MOS and recent versions of the MultiAccess FPGA, application of ACL\u2019s may result in incorrect operation of the configured ACL for a port resulting in some packets that should be denied being permitted and some"
    },
    {
      "lang": "es",
      "value": "En las plataformas FPGA de la serie 7130 afectadas que ejecutan MOS y versiones recientes de FPGA MultiAccess, la aplicaci\u00f3n de ACL puede provocar un funcionamiento incorrecto de la ACL configurada para un puerto, lo que da como resultado que se permitan algunos paquetes que deber\u00edan negarse y algunos"
    }
  ],
  "id": "CVE-2023-6068",
  "lastModified": "2024-11-21T08:43:04.790",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 3.1,
          "baseSeverity": "LOW",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 1.4,
        "source": "psirt@arista.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-03-04T20:15:50.267",
  "references": [
    {
      "source": "psirt@arista.com",
      "url": "https://www.arista.com/en/support/advisories-notices/security-advisory/19023-security-advisory-0091"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.arista.com/en/support/advisories-notices/security-advisory/19023-security-advisory-0091"
    }
  ],
  "sourceIdentifier": "psirt@arista.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-283"
        }
      ],
      "source": "psirt@arista.com",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.