CVE-2023-6068Unverified Ownership in Multiaccess

CWE-283Unverified Ownership3 documents3 sources
Severity
3.1LOWNVD
EPSS
0.1%
top 66.49%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Arista MultiaccessArista Networks MOS
Timeline
PublishedMar 4

Description

On affected 7130 Series FPGA platforms running MOS and recent versions of the MultiAccess FPGA, application of ACL’s may result in incorrect operation of the configured ACL for a port resulting in some packets that should be denied being permitted and some

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:NExploitability: 1.6 | Impact: 1.4

Affected Packages2 packages

NVDarista/multiaccess1.6.01.7.0+1
CVEListV5arista_networks/mos1.6, 1.7.1+1

🔴Vulnerability Details

2
CVEList
On affected 7130 Series FPGA platforms running MOS and recent versions of the MultiAccess FPGA, application of ACL’s may result in incorrect operation of the configured ACL for a port resulting in som2024-03-04
GHSA
GHSA-2qwg-cqpg-9qrr: On affected 7130 Series FPGA platforms running MOS and recent versions of the MultiAccess FPGA, application of ACL’s may result in incorrect operation2024-03-04
CVE-2023-6068 — Unverified Ownership in Multiaccess | cvebase