Cyber Resilience

CVE-2023-6068

LowPublic PoC

Published: 04 March 2024

Published
04 March 2024
Modified
18 December 2025
KEV Added
Patch
CVSS Score v3.1 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
EPSS Score 0.0014 33.4th percentile
Risk Priority 6 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-6068 is a low-severity Unverified Ownership (CWE-283) vulnerability in Arista Multiaccess. Its CVSS base score is 3.1 (Low).

Operationally, ranked at the 33.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

EU & UK References

Vulnerability details

On affected 7130 Series FPGA platforms running MOS and recent versions of the MultiAccess FPGA, application of ACL’s may result in incorrect operation of the configured ACL for a port resulting in some packets that should be denied being permitted…

more

and some

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

arista
multiaccess
1.7.1 · 1.6.0 — 1.7.0 · 1.6.0 — 1.7.0 · 1.6.0 — 1.7.0

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References