All the vulnerabilites related to arista - 48lbas
Vulnerability from fkie_nvd
Published
2023-04-25 21:15
Modified
2024-11-21 07:48
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Summary
On affected platforms running Arista EOS, an authorized attacker with permissions to perform gNMI requests could craft a request allowing it to update arbitrary configurations in the switch. This situation occurs only when the Streaming Telemetry Agent (referred to as the TerminAttr agent) is enabled and gNMI access is configured on the agent. Note: This gNMI over the Streaming Telemetry Agent scenario is mostly commonly used when streaming to a 3rd party system and is not used by default when streaming to CloudVision
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@arista.com | https://www.arista.com/en/support/advisories-notices/security-advisory/17250-security-advisory-0086 | Exploit, Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.arista.com/en/support/advisories-notices/security-advisory/17250-security-advisory-0086 | Exploit, Mitigation, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "341CA00E-8BDE-4BF9-90D4-7B07FC484D18",
"versionEndExcluding": "4.26.10m",
"versionStartIncluding": "4.26.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00A7CEC1-C298-4AEE-A079-550167C2AA3A",
"versionEndExcluding": "4.27.9m",
"versionStartIncluding": "4.27.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32D876FE-C639-4870-A412-0239EA0155D0",
"versionEndExcluding": "4.28.6m",
"versionStartIncluding": "4.28.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24621B26-04A1-4693-BCB4-437544C08B50",
"versionEndExcluding": "4.29.2f",
"versionStartIncluding": "4.29.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:32qd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4184EB8C-5972-413F-A6CD-B1365D242B41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:48ehs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FED3033F-6AFD-462B-BED4-032D84D41068",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:48lbas:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EDFE460-5163-4A86-BFDE-7F0FA8EC96D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:48lbs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C680AE5-0810-4A0C-9234-405F2A879F87",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:48s6qd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38A296BD-4449-447C-AF27-F6C033C686D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7010t-48:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4CCF6152-815E-4B3C-AE4B-CA598BEBD020",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7020sr-24c2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7781CB15-3452-47D9-A961-8B09F2E9AEC1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7020sr-32c2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09A31FB8-512E-43EF-8F87-E02E35F5251E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7020tr-48:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CBFF922-28D7-42D6-8796-91AD9A178D28",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7020tra-48:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561B4042-DFD3-4BC0-9C5F-74799A7E92C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050cx3-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1FF0290-C671-4ABC-8A12-05E4D55FC4AE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050cx3m-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "828C6E4F-814A-4060-8F5E-7FF359C8739C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050qx-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "253D74DE-97F5-40F3-B179-D2D4442C57FD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050qx2-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75E03F9E-522F-4D9B-9267-09E2550B5465",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx-128:-:*:*:*:*:*:*:*",
"matchCriteriaId": "895A7AFD-BE76-47F5-B67B-6279046E4274",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx-64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74E258EC-EA50-4185-AA35-5D963C359E74",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx-72q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1482D4FC-60B9-4C89-B892-71AA3E1031F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx2-128:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C99D84E9-2229-459E-AE90-49C2EF670884",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx2-72q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D922C725-1139-4DD4-92FC-9FF15E35CE62",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx3-48c8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE35C17F-0C60-4A40-9949-D4C5D94D1D7A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx3-48yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07BA078E-30B7-4E2C-B240-BF64E98143E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx3-48yc12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBFD0706-CACB-40FA-A41B-46B39C6E1D33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx3-48yc8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5951D243-CB68-4B41-A913-D879CE502795",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx3-96yc8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73156612-D338-4E20-8C82-0E65DAA72331",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050tx-48:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78E7CDCC-ADC6-4854-BFC4-72DA47C5F10B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050tx-64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B03678D-AD7B-4B1A-8E6A-1811DD8B1483",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050tx-72q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E803639C-13A1-48CA-A589-C83654AE454F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050tx2-128:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A495D282-D3DC-4D18-AB72-2358834C238E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050tx3-48c8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "388C57D8-4B3C-4E5D-84AA-0CB7506F825A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7060cx-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D518C8D5-A86B-46E5-A646-8939BFA2E116",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7060cx2-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1608297-7079-4F3B-857E-708B74E944D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7060dx4-32:-:*:*:*:*:*:*:*",
"matchCriteriaId": "806A01C5-231D-4F9D-A292-E9DD706A0C66",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7060px4-32:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC10746F-8FC0-49EF-BB9C-EC49B734DFA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7060sx2-48yc6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26582E98-B710-46D7-B8F2-9286E0592FA6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7130-16g3s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFFA321D-F4A5-434C-BB39-D2B2687001D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7130-48g3s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BE67B8-F326-48B7-AB82-04FE8C2E37E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7130-96s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3264E086-4E90-41D0-8583-8FCF3CE4885D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7150s-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93D74C0B-E470-4D45-98E2-775DE43997DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7150s-52:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B2CAA23-003C-43E6-87CE-61E4369C2D30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7150s-64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7445075-D130-472C-B259-6BACE678541D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7150sc-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF3FA52A-3A67-4515-9790-598860102893",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7150sc-64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6336F166-FAD3-4846-84B9-45F5FAA3D437",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7160-32cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7620401C-FB14-46F1-979B-B21194F90945",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7160-48tc6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DFC236-44B3-4EEF-8937-4F86EE99EB45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7160-48yc6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "823E5569-C918-40E6-A2C5-7C415E4ADEF5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7170-32c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8EFEEA5-0FC4-4FFC-BF5D-BDBAA1B55C70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7170-32cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2959C68-8731-4F37-B9E7-61E5936D3D8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7170-64c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6FB3395-8D13-4477-A46E-37A88272CFAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7170b-64c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7EE3572E-A724-4057-8776-7A95528DCEE7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720df-48y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8FCDB83-38D5-4F02-97E2-BBEF891DCDD7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720dp-24s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80EAF795-EB62-4A86-A0FC-A09008E631A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720dp-48s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA03BA0B-BB2D-41CF-BA2E-B21604D6FBC1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720dt-24s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AE185FD-0D4D-4862-B513-BC68BF3F9F7E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720dt-48s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46C2150F-2FD6-452F-8C56-7413E3EB8FDC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720xp-24y6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AFDBCBB-2C1A-4B88-AE28-EF63D5B9EDD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720xp-24zy4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58757129-BF9C-4BD8-B692-BB57023F8A48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720xp-48y6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2756BB4B-1053-4EAC-AC0B-785FD5039D5F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720xp-48zc2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D36540-7723-4284-A207-6BD27728CA25",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720xp-96zc2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF95CB28-E010-4A1D-A746-F9DDF015868F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7250qx-64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0DD95B3B-D655-42DC-85C2-2C6FDBCC77F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7260cx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E40D14DE-BAFB-461F-9AA7-E3EDC2D8D468",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7260cx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "901E5B76-0EB7-4EAD-A281-15B9F78041AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7260qx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE1DE992-9BFA-4794-82F4-66F464BB384E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7260sx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58296832-AA93-4EAE-96BD-28EC368F8391",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr2k-60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F569286-C19F-48CB-AB24-89C4A1EB6F81",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3-32d4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FEC18B3-7980-4EBF-8E15-F8E92DADD062",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3-32p4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87E85F7C-F33B-49C1-A526-ACC1BEF3B65C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3-96:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E54F451-CA87-4F32-A088-AE18123CE07A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3k-32d4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16CB1780-6DEC-4140-A771-9139C77A8A88",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3k-32p4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11DE9CB6-4453-4EED-B7FC-6374F9225B83",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3k-96:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A98C94CB-7DFC-4CAC-9D98-B3E80BF1EE56",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280dr3-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85D9E9FF-564E-4B16-8070-33A366F48FE9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280dr3k-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56AF4A54-7568-4FE0-BE5F-02BD9FADDCE5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6466FE3-DCE8-4DA5-B893-2BA864F73BC5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280pr3-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F14163D2-B236-4C78-9DB4-97DE6D996EBC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280pr3k-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4057906A-B27B-4B53-97F6-3F5F35794990",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280sr3-48yc8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8143579F-AD53-4D74-AE3E-4D465DCD7A57",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280sr3k-48yc8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79AB0F1D-ACCA-490C-96F2-FC23A8611CB8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7300x-32q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDF8A65D-6FBC-4C38-8B45-418E6C5EB16C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7300x-64s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F088D51-24F4-49AD-8397-73D1EAF45F56",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7300x-64t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "69BA5C6D-40C0-4AA3-AC10-D7F097D8EDD9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7300x3-32c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0040BDDF-D711-4619-9E96-96EFBD33CAA0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7300x3-48yc4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4AA716D-CAD1-4689-8A26-977A2E5F869E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7320x-32c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5AD08CBF-6F42-4F98-B413-F65C5613BE6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7358x4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DBC38094-A539-425D-A2B6-770FAF0FC3C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7368x4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "161DB0D9-9BAC-4546-88D3-5547F4B6149C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7388x5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B66E706E-56FB-4A49-BD90-76A8CB6BE391",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3-24d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE1BB565-2668-4242-8A00-5CC9C30B9AC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3-24p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15F1A605-8836-4A64-AC5E-ADAB34F8F104",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3-36cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE8A047A-9FD9-4AE1-9E47-457A46BAE3A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3k-36cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "019B0670-389B-4A4E-8C72-52202E3AA8EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7804r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A54F3D32-5A07-4791-90BF-96BD8A24C2F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7808r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F078B04-2DA0-4A4B-BB1A-408DC14CB61F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7812r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9B99200-EC76-404E-9900-5D1DC3B9A758",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7816r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A172A49-1A0E-464B-BDDD-A8F52856D595",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:96lbs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FBAE5B17-52F9-4FDD-BD65-AA0C1ADB4806",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:dcs-7010tx-48:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CB43CD4-C96F-483C-B743-3D81C9A65EDF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:dcs-7500-12cq-lc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCCC3EC2-D68C-49E5-8E72-35F16853CA04",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:dcs-7500e-12cm-lc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30D363C8-7D75-4EA7-B5BC-566C1C9ECE96",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:dcs-7500e-36q-lc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E0CD14C-E2C8-4EEC-AAD9-E2428E8610DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:dcs-7500e-48s-lc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ACD40F1C-32AA-42DF-9378-724CD949127B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:dcs-7500e-6c2-lc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DB63C0B-D27A-4CB4-B379-570C0DC8B958",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:dcs-7500e-72s-lc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2468E734-5CA3-4293-A806-358FE659AEA6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:dcs-7500r-36cq-lc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52C4EAF7-6FD7-477A-B4BE-DE5920BF7BBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:dcs-7500r-36q-lc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABA8BEE5-9EDC-4BAC-AB7C-4F9E6680388B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:dcs-7500r-48s2cq-lc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB68705B-A8A5-49AB-AC53-02B311900F7D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arista:ceos-lab:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2260519E-FB90-4924-95E7-1FCC34C4B38B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:arista:cloudeos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "362F2E0F-3D40-444F-87F3-21CA70B1AD04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:arista:veos-lab:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04B29E15-3CFB-45EC-B252-8F02CC1E589C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "On affected platforms running Arista EOS, an authorized attacker with permissions to perform gNMI requests could craft a request allowing it to update arbitrary configurations in the switch. This situation occurs only when the Streaming Telemetry Agent (referred to as the TerminAttr agent) is enabled and gNMI access is configured on the agent. Note: This gNMI over the Streaming Telemetry Agent scenario is mostly commonly used when streaming to a 3rd party system and is not used by default when streaming to CloudVision"
}
],
"id": "CVE-2023-24512",
"lastModified": "2024-11-21T07:48:01.437",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "psirt@arista.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-25T21:15:10.190",
"references": [
{
"source": "psirt@arista.com",
"tags": [
"Exploit",
"Mitigation",
"Vendor Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/17250-security-advisory-0086"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mitigation",
"Vendor Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/17250-security-advisory-0086"
}
],
"sourceIdentifier": "psirt@arista.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "psirt@arista.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2023-24512
Vulnerability from cvelistv5
Published
2023-04-25 00:00
Modified
2024-08-02 10:56
Severity ?
EPSS score ?
Summary
On affected platforms running Arista EOS, an authorized attacker with permissions to perform gNMI requests could craft a request allowing it to update arbitrary configurations in the switch. This situation occurs only when the Streaming Telemetry Agent (referred to as the TerminAttr agent) is enabled and gNMI access is configured on the agent. Note: This gNMI over the Streaming Telemetry Agent scenario is mostly commonly used when streaming to a 3rd party system and is not used by default when streaming to CloudVision
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Arista Networks | Terminattr |
Version: 1.23.0 Version: unspecified < Version: 1.24.0 < Version: 1.22.0 < |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:56:04.371Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/17250-security-advisory-0086"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Terminattr",
"vendor": "Arista Networks",
"versions": [
{
"status": "affected",
"version": "1.23.0"
},
{
"lessThanOrEqual": "1.19.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "1.24.3",
"status": "affected",
"version": "1.24.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "1.22.1",
"status": "affected",
"version": "1.22.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "In order to be vulnerable to CVE-2023-24512 the following conditions must be all be met:\n\nA vulnerable version of the Streaming Telemetry Agent must be installed on the switch. The version can be verified with the following commands:\n#show version detail | grep TerminAttr-core\nTerminAttr-core v1.13.3 1\n\nIn the above example, TerminAttr 1.13.3 is installed.\n\nThe agent must be running on the switch. This can be verified as follows on the switch:\nswitch# show daemon TerminAttr\nProcess: TerminAttr (running with PID 2430)\n\n\nThe Streaming Telemetry Agent must be configured to allow external connections using gRPC. This can be verified by the presence of the -grpcaddr option:\nswitch# daemon TerminAttr\n show active\ndaemon TerminAttr\n exec /usr/bin/TerminAttr -grpcaddr=... \u003cother options...\u003e"
}
],
"datePublic": "2023-04-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "On affected platforms running Arista EOS, an authorized attacker with permissions to perform gNMI requests could craft a request allowing it to update arbitrary configurations in the switch. This situation occurs only when the Streaming Telemetry Agent (referred to as the TerminAttr agent) is enabled and gNMI access is configured on the agent. Note: This gNMI over the Streaming Telemetry Agent scenario is mostly commonly used when streaming to a 3rd party system and is not used by default when streaming to CloudVision"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-25T00:00:00",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/17250-security-advisory-0086"
}
],
"solutions": [
{
"lang": "en",
"value": "While the steps listed above resolve the issue, the recommended long term solution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below.\n\nThere are two possible solutions:\n\nUpgrade the Streaming Telemetry Agent \nCustomers can upgrade the Streaming Telemetry Agent to a fixed version, following the directions in https://arista.my.site.com/AristaCommunity/s/article/terminattr-upgrade-downgrade. Fixes are available in the following supported release trains:\nTerminAttr 1.25.0 and later Terminattr versions\nUsers of 1.24.X and 1.23.X TerminAttr releases should upgrade to TerminAttr 1.25.0 or later.\nTerminAttr 1.22.2 and later version in the TerminAttr 1.22.X train\nTerminAttr 1.19.6 and later versions in the TerminAttr 1.19.X train\n"
},
{
"lang": "en",
"value": "Upgrade EOS\nCustomers can upgrade to a version of EOS which contains a fixed version of the Streaming Telemetry Agent within the EOS image, as documented in https://www.arista.com/en/um-eos/eos-upgradedowngrade-overview:\nEOS 4.29.2F and later releases, which contains TerminAttr 1.25.0 or a more recent version\nEOS 4.28.6M and later releases in the 4.28.X train, which contains TerminAttr 1.22.2 or a more recent version\nEOS 4.27.9M and later releases in the 4.27.X train, which contains TerminAttr 1.19.6 or a more recent version\nEOS 4.26.10M and later releases in the 4.26.X train, which contains TerminAttr 1.19.6 or a more recent version\n"
}
],
"source": {
"advisory": "86",
"defect": [
"751697"
],
"discovery": "INTERNAL"
},
"title": "On affected platforms running Arista EOS, an authorized attacker with permissions to perform gNMI requests could craft a request allowing it to update arbitrary configurations in the switch. ",
"workarounds": [
{
"lang": "en",
"value": "The streaming telemetry agent can be configured in gRPC read-only mode by specifying -grpcreadonly as part of its configuration. For instance as follows:\n\nswitch# daemon TerminAttr\n exec /usr/bin/TerminAttr -grpcreadonly -grpcaddr=... \u003cother options...\u003e\n no shutdown\n\n\nIf TerminAttr is running, it must be restarted for the configuration to take effect. This can be done as follows:\n\nswitch# daemon TerminAttr\n shutdown\n wait-for-warmup\n no shutdown"
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2023-24512",
"datePublished": "2023-04-25T00:00:00",
"dateReserved": "2023-01-24T00:00:00",
"dateUpdated": "2024-08-02T10:56:04.371Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}