All the vulnerabilites related to arista - 7500r2
Vulnerability from fkie_nvd
Published
2023-04-12 21:15
Modified
2024-11-21 07:48
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
On affected platforms running Arista EOS with SNMP configured, a specially crafted packet can cause a memory leak in the snmpd process. This may result in the snmpd processing being terminated (causing SNMP requests to time out until snmpd is automatically restarted) and potential memory resource exhaustion for other processes on the switch. The vulnerability does not have any confidentiality or integrity impacts to the system.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@arista.com | https://www.arista.com/en/support/advisories-notices/security-advisory/17239-security-advisory-0084 | Exploit, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.arista.com/en/support/advisories-notices/security-advisory/17239-security-advisory-0084 | Exploit, Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "341CA00E-8BDE-4BF9-90D4-7B07FC484D18",
"versionEndExcluding": "4.26.10m",
"versionStartIncluding": "4.26.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00A7CEC1-C298-4AEE-A079-550167C2AA3A",
"versionEndExcluding": "4.27.9m",
"versionStartIncluding": "4.27.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32D876FE-C639-4870-A412-0239EA0155D0",
"versionEndExcluding": "4.28.6m",
"versionStartIncluding": "4.28.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24621B26-04A1-4693-BCB4-437544C08B50",
"versionEndExcluding": "4.29.2f",
"versionStartIncluding": "4.29.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arista:ceos-lab:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EFB5B5B-42EE-413E-9EA6-0A9C9DF4EA87",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:arista:cloudeos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "362F2E0F-3D40-444F-87F3-21CA70B1AD04",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:arista:veos-lab:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04B29E15-3CFB-45EC-B252-8F02CC1E589C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7010t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC3D5B4-3B6F-4F15-9CAA-B0D08B53FFC6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7010t-48:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4CCF6152-815E-4B3C-AE4B-CA598BEBD020",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7010tx-48:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E00C871-8EB3-4241-95F3-83A524A79FB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7010tx-48-dc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1CC52FD-29BE-4037-9A7C-264ACF9F6C0D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7020sr-24c2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7781CB15-3452-47D9-A961-8B09F2E9AEC1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7020sr-32c2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09A31FB8-512E-43EF-8F87-E02E35F5251E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7020tr-48:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CBFF922-28D7-42D6-8796-91AD9A178D28",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7020tra-48:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561B4042-DFD3-4BC0-9C5F-74799A7E92C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050cx3-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1FF0290-C671-4ABC-8A12-05E4D55FC4AE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050cx3m-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "828C6E4F-814A-4060-8F5E-7FF359C8739C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050qx-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "253D74DE-97F5-40F3-B179-D2D4442C57FD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050qx2-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75E03F9E-522F-4D9B-9267-09E2550B5465",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx-128:-:*:*:*:*:*:*:*",
"matchCriteriaId": "895A7AFD-BE76-47F5-B67B-6279046E4274",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx-64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74E258EC-EA50-4185-AA35-5D963C359E74",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx-72q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1482D4FC-60B9-4C89-B892-71AA3E1031F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx2-128:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C99D84E9-2229-459E-AE90-49C2EF670884",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx2-72q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D922C725-1139-4DD4-92FC-9FF15E35CE62",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx3-48c8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE35C17F-0C60-4A40-9949-D4C5D94D1D7A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx3-48yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07BA078E-30B7-4E2C-B240-BF64E98143E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx3-48yc12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBFD0706-CACB-40FA-A41B-46B39C6E1D33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx3-48yc8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5951D243-CB68-4B41-A913-D879CE502795",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx3-96yc8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73156612-D338-4E20-8C82-0E65DAA72331",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050tx-48:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78E7CDCC-ADC6-4854-BFC4-72DA47C5F10B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050tx-64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B03678D-AD7B-4B1A-8E6A-1811DD8B1483",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050tx-72q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E803639C-13A1-48CA-A589-C83654AE454F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050tx2-128:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A495D282-D3DC-4D18-AB72-2358834C238E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050tx3-48c8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "388C57D8-4B3C-4E5D-84AA-0CB7506F825A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7060cx-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D518C8D5-A86B-46E5-A646-8939BFA2E116",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7060cx2-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1608297-7079-4F3B-857E-708B74E944D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7060dx4-32:-:*:*:*:*:*:*:*",
"matchCriteriaId": "806A01C5-231D-4F9D-A292-E9DD706A0C66",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7060px4-32:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC10746F-8FC0-49EF-BB9C-EC49B734DFA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7060sx2-48yc6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26582E98-B710-46D7-B8F2-9286E0592FA6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7150s-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93D74C0B-E470-4D45-98E2-775DE43997DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7150s-52:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B2CAA23-003C-43E6-87CE-61E4369C2D30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7150s-64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7445075-D130-472C-B259-6BACE678541D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7150sc-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF3FA52A-3A67-4515-9790-598860102893",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7150sc-64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6336F166-FAD3-4846-84B9-45F5FAA3D437",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7160-32cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7620401C-FB14-46F1-979B-B21194F90945",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7160-48tc6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DFC236-44B3-4EEF-8937-4F86EE99EB45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7160-48yc6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "823E5569-C918-40E6-A2C5-7C415E4ADEF5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7170-32c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8EFEEA5-0FC4-4FFC-BF5D-BDBAA1B55C70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7170-32cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2959C68-8731-4F37-B9E7-61E5936D3D8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7170-64c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6FB3395-8D13-4477-A46E-37A88272CFAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7170b-64c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7EE3572E-A724-4057-8776-7A95528DCEE7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720df-48y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8FCDB83-38D5-4F02-97E2-BBEF891DCDD7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720dp-24s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80EAF795-EB62-4A86-A0FC-A09008E631A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720dp-48s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA03BA0B-BB2D-41CF-BA2E-B21604D6FBC1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720dt-24s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AE185FD-0D4D-4862-B513-BC68BF3F9F7E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720dt-48s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46C2150F-2FD6-452F-8C56-7413E3EB8FDC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720dt-48y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44A568A1-BA88-458E-B69A-0A2A6C594728",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720xp-24y6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AFDBCBB-2C1A-4B88-AE28-EF63D5B9EDD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720xp-24zy4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58757129-BF9C-4BD8-B692-BB57023F8A48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720xp-48y6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2756BB4B-1053-4EAC-AC0B-785FD5039D5F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720xp-48zc2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D36540-7723-4284-A207-6BD27728CA25",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720xp-96zc2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF95CB28-E010-4A1D-A746-F9DDF015868F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:722xpm-48y4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15876058-5E5D-4C87-83A3-592ADCA0AA6E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:722xpm-48zy8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "426308A9-D534-4465-865C-39BC70548B00",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7250qx-64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0DD95B3B-D655-42DC-85C2-2C6FDBCC77F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7260cx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E40D14DE-BAFB-461F-9AA7-E3EDC2D8D468",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7260cx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "901E5B76-0EB7-4EAD-A281-15B9F78041AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7260cx3-64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49BAE58E-F4B5-4C8F-9EEB-5A0F38A96F0C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7260qx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE1DE992-9BFA-4794-82F4-66F464BB384E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7260qx-64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83A3811A-EB0E-464B-86E7-0E369935A507",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr2ak-30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99506386-8D68-46F4-AEA9-4C16C16545B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr2k-60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F569286-C19F-48CB-AB24-89C4A1EB6F81",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3-32d4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FEC18B3-7980-4EBF-8E15-F8E92DADD062",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3-32p4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87E85F7C-F33B-49C1-A526-ACC1BEF3B65C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3-96:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E54F451-CA87-4F32-A088-AE18123CE07A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3k-32d4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16CB1780-6DEC-4140-A771-9139C77A8A88",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3k-32p4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11DE9CB6-4453-4EED-B7FC-6374F9225B83",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3k-96:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A98C94CB-7DFC-4CAC-9D98-B3E80BF1EE56",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280dr3-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85D9E9FF-564E-4B16-8070-33A366F48FE9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280dr3k-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56AF4A54-7568-4FE0-BE5F-02BD9FADDCE5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6466FE3-DCE8-4DA5-B893-2BA864F73BC5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280pr3-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F14163D2-B236-4C78-9DB4-97DE6D996EBC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280pr3k-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4057906A-B27B-4B53-97F6-3F5F35794990",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C02B50F5-B316-4081-BC9E-6F1778049096",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280r2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21CB1AAF-FC82-4A80-9932-42E8EFA3906A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60FC964C-9835-443A-A584-3A5D6022E914",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280sr3-48yc8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8143579F-AD53-4D74-AE3E-4D465DCD7A57",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280sr3k-48yc8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79AB0F1D-ACCA-490C-96F2-FC23A8611CB8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7300x-32q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDF8A65D-6FBC-4C38-8B45-418E6C5EB16C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7300x-64s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F088D51-24F4-49AD-8397-73D1EAF45F56",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7300x-64t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "69BA5C6D-40C0-4AA3-AC10-D7F097D8EDD9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7300x3-32c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0040BDDF-D711-4619-9E96-96EFBD33CAA0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7300x3-48yc4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4AA716D-CAD1-4689-8A26-977A2E5F869E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7304:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E61BC28B-B998-4F6A-AD70-4FF7F2E3C826",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7308:-:*:*:*:*:*:*:*",
"matchCriteriaId": "377CFAA4-5A1A-4D42-87EF-DC57EE02388B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7316:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D65E57B-F0BA-44C5-9D2A-447961AB8220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7320x-32c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5AD08CBF-6F42-4F98-B413-F65C5613BE6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7368x4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "161DB0D9-9BAC-4546-88D3-5547F4B6149C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7388x5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B66E706E-56FB-4A49-BD90-76A8CB6BE391",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06C61DCC-D1CF-4CE5-9634-4BE3E071E83E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC651584-113E-4859-9F14-12D62F3BD626",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "583725F6-8583-425C-A847-700DBB9169E7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6A4B3C-FF12-4DCD-9945-8450AD0BDEED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3-24d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE1BB565-2668-4242-8A00-5CC9C30B9AC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3-24p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15F1A605-8836-4A64-AC5E-ADAB34F8F104",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3-36cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE8A047A-9FD9-4AE1-9E47-457A46BAE3A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3k-36cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "019B0670-389B-4A4E-8C72-52202E3AA8EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3-36p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D19E86BF-AA91-4262-8EF9-B7FC48C6F3F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3-48cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58443CDE-33D8-4460-A861-CDC07431AA22",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3k-48cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64BE8C68-FE98-4162-A3D3-54494D5444F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:ccs-750x-48thp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2368ADC-9CC5-488C-99D9-CB46AAFB5BA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:ccs-750x-48tp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49CE500B-C593-45EC-9C8D-7016D83684AE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:ccs-750x-48zp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB062249-2B0D-4F07-9854-6C20DF5D8BB4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:ccs-750x-48zxp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2A1160-2E90-4B36-AEB0-74B7FB71D204",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "On affected platforms running Arista EOS with SNMP configured, a specially crafted packet can cause a memory leak in the snmpd process. This may result in the snmpd processing being terminated (causing SNMP requests to time out until snmpd is automatically restarted) and potential memory resource exhaustion for other processes on the switch. The vulnerability does not have any confidentiality or integrity impacts to the system."
}
],
"id": "CVE-2023-24511",
"lastModified": "2024-11-21T07:48:01.287",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "psirt@arista.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-12T21:15:16.707",
"references": [
{
"source": "psirt@arista.com",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/17239-security-advisory-0084"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/17239-security-advisory-0084"
}
],
"sourceIdentifier": "psirt@arista.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "psirt@arista.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-01-26 21:15
Modified
2024-11-21 05:59
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling message with an invalid Type-Length-Value (TLV) causes the PTP agent to restart. Repeated restarts of the service will make the service unavailable.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@arista.com | https://www.arista.com/en/support/advisories-notices/security-advisory/15439-security-advisory-0076 | Exploit, Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.arista.com/en/support/advisories-notices/security-advisory/15439-security-advisory-0076 | Exploit, Mitigation, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1978B5F4-4405-4E7C-B0A9-45FF6FBBC1DA",
"versionEndExcluding": "4.23.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59C68E33-DDB0-473A-BCEA-0769924F3F8D",
"versionEndExcluding": "4.24.8",
"versionStartIncluding": "4.24.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F3649E5-79A3-4A34-8EB8-31B8F40753F2",
"versionEndExcluding": "4.25.6",
"versionStartIncluding": "4.25.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DFC4A4F-A4A6-4C0A-A144-9635F5DBC972",
"versionEndExcluding": "4.26.4",
"versionStartIncluding": "4.26.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "60DB1F59-64F8-4EC0-8C56-2AB5E2316CEA",
"versionEndExcluding": "4.27.1",
"versionStartIncluding": "4.27.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:7020r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3371EEF-9D7A-4EF6-A435-A0F1034E5EE7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050cx3-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1FF0290-C671-4ABC-8A12-05E4D55FC4AE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050cx3m-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "828C6E4F-814A-4060-8F5E-7FF359C8739C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050qx-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "253D74DE-97F5-40F3-B179-D2D4442C57FD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050qx2-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75E03F9E-522F-4D9B-9267-09E2550B5465",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx-128:-:*:*:*:*:*:*:*",
"matchCriteriaId": "895A7AFD-BE76-47F5-B67B-6279046E4274",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx-64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74E258EC-EA50-4185-AA35-5D963C359E74",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx-72q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1482D4FC-60B9-4C89-B892-71AA3E1031F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx2-128:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C99D84E9-2229-459E-AE90-49C2EF670884",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx2-72q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D922C725-1139-4DD4-92FC-9FF15E35CE62",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx3-48c8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE35C17F-0C60-4A40-9949-D4C5D94D1D7A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx3-48yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07BA078E-30B7-4E2C-B240-BF64E98143E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx3-48yc12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBFD0706-CACB-40FA-A41B-46B39C6E1D33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx3-48yc8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5951D243-CB68-4B41-A913-D879CE502795",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx3-96yc8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73156612-D338-4E20-8C82-0E65DAA72331",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050tx-48:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78E7CDCC-ADC6-4854-BFC4-72DA47C5F10B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050tx-64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B03678D-AD7B-4B1A-8E6A-1811DD8B1483",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050tx-72q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E803639C-13A1-48CA-A589-C83654AE454F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050tx2-128:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A495D282-D3DC-4D18-AB72-2358834C238E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050tx3-48c8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "388C57D8-4B3C-4E5D-84AA-0CB7506F825A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7060cx-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D518C8D5-A86B-46E5-A646-8939BFA2E116",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7060cx2-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1608297-7079-4F3B-857E-708B74E944D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7060dx4-32:-:*:*:*:*:*:*:*",
"matchCriteriaId": "806A01C5-231D-4F9D-A292-E9DD706A0C66",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7060px4-32:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC10746F-8FC0-49EF-BB9C-EC49B734DFA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7060sx2-48yc6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26582E98-B710-46D7-B8F2-9286E0592FA6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7150s-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93D74C0B-E470-4D45-98E2-775DE43997DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7150s-52:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B2CAA23-003C-43E6-87CE-61E4369C2D30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7150s-64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7445075-D130-472C-B259-6BACE678541D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7150sc-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF3FA52A-3A67-4515-9790-598860102893",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7150sc-64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6336F166-FAD3-4846-84B9-45F5FAA3D437",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7170-32c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8EFEEA5-0FC4-4FFC-BF5D-BDBAA1B55C70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7170-32cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2959C68-8731-4F37-B9E7-61E5936D3D8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7170-64c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6FB3395-8D13-4477-A46E-37A88272CFAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720xp-24y6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AFDBCBB-2C1A-4B88-AE28-EF63D5B9EDD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720xp-24zy4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58757129-BF9C-4BD8-B692-BB57023F8A48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720xp-48y6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2756BB4B-1053-4EAC-AC0B-785FD5039D5F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720xp-48zc2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D36540-7723-4284-A207-6BD27728CA25",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720xp-96zc2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF95CB28-E010-4A1D-A746-F9DDF015868F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7250qx-64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0DD95B3B-D655-42DC-85C2-2C6FDBCC77F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7260cx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E40D14DE-BAFB-461F-9AA7-E3EDC2D8D468",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7260cx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "901E5B76-0EB7-4EAD-A281-15B9F78041AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7260cx3-64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49BAE58E-F4B5-4C8F-9EEB-5A0F38A96F0C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7260qx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE1DE992-9BFA-4794-82F4-66F464BB384E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6466FE3-DCE8-4DA5-B893-2BA864F73BC5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C02B50F5-B316-4081-BC9E-6F1778049096",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280r2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21CB1AAF-FC82-4A80-9932-42E8EFA3906A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60FC964C-9835-443A-A584-3A5D6022E914",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280sr3-48yc8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8143579F-AD53-4D74-AE3E-4D465DCD7A57",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280sr3k-48yc8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79AB0F1D-ACCA-490C-96F2-FC23A8611CB8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7300x-32q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDF8A65D-6FBC-4C38-8B45-418E6C5EB16C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7300x-64s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F088D51-24F4-49AD-8397-73D1EAF45F56",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7300x-64t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "69BA5C6D-40C0-4AA3-AC10-D7F097D8EDD9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7300x3-32c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0040BDDF-D711-4619-9E96-96EFBD33CAA0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7300x3-48yc4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4AA716D-CAD1-4689-8A26-977A2E5F869E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7304x3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78FE473B-CA6E-4E8D-8DBF-676B1ECBB185",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7308x3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F1EF943-154C-4B5B-B803-E186FEA8C5A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7320x-32c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5AD08CBF-6F42-4F98-B413-F65C5613BE6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7324x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8862F74-E399-41EE-A081-62D99A7C1755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7328x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F16261D-639F-4CAB-BDA6-EF3F277E663C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7368x4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "161DB0D9-9BAC-4546-88D3-5547F4B6149C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06C61DCC-D1CF-4CE5-9634-4BE3E071E83E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC651584-113E-4859-9F14-12D62F3BD626",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "583725F6-8583-425C-A847-700DBB9169E7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6A4B3C-FF12-4DCD-9945-8450AD0BDEED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3-24d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE1BB565-2668-4242-8A00-5CC9C30B9AC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3-24p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15F1A605-8836-4A64-AC5E-ADAB34F8F104",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3-36cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE8A047A-9FD9-4AE1-9E47-457A46BAE3A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3k-36cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "019B0670-389B-4A4E-8C72-52202E3AA8EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7504r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8387CCEA-F00C-4F1F-B966-ACF8B16F1D22",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7508r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55AE2A1C-A4FD-423B-A77E-2E24C2310A6A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7512r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4B0D708-B426-4CA1-BE87-08BD14B7EACE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3-36p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D19E86BF-AA91-4262-8EF9-B7FC48C6F3F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3-48cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58443CDE-33D8-4460-A861-CDC07431AA22",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3k-48cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64BE8C68-FE98-4162-A3D3-54494D5444F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7804r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A54F3D32-5A07-4791-90BF-96BD8A24C2F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7808r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F078B04-2DA0-4A4B-BB1A-408DC14CB61F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling message with an invalid Type-Length-Value (TLV) causes the PTP agent to restart. Repeated restarts of the service will make the service unavailable."
},
{
"lang": "es",
"value": "Para ciertos sistemas que ejecutan EOS, un paquete de protocolo de tiempo de precisi\u00f3n (PTP) de un mensaje de administraci\u00f3n/se\u00f1alizaci\u00f3n con un valor de tipo, longitud y valor (TLV) no v\u00e1lido hace que el agente PTP se reinicie. Los reinicios repetidos del servicio har\u00e1n que el servicio no est\u00e9 disponible."
}
],
"id": "CVE-2021-28510",
"lastModified": "2024-11-21T05:59:48.603",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "psirt@arista.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-01-26T21:15:22.147",
"references": [
{
"source": "psirt@arista.com",
"tags": [
"Exploit",
"Mitigation",
"Vendor Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/15439-security-advisory-0076"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mitigation",
"Vendor Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/15439-security-advisory-0076"
}
],
"sourceIdentifier": "psirt@arista.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "psirt@arista.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-1284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-05-26 20:15
Modified
2024-11-21 05:59
Severity ?
6.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
Summary
This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak IPsec sensitive data in clear text in CVP to other authorized users, which could cause IPsec traffic to be decrypted or modified by other authorized users on the device.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3871AE3-43FC-4004-ACBD-8460FB89DED5",
"versionEndExcluding": "1.10.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2E40AC-033C-4A35-AE27-6429B1DF27E7",
"versionEndExcluding": "1.16.8",
"versionStartIncluding": "1.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47F31557-7A87-4769-8DDB-6F8CFCEC97E9",
"versionEndExcluding": "1.19.0",
"versionStartIncluding": "1.17.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16525FC4-B685-49F7-A4D1-6581E27A1FE2",
"versionEndIncluding": "4.23.11",
"versionStartIncluding": "4.23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC54BB20-D62F-476D-8A15-8F4D3B8AF389",
"versionEndExcluding": "4.24.10",
"versionStartIncluding": "4.24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6AD50F-4318-4F22-A5F2-AC4A62156A51",
"versionEndExcluding": "4.25.8",
"versionStartIncluding": "4.25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69E76257-58E0-49F3-BE6E-063F6B061243",
"versionEndExcluding": "4.26.6",
"versionStartIncluding": "4.26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "468664F6-B038-4443-86B2-CC82C3D0A2EB",
"versionEndExcluding": "4.27.2",
"versionStartIncluding": "4.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:ccs-722xpm-48y4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "074CBF00-1D2C-4388-874A-62453B1D4564",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:ccs-722xpm-48zy8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D15C1D00-5F35-4F67-8075-D84D3BD9CE73",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3871AE3-43FC-4004-ACBD-8460FB89DED5",
"versionEndExcluding": "1.10.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2E40AC-033C-4A35-AE27-6429B1DF27E7",
"versionEndExcluding": "1.16.8",
"versionStartIncluding": "1.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47F31557-7A87-4769-8DDB-6F8CFCEC97E9",
"versionEndExcluding": "1.19.0",
"versionStartIncluding": "1.17.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16525FC4-B685-49F7-A4D1-6581E27A1FE2",
"versionEndIncluding": "4.23.11",
"versionStartIncluding": "4.23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC54BB20-D62F-476D-8A15-8F4D3B8AF389",
"versionEndExcluding": "4.24.10",
"versionStartIncluding": "4.24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6AD50F-4318-4F22-A5F2-AC4A62156A51",
"versionEndExcluding": "4.25.8",
"versionStartIncluding": "4.25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69E76257-58E0-49F3-BE6E-063F6B061243",
"versionEndExcluding": "4.26.6",
"versionStartIncluding": "4.26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "468664F6-B038-4443-86B2-CC82C3D0A2EB",
"versionEndExcluding": "4.27.2",
"versionStartIncluding": "4.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:7050cx3-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1FF0290-C671-4ABC-8A12-05E4D55FC4AE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050cx3m-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "828C6E4F-814A-4060-8F5E-7FF359C8739C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx3-48c8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE35C17F-0C60-4A40-9949-D4C5D94D1D7A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx3-48yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07BA078E-30B7-4E2C-B240-BF64E98143E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx3-48yc12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBFD0706-CACB-40FA-A41B-46B39C6E1D33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx3-48yc8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5951D243-CB68-4B41-A913-D879CE502795",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx3-96yc8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73156612-D338-4E20-8C82-0E65DAA72331",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050tx3-48c8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "388C57D8-4B3C-4E5D-84AA-0CB7506F825A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:dcs-7050cx3-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7C133EA-753A-4770-AEF8-11AC8E901F1A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:dcs-7050cx3-32s-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F270D9-1B05-4CBC-BEE0-0850C94BB9F0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:dcs-7050cx3m-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D11D6B9-1E68-4A65-A9CD-8DD299EC6B25",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:dcs-7050sx3-48c8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11B7A876-587F-4C51-BE49-C82F6508C536",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:dcs-7050sx3-48yc12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EEB629B5-7E62-4972-A288-EF76FFA3E441",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:dcs-7050sx3-48yc8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33079D44-2255-4682-A4BC-4B071D8EDCFA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:dcs-7050sx3-96yc8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "69F1C5CA-19D7-4F40-93EB-97F44DCD5DCB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3871AE3-43FC-4004-ACBD-8460FB89DED5",
"versionEndExcluding": "1.10.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2E40AC-033C-4A35-AE27-6429B1DF27E7",
"versionEndExcluding": "1.16.8",
"versionStartIncluding": "1.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47F31557-7A87-4769-8DDB-6F8CFCEC97E9",
"versionEndExcluding": "1.19.0",
"versionStartIncluding": "1.17.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16525FC4-B685-49F7-A4D1-6581E27A1FE2",
"versionEndIncluding": "4.23.11",
"versionStartIncluding": "4.23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC54BB20-D62F-476D-8A15-8F4D3B8AF389",
"versionEndExcluding": "4.24.10",
"versionStartIncluding": "4.24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6AD50F-4318-4F22-A5F2-AC4A62156A51",
"versionEndExcluding": "4.25.8",
"versionStartIncluding": "4.25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69E76257-58E0-49F3-BE6E-063F6B061243",
"versionEndExcluding": "4.26.6",
"versionStartIncluding": "4.26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "468664F6-B038-4443-86B2-CC82C3D0A2EB",
"versionEndExcluding": "4.27.2",
"versionStartIncluding": "4.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:7280cr2ak-30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99506386-8D68-46F4-AEA9-4C16C16545B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr2k-60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F569286-C19F-48CB-AB24-89C4A1EB6F81",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3-32d4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FEC18B3-7980-4EBF-8E15-F8E92DADD062",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3-32p4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87E85F7C-F33B-49C1-A526-ACC1BEF3B65C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3-96:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E54F451-CA87-4F32-A088-AE18123CE07A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3k-32d4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16CB1780-6DEC-4140-A771-9139C77A8A88",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3k-32p4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11DE9CB6-4453-4EED-B7FC-6374F9225B83",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3k-96:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A98C94CB-7DFC-4CAC-9D98-B3E80BF1EE56",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280dr3-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85D9E9FF-564E-4B16-8070-33A366F48FE9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280dr3k-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56AF4A54-7568-4FE0-BE5F-02BD9FADDCE5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280pr3-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F14163D2-B236-4C78-9DB4-97DE6D996EBC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280pr3k-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4057906A-B27B-4B53-97F6-3F5F35794990",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280r2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21CB1AAF-FC82-4A80-9932-42E8EFA3906A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60FC964C-9835-443A-A584-3A5D6022E914",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280sr3-48yc8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8143579F-AD53-4D74-AE3E-4D465DCD7A57",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280sr3k-48yc8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79AB0F1D-ACCA-490C-96F2-FC23A8611CB8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3871AE3-43FC-4004-ACBD-8460FB89DED5",
"versionEndExcluding": "1.10.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2E40AC-033C-4A35-AE27-6429B1DF27E7",
"versionEndExcluding": "1.16.8",
"versionStartIncluding": "1.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47F31557-7A87-4769-8DDB-6F8CFCEC97E9",
"versionEndExcluding": "1.19.0",
"versionStartIncluding": "1.17.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16525FC4-B685-49F7-A4D1-6581E27A1FE2",
"versionEndIncluding": "4.23.11",
"versionStartIncluding": "4.23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC54BB20-D62F-476D-8A15-8F4D3B8AF389",
"versionEndExcluding": "4.24.10",
"versionStartIncluding": "4.24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6AD50F-4318-4F22-A5F2-AC4A62156A51",
"versionEndExcluding": "4.25.8",
"versionStartIncluding": "4.25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69E76257-58E0-49F3-BE6E-063F6B061243",
"versionEndExcluding": "4.26.6",
"versionStartIncluding": "4.26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "468664F6-B038-4443-86B2-CC82C3D0A2EB",
"versionEndExcluding": "4.27.2",
"versionStartIncluding": "4.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:7500r2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "583725F6-8583-425C-A847-700DBB9169E7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6A4B3C-FF12-4DCD-9945-8450AD0BDEED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3-24d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE1BB565-2668-4242-8A00-5CC9C30B9AC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3-24p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15F1A605-8836-4A64-AC5E-ADAB34F8F104",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3-36cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE8A047A-9FD9-4AE1-9E47-457A46BAE3A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3k-36cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "019B0670-389B-4A4E-8C72-52202E3AA8EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3871AE3-43FC-4004-ACBD-8460FB89DED5",
"versionEndExcluding": "1.10.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2E40AC-033C-4A35-AE27-6429B1DF27E7",
"versionEndExcluding": "1.16.8",
"versionStartIncluding": "1.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47F31557-7A87-4769-8DDB-6F8CFCEC97E9",
"versionEndExcluding": "1.19.0",
"versionStartIncluding": "1.17.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16525FC4-B685-49F7-A4D1-6581E27A1FE2",
"versionEndIncluding": "4.23.11",
"versionStartIncluding": "4.23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC54BB20-D62F-476D-8A15-8F4D3B8AF389",
"versionEndExcluding": "4.24.10",
"versionStartIncluding": "4.24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6AD50F-4318-4F22-A5F2-AC4A62156A51",
"versionEndExcluding": "4.25.8",
"versionStartIncluding": "4.25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69E76257-58E0-49F3-BE6E-063F6B061243",
"versionEndExcluding": "4.26.6",
"versionStartIncluding": "4.26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "468664F6-B038-4443-86B2-CC82C3D0A2EB",
"versionEndExcluding": "4.27.2",
"versionStartIncluding": "4.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:7800r3-36p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D19E86BF-AA91-4262-8EF9-B7FC48C6F3F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3-48cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58443CDE-33D8-4460-A861-CDC07431AA22",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3k-48cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64BE8C68-FE98-4162-A3D3-54494D5444F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3871AE3-43FC-4004-ACBD-8460FB89DED5",
"versionEndExcluding": "1.10.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2E40AC-033C-4A35-AE27-6429B1DF27E7",
"versionEndExcluding": "1.16.8",
"versionStartIncluding": "1.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47F31557-7A87-4769-8DDB-6F8CFCEC97E9",
"versionEndExcluding": "1.19.0",
"versionStartIncluding": "1.17.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16525FC4-B685-49F7-A4D1-6581E27A1FE2",
"versionEndIncluding": "4.23.11",
"versionStartIncluding": "4.23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC54BB20-D62F-476D-8A15-8F4D3B8AF389",
"versionEndExcluding": "4.24.10",
"versionStartIncluding": "4.24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6AD50F-4318-4F22-A5F2-AC4A62156A51",
"versionEndExcluding": "4.25.8",
"versionStartIncluding": "4.25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69E76257-58E0-49F3-BE6E-063F6B061243",
"versionEndExcluding": "4.26.6",
"versionStartIncluding": "4.26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "468664F6-B038-4443-86B2-CC82C3D0A2EB",
"versionEndExcluding": "4.27.2",
"versionStartIncluding": "4.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:7388x5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B66E706E-56FB-4A49-BD90-76A8CB6BE391",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak IPsec sensitive data in clear text in CVP to other authorized users, which could cause IPsec traffic to be decrypted or modified by other authorized users on the device."
},
{
"lang": "es",
"value": "Este aviso documenta el impacto de una vulnerabilidad encontrada internamente en el agente de telemetr\u00eda de flujo de estado de Arista EOS TerminAttr y los protocolos de transporte OpenConfig. El impacto de esta vulnerabilidad es que, en determinadas condiciones, TerminAttr podr\u00eda filtrar datos confidenciales de IPsec en texto sin cifrar en CVP a otros usuarios autorizados, lo que podr\u00eda causar que el tr\u00e1fico IPsec sea descifrado o modificado por otros usuarios autorizados en el dispositivo"
}
],
"id": "CVE-2021-28508",
"lastModified": "2024-11-21T05:59:48.310",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "psirt@arista.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-26T20:15:08.447",
"references": [
{
"source": "psirt@arista.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/15484-security-advisory-0077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/15484-security-advisory-0077"
}
],
"sourceIdentifier": "psirt@arista.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-255"
}
],
"source": "psirt@arista.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-319"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-05-26 20:15
Modified
2024-11-21 05:59
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
Summary
This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak MACsec sensitive data in clear text in CVP to other authorized users, which could cause MACsec traffic to be decrypted or modified by other authorized users on the device.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3871AE3-43FC-4004-ACBD-8460FB89DED5",
"versionEndExcluding": "1.10.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2E40AC-033C-4A35-AE27-6429B1DF27E7",
"versionEndExcluding": "1.16.8",
"versionStartIncluding": "1.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5302364-97A9-470A-A2CE-B12B51DAF845",
"versionEndExcluding": "1.19.2",
"versionStartIncluding": "1.17.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16525FC4-B685-49F7-A4D1-6581E27A1FE2",
"versionEndIncluding": "4.23.11",
"versionStartIncluding": "4.23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC54BB20-D62F-476D-8A15-8F4D3B8AF389",
"versionEndExcluding": "4.24.10",
"versionStartIncluding": "4.24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6AD50F-4318-4F22-A5F2-AC4A62156A51",
"versionEndExcluding": "4.25.8",
"versionStartIncluding": "4.25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69E76257-58E0-49F3-BE6E-063F6B061243",
"versionEndExcluding": "4.26.6",
"versionStartIncluding": "4.26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "033E2C2B-5214-4E6F-A6ED-BA0B1EA0D09C",
"versionEndExcluding": "4.27.4",
"versionStartIncluding": "4.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:ccs-722xpm-48y4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "074CBF00-1D2C-4388-874A-62453B1D4564",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:ccs-722xpm-48zy8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D15C1D00-5F35-4F67-8075-D84D3BD9CE73",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3871AE3-43FC-4004-ACBD-8460FB89DED5",
"versionEndExcluding": "1.10.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2E40AC-033C-4A35-AE27-6429B1DF27E7",
"versionEndExcluding": "1.16.8",
"versionStartIncluding": "1.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5302364-97A9-470A-A2CE-B12B51DAF845",
"versionEndExcluding": "1.19.2",
"versionStartIncluding": "1.17.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16525FC4-B685-49F7-A4D1-6581E27A1FE2",
"versionEndIncluding": "4.23.11",
"versionStartIncluding": "4.23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC54BB20-D62F-476D-8A15-8F4D3B8AF389",
"versionEndExcluding": "4.24.10",
"versionStartIncluding": "4.24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6AD50F-4318-4F22-A5F2-AC4A62156A51",
"versionEndExcluding": "4.25.8",
"versionStartIncluding": "4.25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69E76257-58E0-49F3-BE6E-063F6B061243",
"versionEndExcluding": "4.26.6",
"versionStartIncluding": "4.26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "033E2C2B-5214-4E6F-A6ED-BA0B1EA0D09C",
"versionEndExcluding": "4.27.4",
"versionStartIncluding": "4.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:7050cx3-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1FF0290-C671-4ABC-8A12-05E4D55FC4AE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050cx3m-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "828C6E4F-814A-4060-8F5E-7FF359C8739C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx3-48c8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE35C17F-0C60-4A40-9949-D4C5D94D1D7A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx3-48yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07BA078E-30B7-4E2C-B240-BF64E98143E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx3-48yc12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBFD0706-CACB-40FA-A41B-46B39C6E1D33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx3-48yc8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5951D243-CB68-4B41-A913-D879CE502795",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx3-96yc8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73156612-D338-4E20-8C82-0E65DAA72331",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050tx3-48c8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "388C57D8-4B3C-4E5D-84AA-0CB7506F825A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:dcs-7050cx3-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7C133EA-753A-4770-AEF8-11AC8E901F1A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:dcs-7050cx3-32s-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F270D9-1B05-4CBC-BEE0-0850C94BB9F0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:dcs-7050cx3m-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D11D6B9-1E68-4A65-A9CD-8DD299EC6B25",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:dcs-7050sx3-48c8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11B7A876-587F-4C51-BE49-C82F6508C536",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:dcs-7050sx3-48yc12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EEB629B5-7E62-4972-A288-EF76FFA3E441",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:dcs-7050sx3-48yc8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33079D44-2255-4682-A4BC-4B071D8EDCFA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:dcs-7050sx3-96yc8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "69F1C5CA-19D7-4F40-93EB-97F44DCD5DCB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3871AE3-43FC-4004-ACBD-8460FB89DED5",
"versionEndExcluding": "1.10.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2E40AC-033C-4A35-AE27-6429B1DF27E7",
"versionEndExcluding": "1.16.8",
"versionStartIncluding": "1.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5302364-97A9-470A-A2CE-B12B51DAF845",
"versionEndExcluding": "1.19.2",
"versionStartIncluding": "1.17.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16525FC4-B685-49F7-A4D1-6581E27A1FE2",
"versionEndIncluding": "4.23.11",
"versionStartIncluding": "4.23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC54BB20-D62F-476D-8A15-8F4D3B8AF389",
"versionEndExcluding": "4.24.10",
"versionStartIncluding": "4.24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6AD50F-4318-4F22-A5F2-AC4A62156A51",
"versionEndExcluding": "4.25.8",
"versionStartIncluding": "4.25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69E76257-58E0-49F3-BE6E-063F6B061243",
"versionEndExcluding": "4.26.6",
"versionStartIncluding": "4.26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "033E2C2B-5214-4E6F-A6ED-BA0B1EA0D09C",
"versionEndExcluding": "4.27.4",
"versionStartIncluding": "4.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:7280cr2ak-30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99506386-8D68-46F4-AEA9-4C16C16545B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr2k-60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F569286-C19F-48CB-AB24-89C4A1EB6F81",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3-32d4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FEC18B3-7980-4EBF-8E15-F8E92DADD062",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3-32p4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87E85F7C-F33B-49C1-A526-ACC1BEF3B65C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3-96:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E54F451-CA87-4F32-A088-AE18123CE07A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3k-32d4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16CB1780-6DEC-4140-A771-9139C77A8A88",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3k-32p4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11DE9CB6-4453-4EED-B7FC-6374F9225B83",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3k-96:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A98C94CB-7DFC-4CAC-9D98-B3E80BF1EE56",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280dr3-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85D9E9FF-564E-4B16-8070-33A366F48FE9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280dr3k-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56AF4A54-7568-4FE0-BE5F-02BD9FADDCE5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280pr3-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F14163D2-B236-4C78-9DB4-97DE6D996EBC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280pr3k-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4057906A-B27B-4B53-97F6-3F5F35794990",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280r2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21CB1AAF-FC82-4A80-9932-42E8EFA3906A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60FC964C-9835-443A-A584-3A5D6022E914",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280sr3-48yc8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8143579F-AD53-4D74-AE3E-4D465DCD7A57",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280sr3k-48yc8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79AB0F1D-ACCA-490C-96F2-FC23A8611CB8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3871AE3-43FC-4004-ACBD-8460FB89DED5",
"versionEndExcluding": "1.10.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2E40AC-033C-4A35-AE27-6429B1DF27E7",
"versionEndExcluding": "1.16.8",
"versionStartIncluding": "1.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5302364-97A9-470A-A2CE-B12B51DAF845",
"versionEndExcluding": "1.19.2",
"versionStartIncluding": "1.17.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16525FC4-B685-49F7-A4D1-6581E27A1FE2",
"versionEndIncluding": "4.23.11",
"versionStartIncluding": "4.23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC54BB20-D62F-476D-8A15-8F4D3B8AF389",
"versionEndExcluding": "4.24.10",
"versionStartIncluding": "4.24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6AD50F-4318-4F22-A5F2-AC4A62156A51",
"versionEndExcluding": "4.25.8",
"versionStartIncluding": "4.25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69E76257-58E0-49F3-BE6E-063F6B061243",
"versionEndExcluding": "4.26.6",
"versionStartIncluding": "4.26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "033E2C2B-5214-4E6F-A6ED-BA0B1EA0D09C",
"versionEndExcluding": "4.27.4",
"versionStartIncluding": "4.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:7500r2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "583725F6-8583-425C-A847-700DBB9169E7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6A4B3C-FF12-4DCD-9945-8450AD0BDEED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3-24d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE1BB565-2668-4242-8A00-5CC9C30B9AC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3-24p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15F1A605-8836-4A64-AC5E-ADAB34F8F104",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3-36cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE8A047A-9FD9-4AE1-9E47-457A46BAE3A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3k-36cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "019B0670-389B-4A4E-8C72-52202E3AA8EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3871AE3-43FC-4004-ACBD-8460FB89DED5",
"versionEndExcluding": "1.10.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2E40AC-033C-4A35-AE27-6429B1DF27E7",
"versionEndExcluding": "1.16.8",
"versionStartIncluding": "1.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5302364-97A9-470A-A2CE-B12B51DAF845",
"versionEndExcluding": "1.19.2",
"versionStartIncluding": "1.17.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16525FC4-B685-49F7-A4D1-6581E27A1FE2",
"versionEndIncluding": "4.23.11",
"versionStartIncluding": "4.23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC54BB20-D62F-476D-8A15-8F4D3B8AF389",
"versionEndExcluding": "4.24.10",
"versionStartIncluding": "4.24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6AD50F-4318-4F22-A5F2-AC4A62156A51",
"versionEndExcluding": "4.25.8",
"versionStartIncluding": "4.25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69E76257-58E0-49F3-BE6E-063F6B061243",
"versionEndExcluding": "4.26.6",
"versionStartIncluding": "4.26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "033E2C2B-5214-4E6F-A6ED-BA0B1EA0D09C",
"versionEndExcluding": "4.27.4",
"versionStartIncluding": "4.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:7800r3-36p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D19E86BF-AA91-4262-8EF9-B7FC48C6F3F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3-48cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58443CDE-33D8-4460-A861-CDC07431AA22",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3k-48cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64BE8C68-FE98-4162-A3D3-54494D5444F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3871AE3-43FC-4004-ACBD-8460FB89DED5",
"versionEndExcluding": "1.10.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2E40AC-033C-4A35-AE27-6429B1DF27E7",
"versionEndExcluding": "1.16.8",
"versionStartIncluding": "1.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:arista:terminattr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5302364-97A9-470A-A2CE-B12B51DAF845",
"versionEndExcluding": "1.19.2",
"versionStartIncluding": "1.17.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16525FC4-B685-49F7-A4D1-6581E27A1FE2",
"versionEndIncluding": "4.23.11",
"versionStartIncluding": "4.23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC54BB20-D62F-476D-8A15-8F4D3B8AF389",
"versionEndExcluding": "4.24.10",
"versionStartIncluding": "4.24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6AD50F-4318-4F22-A5F2-AC4A62156A51",
"versionEndExcluding": "4.25.8",
"versionStartIncluding": "4.25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "69E76257-58E0-49F3-BE6E-063F6B061243",
"versionEndExcluding": "4.26.6",
"versionStartIncluding": "4.26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "033E2C2B-5214-4E6F-A6ED-BA0B1EA0D09C",
"versionEndExcluding": "4.27.4",
"versionStartIncluding": "4.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:7388x5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B66E706E-56FB-4A49-BD90-76A8CB6BE391",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak MACsec sensitive data in clear text in CVP to other authorized users, which could cause MACsec traffic to be decrypted or modified by other authorized users on the device."
},
{
"lang": "es",
"value": "Este aviso documenta el impacto de una vulnerabilidad encontrada internamente en los protocolos de transporte TerminAttr y OpenConfig del agente de telemetr\u00eda de transmisi\u00f3n de estados de Arista EOS. El impacto de esta vulnerabilidad es que, en determinadas condiciones, TerminAttr podr\u00eda filtrar datos confidenciales MACsec en texto sin cifrar en CVP a otros usuarios autorizados, lo que podr\u00eda causar que el tr\u00e1fico MACsec sea descifrado o modificado por otros usuarios autorizados en el dispositivo"
}
],
"id": "CVE-2021-28509",
"lastModified": "2024-11-21T05:59:48.463",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.2,
"source": "psirt@arista.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-26T20:15:08.500",
"references": [
{
"source": "psirt@arista.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/15484-security-advisory-0077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/15484-security-advisory-0077"
}
],
"sourceIdentifier": "psirt@arista.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-255"
}
],
"source": "psirt@arista.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-319"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-05 22:15
Modified
2024-11-21 07:48
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
On the affected platforms running EOS, a malformed DHCP packet might cause the DHCP relay agent to restart.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4EBD228-42BD-48F2-A9FA-C7F007A401A3",
"versionEndIncluding": "4.25.10m",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "341CA00E-8BDE-4BF9-90D4-7B07FC484D18",
"versionEndExcluding": "4.26.10m",
"versionStartIncluding": "4.26.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "65C3AA23-CE24-48EE-B471-A03F451C6F35",
"versionEndExcluding": "4.27.10m",
"versionStartIncluding": "4.27.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "255A4F4F-1563-4557-BCBB-3BB1309A8889",
"versionEndExcluding": "4.28.7m",
"versionStartIncluding": "4.28.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24621B26-04A1-4693-BCB4-437544C08B50",
"versionEndExcluding": "4.29.2f",
"versionStartIncluding": "4.29.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arista:ceos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6833D11-7AB5-41CC-83AE-FE28913DDFB8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:arista:cloudeos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "362F2E0F-3D40-444F-87F3-21CA70B1AD04",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:arista:veos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0D0B16F-F18E-48F9-87A5-AE0D9E5C3FAF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7010t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC3D5B4-3B6F-4F15-9CAA-B0D08B53FFC6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7010t-48:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4CCF6152-815E-4B3C-AE4B-CA598BEBD020",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7010tx-48:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E00C871-8EB3-4241-95F3-83A524A79FB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7010tx-48-dc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1CC52FD-29BE-4037-9A7C-264ACF9F6C0D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7020r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3371EEF-9D7A-4EF6-A435-A0F1034E5EE7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7020sr-24c2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7781CB15-3452-47D9-A961-8B09F2E9AEC1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7020sr-32c2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09A31FB8-512E-43EF-8F87-E02E35F5251E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7020tr-48:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CBFF922-28D7-42D6-8796-91AD9A178D28",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7020tra-48:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561B4042-DFD3-4BC0-9C5F-74799A7E92C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050cx3-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1FF0290-C671-4ABC-8A12-05E4D55FC4AE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050cx3m-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "828C6E4F-814A-4060-8F5E-7FF359C8739C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050qx-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "253D74DE-97F5-40F3-B179-D2D4442C57FD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050qx2-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75E03F9E-522F-4D9B-9267-09E2550B5465",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx-128:-:*:*:*:*:*:*:*",
"matchCriteriaId": "895A7AFD-BE76-47F5-B67B-6279046E4274",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx-64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74E258EC-EA50-4185-AA35-5D963C359E74",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx-72q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1482D4FC-60B9-4C89-B892-71AA3E1031F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx2-128:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C99D84E9-2229-459E-AE90-49C2EF670884",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx2-72q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D922C725-1139-4DD4-92FC-9FF15E35CE62",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx3-48c8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE35C17F-0C60-4A40-9949-D4C5D94D1D7A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx3-48yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07BA078E-30B7-4E2C-B240-BF64E98143E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx3-48yc12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBFD0706-CACB-40FA-A41B-46B39C6E1D33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx3-48yc8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5951D243-CB68-4B41-A913-D879CE502795",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx3-96yc8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73156612-D338-4E20-8C82-0E65DAA72331",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050tx-48:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78E7CDCC-ADC6-4854-BFC4-72DA47C5F10B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050tx-64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B03678D-AD7B-4B1A-8E6A-1811DD8B1483",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050tx-72q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E803639C-13A1-48CA-A589-C83654AE454F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050tx2-128:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A495D282-D3DC-4D18-AB72-2358834C238E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050tx3-48c8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "388C57D8-4B3C-4E5D-84AA-0CB7506F825A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7060cx-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D518C8D5-A86B-46E5-A646-8939BFA2E116",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7060cx2-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1608297-7079-4F3B-857E-708B74E944D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7060dx4-32:-:*:*:*:*:*:*:*",
"matchCriteriaId": "806A01C5-231D-4F9D-A292-E9DD706A0C66",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7060px4-32:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC10746F-8FC0-49EF-BB9C-EC49B734DFA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7060sx2-48yc6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26582E98-B710-46D7-B8F2-9286E0592FA6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D832798-DA45-4F9E-AA31-5D088253A28A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7130-16g3s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFFA321D-F4A5-434C-BB39-D2B2687001D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7130-48g3s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BE67B8-F326-48B7-AB82-04FE8C2E37E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7130-96s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3264E086-4E90-41D0-8583-8FCF3CE4885D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7150s-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93D74C0B-E470-4D45-98E2-775DE43997DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7150s-52:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B2CAA23-003C-43E6-87CE-61E4369C2D30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7150s-64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7445075-D130-472C-B259-6BACE678541D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7150sc-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF3FA52A-3A67-4515-9790-598860102893",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7150sc-64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6336F166-FAD3-4846-84B9-45F5FAA3D437",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7160-32cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7620401C-FB14-46F1-979B-B21194F90945",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7160-48tc6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DFC236-44B3-4EEF-8937-4F86EE99EB45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7160-48yc6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "823E5569-C918-40E6-A2C5-7C415E4ADEF5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7170-32c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8EFEEA5-0FC4-4FFC-BF5D-BDBAA1B55C70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7170-32cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2959C68-8731-4F37-B9E7-61E5936D3D8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7170-64c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6FB3395-8D13-4477-A46E-37A88272CFAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7170b-64c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7EE3572E-A724-4057-8776-7A95528DCEE7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720df-48y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8FCDB83-38D5-4F02-97E2-BBEF891DCDD7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720dp-24s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80EAF795-EB62-4A86-A0FC-A09008E631A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720dp-48s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA03BA0B-BB2D-41CF-BA2E-B21604D6FBC1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720dt-24s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AE185FD-0D4D-4862-B513-BC68BF3F9F7E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720dt-48s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46C2150F-2FD6-452F-8C56-7413E3EB8FDC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720dt-48y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44A568A1-BA88-458E-B69A-0A2A6C594728",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720xp-24y6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AFDBCBB-2C1A-4B88-AE28-EF63D5B9EDD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720xp-24zy4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58757129-BF9C-4BD8-B692-BB57023F8A48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720xp-48y6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2756BB4B-1053-4EAC-AC0B-785FD5039D5F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720xp-48zc2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D36540-7723-4284-A207-6BD27728CA25",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720xp-96zc2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF95CB28-E010-4A1D-A746-F9DDF015868F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:722xpm-48y4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15876058-5E5D-4C87-83A3-592ADCA0AA6E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:722xpm-48zy8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "426308A9-D534-4465-865C-39BC70548B00",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7250qx-64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0DD95B3B-D655-42DC-85C2-2C6FDBCC77F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7260cx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E40D14DE-BAFB-461F-9AA7-E3EDC2D8D468",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7260cx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "901E5B76-0EB7-4EAD-A281-15B9F78041AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7260cx3-64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49BAE58E-F4B5-4C8F-9EEB-5A0F38A96F0C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7260qx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE1DE992-9BFA-4794-82F4-66F464BB384E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7260qx-64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83A3811A-EB0E-464B-86E7-0E369935A507",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7260sx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58296832-AA93-4EAE-96BD-28EC368F8391",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6466FE3-DCE8-4DA5-B893-2BA864F73BC5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280r2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21CB1AAF-FC82-4A80-9932-42E8EFA3906A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60FC964C-9835-443A-A584-3A5D6022E914",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7300x-32q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDF8A65D-6FBC-4C38-8B45-418E6C5EB16C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7300x-64s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F088D51-24F4-49AD-8397-73D1EAF45F56",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7300x-64t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "69BA5C6D-40C0-4AA3-AC10-D7F097D8EDD9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7300x3-32c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0040BDDF-D711-4619-9E96-96EFBD33CAA0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7300x3-48yc4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4AA716D-CAD1-4689-8A26-977A2E5F869E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7320x-32c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5AD08CBF-6F42-4F98-B413-F65C5613BE6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7358x4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DBC38094-A539-425D-A2B6-770FAF0FC3C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7368x4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "161DB0D9-9BAC-4546-88D3-5547F4B6149C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7388x5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B66E706E-56FB-4A49-BD90-76A8CB6BE391",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BD5D5BB-96D6-43F5-A394-829E7866AF3B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06C61DCC-D1CF-4CE5-9634-4BE3E071E83E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC651584-113E-4859-9F14-12D62F3BD626",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "583725F6-8583-425C-A847-700DBB9169E7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6A4B3C-FF12-4DCD-9945-8450AD0BDEED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3-24d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE1BB565-2668-4242-8A00-5CC9C30B9AC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3-24p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15F1A605-8836-4A64-AC5E-ADAB34F8F104",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3-36cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE8A047A-9FD9-4AE1-9E47-457A46BAE3A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3k-36cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "019B0670-389B-4A4E-8C72-52202E3AA8EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3-36p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D19E86BF-AA91-4262-8EF9-B7FC48C6F3F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3-48cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58443CDE-33D8-4460-A861-CDC07431AA22",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3k-48cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64BE8C68-FE98-4162-A3D3-54494D5444F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "On the affected platforms running EOS, a malformed DHCP packet might cause the DHCP relay agent to restart."
}
],
"id": "CVE-2023-24510",
"lastModified": "2024-11-21T07:48:01.133",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "psirt@arista.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-05T22:15:11.717",
"references": [
{
"source": "psirt@arista.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/17445-security-advisory-0087"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/17445-security-advisory-0087"
}
],
"sourceIdentifier": "psirt@arista.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-755"
}
],
"source": "psirt@arista.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-755"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-10-10 19:15
Modified
2024-11-21 04:27
Severity ?
Summary
A vulnerability has been found in the implementation of the Label Distribution Protocol (LDP) protocol in EOS. Under race conditions, the LDP agent can establish an LDP session with a malicious peer potentially allowing the possibility of a Denial of Service (DoS) attack on route updates and in turn potentially leading to an Out of Memory (OOM) condition that is disruptive to traffic forwarding. Affected EOS versions include: 4.22 release train: 4.22.1F and earlier releases 4.21 release train: 4.21.0F - 4.21.2.3F, 4.21.3F - 4.21.7.1M 4.20 release train: 4.20.14M and earlier releases 4.19 release train: 4.19.12M and earlier releases End of support release trains (4.18 and 4.17)
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arista | extensible_operating_system | * | |
| arista | extensible_operating_system | * | |
| arista | extensible_operating_system | * | |
| arista | extensible_operating_system | * | |
| arista | extensible_operating_system | 4.17 | |
| arista | extensible_operating_system | 4.18 | |
| arista | extensible_operating_system | 4.22.1f | |
| arista | 7020r | - | |
| arista | 7280e | - | |
| arista | 7280r | - | |
| arista | 7280r2 | - | |
| arista | 7280r3 | - | |
| arista | 7500e | - | |
| arista | 7500r | - | |
| arista | 7500r2 | - | |
| arista | 7500r3 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF0622F4-B19E-4D53-A0AF-481F0D65AA87",
"versionEndIncluding": "4.19.12m",
"versionStartIncluding": "4.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A1A9BBA3-708A-4F20-A9C1-54B1368D1BA8",
"versionEndIncluding": "4.20.14m",
"versionStartIncluding": "4.20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F31FBFC-C81E-4BC1-AC4E-FBD0F0CD00B8",
"versionEndIncluding": "4.21.2.3f",
"versionStartIncluding": "4.21.0f",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:extensible_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49F87620-E066-4250-9745-A8B842612AFE",
"versionEndIncluding": "4.21.7",
"versionStartIncluding": "4.21.3f",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:extensible_operating_system:4.17:*:*:*:*:*:*:*",
"matchCriteriaId": "7DB48708-D409-4379-9F2C-170F3A1B53BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:extensible_operating_system:4.18:*:*:*:*:*:*:*",
"matchCriteriaId": "2C0823B5-1F76-4712-A17A-C43DCAA189DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:extensible_operating_system:4.22.1f:*:*:*:*:*:*:*",
"matchCriteriaId": "A96FAAFE-DB6E-40CA-A0FF-C9C76C8DF1C6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:7020r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3371EEF-9D7A-4EF6-A435-A0F1034E5EE7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6466FE3-DCE8-4DA5-B893-2BA864F73BC5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C02B50F5-B316-4081-BC9E-6F1778049096",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280r2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21CB1AAF-FC82-4A80-9932-42E8EFA3906A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60FC964C-9835-443A-A584-3A5D6022E914",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06C61DCC-D1CF-4CE5-9634-4BE3E071E83E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC651584-113E-4859-9F14-12D62F3BD626",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "583725F6-8583-425C-A847-700DBB9169E7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6A4B3C-FF12-4DCD-9945-8450AD0BDEED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in the implementation of the Label Distribution Protocol (LDP) protocol in EOS. Under race conditions, the LDP agent can establish an LDP session with a malicious peer potentially allowing the possibility of a Denial of Service (DoS) attack on route updates and in turn potentially leading to an Out of Memory (OOM) condition that is disruptive to traffic forwarding. Affected EOS versions include: 4.22 release train: 4.22.1F and earlier releases 4.21 release train: 4.21.0F - 4.21.2.3F, 4.21.3F - 4.21.7.1M 4.20 release train: 4.20.14M and earlier releases 4.19 release train: 4.19.12M and earlier releases End of support release trains (4.18 and 4.17)"
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en la implementaci\u00f3n del protocolo Label Distribution Protocol (LDP) en EOS. En condiciones de carrera, el agente de LDP puede establecer una sesi\u00f3n de LDP con un peer malicioso, permitiendo potencialmente la posibilidad de un ataque de Denegaci\u00f3n de Servicio (DoS) sobre las actualizaciones de ruta y, a su vez, conllevando potencialmente a una condici\u00f3n Out of Memory (OOM) que es perjudicial para el reenv\u00edo de tr\u00e1fico. Las versiones EOS afectadas incluyen: tren de publicaciones de 4.22: 4.22.1F y versiones anteriores; tren de publicaciones de 4.21: 4.21.0F hasta 4.21.2.3F, 4.21.3F hasta 4.21.7.1M; tren de publicaciones de 4.20: 4.20.14M y versiones anteriores; tren de publicaciones de 4.19: 4.19.12M y versiones anteriores; trenes de publicaciones de fin de soporte (4.18 y 4.17)"
}
],
"id": "CVE-2019-14810",
"lastModified": "2024-11-21T04:27:24.337",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-10-10T19:15:10.950",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/8321-security-advisory-42"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/8321-security-advisory-42"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2023-24510
Vulnerability from cvelistv5
Published
2023-06-05 00:00
Modified
2025-01-08 17:46
Severity ?
EPSS score ?
Summary
On the affected platforms running EOS, a malformed DHCP packet might cause the DHCP relay agent to restart.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Arista Networks | Arista EOS |
Version: 4.25.0F < Version: 4.26.0F < Version: 4.27.0F < Version: 4.28.0F < Version: 4.29.0F < |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:56:04.426Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/17445-security-advisory-0087"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24510",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-08T17:46:21.374238Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-08T17:46:55.549Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Arista EOS",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "4.25.10M",
"status": "affected",
"version": "4.25.0F",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.26.9M",
"status": "affected",
"version": "4.26.0F",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.27.9M",
"status": "affected",
"version": "4.27.0F",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.28.6.1M",
"status": "affected",
"version": "4.28.0F",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.29.1F",
"status": "affected",
"version": "4.29.0F",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "In order to be vulnerable to CVE-2023-24510, the following condition must be met:\nAt least two \u201cip helper-address\u201d commands for the DHCP server are configured on the same interface.\n \u2013 Scenario One: One command uses \u201csource-interface\u201d, with or without being in a VRF. The second command does not use a source-interface and does not use a VRF.\n \u2013 Scenario Two: One command is run inside of a VRF. The second command does not use a source-interface and does not use a VRF."
}
],
"datePublic": "2023-05-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "On the affected platforms running EOS, a malformed DHCP packet might cause the DHCP relay agent to restart."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-755",
"description": "CWE-755 Improper Handling of Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-05T00:00:00",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/17445-security-advisory-0087"
}
],
"solutions": [
{
"lang": "en",
"value": "CVE-2023-24510 has been fixed in the following releases:\n - 4.29.2F and later releases in the 4.29.x train\n - 4.28.7M and later releases in the 4.28.x train\n - 4.27.10M and later releases in the 4.27.x train\n - 4.26.10M and later releases in the 4.26.x train"
}
],
"source": {
"advisory": "Security Advisory 0087",
"defect": [
"BUG753188"
],
"discovery": "INTERNAL"
},
"title": "On the affected platforms running EOS, a malformed DHCP packet might cause the DHCP relay agent to restart.",
"workarounds": [
{
"lang": "en",
"value": "The hotfix https://www.arista.com/support/advisories-notices/sa-download?sa=87-SecurityAdvisory87_Hotfix.swix can be used to remediate CVE-2023-24510. The hotfix only applies to the releases listed below and no other releases:\n - 4.29.1F and below releases in the 4.29.x train\n - 4.28.6.1M and below releases in the 4.28.x train\n - 4.27.9M and below releases in the 4.27.x train\n - 4.26.9M and below releases in the 4.26.x train\n - 4.25.10M and below releases in the 4.25.x train"
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2023-24510",
"datePublished": "2023-06-05T00:00:00",
"dateReserved": "2023-01-24T00:00:00",
"dateUpdated": "2025-01-08T17:46:55.549Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-28509
Vulnerability from cvelistv5
Published
2022-05-26 19:50
Modified
2024-09-16 20:32
Severity ?
EPSS score ?
Summary
This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak MACsec sensitive data in clear text in CVP to other authorized users, which could cause MACsec traffic to be decrypted or modified by other authorized users on the device.
References
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | Arista Networks | Arista EOS |
Version: 4.23 < Version: 4.24 < Version: 4.25 < Version: 4.26 < Version: 4.27 < |
||||
|
|||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:47:32.596Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/15484-security-advisory-0077"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Arista EOS",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "4.23.11",
"status": "affected",
"version": "4.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.24.9",
"status": "affected",
"version": "4.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.25.7",
"status": "affected",
"version": "4.25",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.26.5",
"status": "affected",
"version": "4.26",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.27.3",
"status": "affected",
"version": "4.27",
"versionType": "custom"
}
]
},
{
"product": "Arista TerminAttr",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "v1.10.10",
"status": "affected",
"version": "v1.10",
"versionType": "custom"
},
{
"lessThanOrEqual": "v1.16.7",
"status": "affected",
"version": "v1.16",
"versionType": "custom"
},
{
"lessThanOrEqual": "v1.19.1",
"status": "affected",
"version": "v1.19",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-05-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak MACsec sensitive data in clear text in CVP to other authorized users, which could cause MACsec traffic to be decrypted or modified by other authorized users on the device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-255",
"description": "CWE-255 Credentials Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-26T19:50:36",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/15484-security-advisory-0077"
}
],
"solutions": [
{
"lang": "en",
"value": "The recommended resolution is to upgrade to a remediated software version at your earliest convenience.\n\nThe vulnerability is fixed in the following versions:\n\nEOS versions:\n 4.24.10 and later release in the 4.24.x train\n 4.25.8 and later releases in the 4.25.x train\n 4.26.6 and later releases in the 4.26.x train\n 4.27.4 and later releases in the 4.27.x train\nTerminAttr versions:\n TerminAttr v1.10.11 and later releases in the v1.10.x train\n TerminAttr v1.16.8 and later releases in the v1.16.x train\n TerminAttr v1.19.2 and later releases"
}
],
"source": {
"advisory": "Security Advisory 0077",
"defect": [
"CVE-2021-28509"
],
"discovery": "INTERNAL"
},
"title": "TerminAttr streams MACsec sensitive data in clear text to other authorized users in CVP",
"workarounds": [
{
"lang": "en",
"value": "On the affected versions, the vulnerabilities can be mitigated by disabling TerminAttr agent."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@arista.com",
"DATE_PUBLIC": "2022-05-25T16:10:00.000Z",
"ID": "CVE-2021-28509",
"STATE": "PUBLIC",
"TITLE": "TerminAttr streams MACsec sensitive data in clear text to other authorized users in CVP"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Arista EOS",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "4.23",
"version_value": "4.23.11"
},
{
"version_affected": "\u003c=",
"version_name": "4.24",
"version_value": "4.24.9"
},
{
"version_affected": "\u003c=",
"version_name": "4.25",
"version_value": "4.25.7"
},
{
"version_affected": "\u003c=",
"version_name": "4.26",
"version_value": "4.26.5"
},
{
"version_affected": "\u003c=",
"version_name": "4.27",
"version_value": "4.27.3"
}
]
}
},
{
"product_name": "Arista TerminAttr",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "v1.10",
"version_value": "v1.10.10"
},
{
"version_affected": "\u003c=",
"version_name": "v1.16",
"version_value": "v1.16.7"
},
{
"version_affected": "\u003c=",
"version_name": "v1.19",
"version_value": "v1.19.1"
}
]
}
}
]
},
"vendor_name": "Arista Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak MACsec sensitive data in clear text in CVP to other authorized users, which could cause MACsec traffic to be decrypted or modified by other authorized users on the device."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-255 Credentials Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.arista.com/en/support/advisories-notices/security-advisories/15484-security-advisory-0077",
"refsource": "MISC",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/15484-security-advisory-0077"
}
]
},
"solution": [
{
"lang": "en",
"value": "The recommended resolution is to upgrade to a remediated software version at your earliest convenience.\n\nThe vulnerability is fixed in the following versions:\n\nEOS versions:\n 4.24.10 and later release in the 4.24.x train\n 4.25.8 and later releases in the 4.25.x train\n 4.26.6 and later releases in the 4.26.x train\n 4.27.4 and later releases in the 4.27.x train\nTerminAttr versions:\n TerminAttr v1.10.11 and later releases in the v1.10.x train\n TerminAttr v1.16.8 and later releases in the v1.16.x train\n TerminAttr v1.19.2 and later releases"
}
],
"source": {
"advisory": "Security Advisory 0077",
"defect": [
"CVE-2021-28509"
],
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "On the affected versions, the vulnerabilities can be mitigated by disabling TerminAttr agent."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2021-28509",
"datePublished": "2022-05-26T19:50:36.432905Z",
"dateReserved": "2021-03-16T00:00:00",
"dateUpdated": "2024-09-16T20:32:30.399Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-24511
Vulnerability from cvelistv5
Published
2023-04-12 00:00
Modified
2024-08-02 10:56
Severity ?
EPSS score ?
Summary
On affected platforms running Arista EOS with SNMP configured, a specially crafted packet can cause a memory leak in the snmpd process. This may result in the snmpd processing being terminated (causing SNMP requests to time out until snmpd is automatically restarted) and potential memory resource exhaustion for other processes on the switch. The vulnerability does not have any confidentiality or integrity impacts to the system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Arista Networks | EOS |
Version: 4.28.0 4.28.5.1M Version: 4.27.0 4.27.8.1M Version: 4.26.0 4.26.9M Version: 4.25.0 4.25.10M Version: 4.24.0 4.24.11M Version: 4.29.0 < |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:56:04.366Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/17239-security-advisory-0084"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EOS",
"vendor": "Arista Networks",
"versions": [
{
"status": "affected",
"version": "4.28.0 4.28.5.1M"
},
{
"status": "affected",
"version": "4.27.0 4.27.8.1M"
},
{
"status": "affected",
"version": "4.26.0 4.26.9M"
},
{
"status": "affected",
"version": "4.25.0 4.25.10M"
},
{
"status": "affected",
"version": "4.24.0 4.24.11M"
},
{
"lessThanOrEqual": "4.29.1F",
"status": "affected",
"version": "4.29.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "In order to be vulnerable to CVE-2023-24511, the following condition must be met:\n\nSNMP must be configured:\n"
}
],
"datePublic": "2023-04-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "On affected platforms running Arista EOS with SNMP configured, a specially crafted packet can cause a memory leak in the snmpd process. This may result in the snmpd processing being terminated (causing SNMP requests to time out until snmpd is automatically restarted) and potential memory resource exhaustion for other processes on the switch. The vulnerability does not have any confidentiality or integrity impacts to the system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-401",
"description": "CWE-401 Improper Release of Memory Before Removing Last Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-12T00:00:00",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/17239-security-advisory-0084"
}
],
"solutions": [
{
"lang": "en",
"value": "The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Artista recommends customers move to the latest version of each release that contains all the fixes listed below. For more information about upgrading see Eos User Manual: Upgrades and Downgrades\n\nCVE-2023-24511 has been fixed in the following releases:\n4.29.2F and later releases in the 4.29.x train\n4.28.6M and later releases in the 4.28.x train\n4.27.9M and later releases in the 4.27.x train\n4.26.10M and later releases in the 4.26.x train\n"
},
{
"lang": "en",
"value": "The following hotfix can be applied to remediate CVE-2023-24511. The hotfix only applies to the releases listed below and no other releases. All other versions require upgrading to a release containing the fix (as listed above).: \n\n4.29.1F and below releases in the 4.29.x train\n4.28.5.1M and below releases in the 4.28.x train\n4.27.8.1M and below releases in the 4.27.x train\n4.26.9M and below releases in the 4.26.x train\n\nNote: Installing/uninstalling the SWIX will cause the snmpd process to restart\nVersion: 1.0\nURL:SecurityAdvisory84_CVE-2023-24511_Hotfix.swix\nSWIX hash:SecurityAdvisory84_CVE-2023-24511_Hotfix.swix\n(SHA-512)da2bc1fd2c7fc718e3c72c7ce83dc1caa05150cbe2f081c8cc3ed40ce787f7e24dff5202e621ef5f2af89f72afd25f7476d02f722ffe8e8c7d24c101cbbfe0e5"
}
],
"source": {
"advisory": "84",
"defect": [
"751040"
],
"discovery": "EXTERNAL"
},
"title": "On affected platforms running Arista EOS with SNMP configured, a specially crafted packet can cause a memory leak in the snmpd process.",
"workarounds": [
{
"lang": "en",
"value": "If you suspect you are encountering this issue due to malicious activity, the workaround is to enable SNMP service ACLs to only allow specific IP addresses to query SNMP (combined with anti-spoofing ACLs in the rest of the network).\n\nsnmp-server ipv4 access-list allowHosts4\nsnmp-server ipv6 access-list allowHosts6\n!\nipv6 access-list allowHosts6\n 10 permit ipv6 host \u003cipv6 address\u003e any\n!\nip access-list allowHosts4\n 10 permit ip host \u003cipv4 address\u003e any\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2023-24511",
"datePublished": "2023-04-12T00:00:00",
"dateReserved": "2023-01-24T00:00:00",
"dateUpdated": "2024-08-02T10:56:04.366Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-14810
Vulnerability from cvelistv5
Published
2019-10-10 18:07
Modified
2024-08-05 00:26
Severity ?
EPSS score ?
Summary
A vulnerability has been found in the implementation of the Label Distribution Protocol (LDP) protocol in EOS. Under race conditions, the LDP agent can establish an LDP session with a malicious peer potentially allowing the possibility of a Denial of Service (DoS) attack on route updates and in turn potentially leading to an Out of Memory (OOM) condition that is disruptive to traffic forwarding. Affected EOS versions include: 4.22 release train: 4.22.1F and earlier releases 4.21 release train: 4.21.0F - 4.21.2.3F, 4.21.3F - 4.21.7.1M 4.20 release train: 4.20.14M and earlier releases 4.19 release train: 4.19.12M and earlier releases End of support release trains (4.18 and 4.17)
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.arista.com/en/support/advisories-notices | x_refsource_MISC | |
| https://www.arista.com/en/support/advisories-notices/security-advisories/8321-security-advisory-42 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:26:39.049Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/8321-security-advisory-42"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in the implementation of the Label Distribution Protocol (LDP) protocol in EOS. Under race conditions, the LDP agent can establish an LDP session with a malicious peer potentially allowing the possibility of a Denial of Service (DoS) attack on route updates and in turn potentially leading to an Out of Memory (OOM) condition that is disruptive to traffic forwarding. Affected EOS versions include: 4.22 release train: 4.22.1F and earlier releases 4.21 release train: 4.21.0F - 4.21.2.3F, 4.21.3F - 4.21.7.1M 4.20 release train: 4.20.14M and earlier releases 4.19 release train: 4.19.12M and earlier releases End of support release trains (4.18 and 4.17)"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-10T18:07:51",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.arista.com/en/support/advisories-notices"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/8321-security-advisory-42"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-14810",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been found in the implementation of the Label Distribution Protocol (LDP) protocol in EOS. Under race conditions, the LDP agent can establish an LDP session with a malicious peer potentially allowing the possibility of a Denial of Service (DoS) attack on route updates and in turn potentially leading to an Out of Memory (OOM) condition that is disruptive to traffic forwarding. Affected EOS versions include: 4.22 release train: 4.22.1F and earlier releases 4.21 release train: 4.21.0F - 4.21.2.3F, 4.21.3F - 4.21.7.1M 4.20 release train: 4.20.14M and earlier releases 4.19 release train: 4.19.12M and earlier releases End of support release trains (4.18 and 4.17)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.arista.com/en/support/advisories-notices",
"refsource": "MISC",
"url": "https://www.arista.com/en/support/advisories-notices"
},
{
"name": "https://www.arista.com/en/support/advisories-notices/security-advisories/8321-security-advisory-42",
"refsource": "CONFIRM",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/8321-security-advisory-42"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-14810",
"datePublished": "2019-10-10T18:07:51",
"dateReserved": "2019-08-10T00:00:00",
"dateUpdated": "2024-08-05T00:26:39.049Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-28510
Vulnerability from cvelistv5
Published
2023-01-24 00:00
Modified
2024-08-03 21:47
Severity ?
EPSS score ?
Summary
For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling message with an invalid Type-Length-Value (TLV) causes the PTP agent to restart. Repeated restarts of the service will make the service unavailable.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Arista Networks | EOS |
Version: 4.22 Version: 4.27.1 < Version: 4.26.4 < Version: 4.25.6 < Version: 4.24.8 < Version: 4.23.10 < |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:47:32.671Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/15439-security-advisory-0076"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EOS",
"vendor": "Arista Networks",
"versions": [
{
"status": "affected",
"version": "4.22"
},
{
"lessThanOrEqual": "4.27.0",
"status": "affected",
"version": "4.27.1",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.26.0",
"status": "affected",
"version": "4.26.4",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.25.0",
"status": "affected",
"version": "4.25.6",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.24.0",
"status": "affected",
"version": "4.24.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.23.0",
"status": "affected",
"version": "4.23.10",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling message with an invalid Type-Length-Value (TLV) causes the PTP agent to restart. Repeated restarts of the service will make the service unavailable."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-24T00:00:00",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/15439-security-advisory-0076"
}
],
"solutions": [
{
"lang": "en",
"value": "The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Artista recommends customers move to the latest version of each release that contains all the fixes listed below.\n\nCVE-2021-28510 has been fixed in the following releases:\n4.27.2 and later releases in the 4.27.x train\n4.26.5 and later releases in the 4.26.x train\n4.25.7 and later releases in the 4.25.x train\n4.24.9 and later releases in the 4.24.x train\n4.23.11 and later releases in the 4.23.x train\n"
},
{
"lang": "en",
"value": "Hotfix\n\nThe following hotfix can be applied to remediate CVE-2021-28510\nNote: Installing/uninstalling the SWIX will cause the PTP agent to restart.\n\nVersion: 1.0\nURL:SecurityAdvisory76_CVE-2021-28510_Hotfix.swix\n\nSWIX hash: (SHA-512)2b78b8274b7c73083775b0327e13819c655db07e22b80038bb3843002c679a798b53a4638c549a86183e01a835377bf262d27e60020a39516a5d215e2fadb437 "
}
],
"source": {
"advisory": "76",
"defect": [
"BUG",
"638107"
],
"discovery": "INTERNAL"
},
"title": "For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling message with an invalid Type-Length-Value (TLV) causes the PTP agent to restart. Repeated restarts of the service will make the service unavailable.",
"workarounds": [
{
"lang": "en",
"value": "Install ACL rules to drop PTP packets from untrusted sources. Best practice is to block access to untrusted (non-management) networks."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2021-28510",
"datePublished": "2023-01-24T00:00:00",
"dateReserved": "2021-03-16T00:00:00",
"dateUpdated": "2024-08-03T21:47:32.671Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-28508
Vulnerability from cvelistv5
Published
2022-05-26 19:48
Modified
2024-09-16 19:47
Severity ?
EPSS score ?
Summary
This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak IPsec sensitive data in clear text in CVP to other authorized users, which could cause IPsec traffic to be decrypted or modified by other authorized users on the device.
References
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | Arista Networks | Arista EOS |
Version: 4.23 < Version: 4.24 < Version: 4.25 < Version: 4.26 < Version: 4.27 < |
||||
|
|||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:47:32.720Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/15484-security-advisory-0077"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Arista EOS",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "4.23.11",
"status": "affected",
"version": "4.23",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.24.9",
"status": "affected",
"version": "4.24",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.25.7",
"status": "affected",
"version": "4.25",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.26.5",
"status": "affected",
"version": "4.26",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.27.3",
"status": "affected",
"version": "4.27",
"versionType": "custom"
}
]
},
{
"product": "Arista TerminAttr",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "v1.10.10",
"status": "affected",
"version": "v1.10",
"versionType": "custom"
},
{
"lessThanOrEqual": "v1.16.7",
"status": "affected",
"version": "v1.16",
"versionType": "custom"
},
{
"lessThanOrEqual": "v1.18.1",
"status": "affected",
"version": "v1.18",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-05-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak IPsec sensitive data in clear text in CVP to other authorized users, which could cause IPsec traffic to be decrypted or modified by other authorized users on the device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-255",
"description": "CWE-255 Credentials Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-26T19:48:13",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/15484-security-advisory-0077"
}
],
"solutions": [
{
"lang": "en",
"value": "The recommended resolution is to upgrade to a remediated software version at your earliest convenience.\n\nThe vulnerability is fixed in the following versions:\n\nEOS versions:\n 4.24.10 and later release in the 4.24.x train\n 4.25.8 and later releases in the 4.25.x train\n 4.26.6 and later releases in the 4.26.x train\n 4.27.2 and later releases in the 4.27.x train\nTerminAttr versions:\n TerminAttr v1.10.11 and later releases in the v1.10.x train\n TerminAttr v1.16.8 and later releases in the v1.16.x train\n TerminAttr v1.19.0 and later releases"
}
],
"source": {
"advisory": "Security Advisory 0077",
"defect": [
"CVE-2021-28508"
],
"discovery": "INTERNAL"
},
"title": "TerminAttr streams IPsec sensitive data in clear text to other authorized users in CVP",
"workarounds": [
{
"lang": "en",
"value": "On the affected versions, the vulnerabilities can be mitigated by disabling TerminAttr agent."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@arista.com",
"DATE_PUBLIC": "2022-05-25T16:10:00.000Z",
"ID": "CVE-2021-28508",
"STATE": "PUBLIC",
"TITLE": "TerminAttr streams IPsec sensitive data in clear text to other authorized users in CVP"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Arista EOS",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "4.23",
"version_value": "4.23.11"
},
{
"version_affected": "\u003c=",
"version_name": "4.24",
"version_value": "4.24.9"
},
{
"version_affected": "\u003c=",
"version_name": "4.25",
"version_value": "4.25.7"
},
{
"version_affected": "\u003c=",
"version_name": "4.26",
"version_value": "4.26.5"
},
{
"version_affected": "\u003c=",
"version_name": "4.27",
"version_value": "4.27.3"
}
]
}
},
{
"product_name": "Arista TerminAttr",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "v1.10",
"version_value": "v1.10.10"
},
{
"version_affected": "\u003c=",
"version_name": "v1.16",
"version_value": "v1.16.7"
},
{
"version_affected": "\u003c=",
"version_name": "v1.18",
"version_value": "v1.18.1"
}
]
}
}
]
},
"vendor_name": "Arista Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak IPsec sensitive data in clear text in CVP to other authorized users, which could cause IPsec traffic to be decrypted or modified by other authorized users on the device."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-255 Credentials Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.arista.com/en/support/advisories-notices/security-advisories/15484-security-advisory-0077",
"refsource": "MISC",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/15484-security-advisory-0077"
}
]
},
"solution": [
{
"lang": "en",
"value": "The recommended resolution is to upgrade to a remediated software version at your earliest convenience.\n\nThe vulnerability is fixed in the following versions:\n\nEOS versions:\n 4.24.10 and later release in the 4.24.x train\n 4.25.8 and later releases in the 4.25.x train\n 4.26.6 and later releases in the 4.26.x train\n 4.27.2 and later releases in the 4.27.x train\nTerminAttr versions:\n TerminAttr v1.10.11 and later releases in the v1.10.x train\n TerminAttr v1.16.8 and later releases in the v1.16.x train\n TerminAttr v1.19.0 and later releases"
}
],
"source": {
"advisory": "Security Advisory 0077",
"defect": [
"CVE-2021-28508"
],
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "On the affected versions, the vulnerabilities can be mitigated by disabling TerminAttr agent."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2021-28508",
"datePublished": "2022-05-26T19:48:13.716111Z",
"dateReserved": "2021-03-16T00:00:00",
"dateUpdated": "2024-09-16T19:47:13.903Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}