All the vulnerabilites related to arista - 7508r3
Vulnerability from fkie_nvd
Published
2023-08-29 17:15
Modified
2024-11-21 08:17
Severity ?
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
On affected platforms running Arista EOS with mirroring to multiple destinations configured, an internal system error may trigger a kernel panic and cause system reload.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@arista.com | https://www.arista.com/en/support/advisories-notices/security-advisory/18042-security-advisory-0088 | Exploit, Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.arista.com/en/support/advisories-notices/security-advisory/18042-security-advisory-0088 | Exploit, Mitigation, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24F7B09D-0669-4855-A981-E462090A10F0",
"versionEndIncluding": "4.28.5.1m",
"versionStartIncluding": "4.28.2f",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24621B26-04A1-4693-BCB4-437544C08B50",
"versionEndExcluding": "4.29.2f",
"versionStartIncluding": "4.29.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:7280cr3-32d4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FEC18B3-7980-4EBF-8E15-F8E92DADD062",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3-32p4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87E85F7C-F33B-49C1-A526-ACC1BEF3B65C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3-36s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3B9CB1B-730E-45C9-A0B1-3C2F4A72A159",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3-96:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E54F451-CA87-4F32-A088-AE18123CE07A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3a-24d12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43B967ED-2212-4558-A9AC-ACA94C94FD39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3a-48d6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD7877C6-9DE4-4952-94D2-3A456D02CF1A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3a-72:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FD635FB-5EA8-4B02-894C-4C016090AAB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280dr3-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85D9E9FF-564E-4B16-8070-33A366F48FE9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280dr3a-36:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC1F6DBC-212F-4E0B-B039-06955322B0D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280dr3a-54:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC474A71-8D2F-4138-9D65-E2F86B0B62DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280dr3ak-36:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1943057A-5776-4B20-97C7-03CE14AEA367",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280dr3ak-54:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE86A14-76ED-4427-94CC-7BF335BB9369",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280dr3am-36:-:*:*:*:*:*:*:*",
"matchCriteriaId": "986DCBF4-E4FB-41EE-BD1B-D62A4EC7237E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280dr3am-54:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4EA04EA0-170A-4B79-96B8-8F09D6FFC261",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280pr3-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F14163D2-B236-4C78-9DB4-97DE6D996EBC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60FC964C-9835-443A-A584-3A5D6022E914",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280sr3-40yc6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4B5A8D4-43BA-4591-BE00-00031D4BDBE3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280sr3-48yc8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8143579F-AD53-4D74-AE3E-4D465DCD7A57",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280tr3-40c6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "939772F0-4352-46C1-B6D5-38FA12EBF6E1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7289r3a-sc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0A375EB2-6D78-4D81-AB8D-4AC501DC0A4F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7289r3ak-sc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8CA46EA-F9AE-42FA-A0D9-EDB82060AB6D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7289r3am-sc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F9FD45E-2D76-43A0-AE2A-C6DC59C45984",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3-24d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE1BB565-2668-4242-8A00-5CC9C30B9AC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3-24p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15F1A605-8836-4A64-AC5E-ADAB34F8F104",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3-36cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE8A047A-9FD9-4AE1-9E47-457A46BAE3A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3k-36cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "019B0670-389B-4A4E-8C72-52202E3AA8EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3k-48y4d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FCDF5089-5914-4B4F-A2E6-0EB2B40698A5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7504r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8387CCEA-F00C-4F1F-B966-ACF8B16F1D22",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7508r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55AE2A1C-A4FD-423B-A77E-2E24C2310A6A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7512r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4B0D708-B426-4CA1-BE87-08BD14B7EACE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3-36d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E49B089-AE52-4B47-A3B4-547D10ACED9A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3-36p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D19E86BF-AA91-4262-8EF9-B7FC48C6F3F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3-48cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58443CDE-33D8-4460-A861-CDC07431AA22",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3a-36d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26FDC60C-860F-40BD-AF13-54712B56C87F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3a-36dm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70658CB0-D114-40E5-866D-B21875FFF93C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3a-36p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6BBA281-F67E-4D13-BDCD-E1164912EC8C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3a-36pm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3B0C0EE-3C5E-4E3E-9BAE-9D5D06A98CAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3ak-36dm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABAC894C-D39E-4BB2-A968-E2F23C299A29",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3ak-36pm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C6E3F9-0191-4BC5-A89C-58BF13C195B6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3k-36dm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0B813A1-8BD1-4AFA-95A3-5947A918E9AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3k-48cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64BE8C68-FE98-4162-A3D3-54494D5444F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3k-48cqms:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9615121C-4EC0-44F5-8C00-E70271CC04A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3k-72y7512r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "185E4E68-D5EF-4B7B-B1EF-7EF1B00F118C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7808r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F078B04-2DA0-4A4B-BB1A-408DC14CB61F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7812r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9B99200-EC76-404E-9900-5D1DC3B9A758",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7816r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A172A49-1A0E-464B-BDDD-A8F52856D595",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "On affected platforms running Arista EOS with mirroring to multiple destinations configured, an internal system error may trigger a kernel panic and cause system reload.\n"
}
],
"id": "CVE-2023-3646",
"lastModified": "2024-11-21T08:17:44.693",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "psirt@arista.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-29T17:15:12.727",
"references": [
{
"source": "psirt@arista.com",
"tags": [
"Exploit",
"Mitigation",
"Vendor Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/18042-security-advisory-0088"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mitigation",
"Vendor Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/18042-security-advisory-0088"
}
],
"sourceIdentifier": "psirt@arista.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "psirt@arista.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-01-26 21:15
Modified
2024-11-21 05:59
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling message with an invalid Type-Length-Value (TLV) causes the PTP agent to restart. Repeated restarts of the service will make the service unavailable.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@arista.com | https://www.arista.com/en/support/advisories-notices/security-advisory/15439-security-advisory-0076 | Exploit, Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.arista.com/en/support/advisories-notices/security-advisory/15439-security-advisory-0076 | Exploit, Mitigation, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1978B5F4-4405-4E7C-B0A9-45FF6FBBC1DA",
"versionEndExcluding": "4.23.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59C68E33-DDB0-473A-BCEA-0769924F3F8D",
"versionEndExcluding": "4.24.8",
"versionStartIncluding": "4.24.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F3649E5-79A3-4A34-8EB8-31B8F40753F2",
"versionEndExcluding": "4.25.6",
"versionStartIncluding": "4.25.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DFC4A4F-A4A6-4C0A-A144-9635F5DBC972",
"versionEndExcluding": "4.26.4",
"versionStartIncluding": "4.26.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "60DB1F59-64F8-4EC0-8C56-2AB5E2316CEA",
"versionEndExcluding": "4.27.1",
"versionStartIncluding": "4.27.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:7020r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3371EEF-9D7A-4EF6-A435-A0F1034E5EE7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050cx3-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1FF0290-C671-4ABC-8A12-05E4D55FC4AE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050cx3m-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "828C6E4F-814A-4060-8F5E-7FF359C8739C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050qx-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "253D74DE-97F5-40F3-B179-D2D4442C57FD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050qx2-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75E03F9E-522F-4D9B-9267-09E2550B5465",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx-128:-:*:*:*:*:*:*:*",
"matchCriteriaId": "895A7AFD-BE76-47F5-B67B-6279046E4274",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx-64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74E258EC-EA50-4185-AA35-5D963C359E74",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx-72q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1482D4FC-60B9-4C89-B892-71AA3E1031F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx2-128:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C99D84E9-2229-459E-AE90-49C2EF670884",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx2-72q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D922C725-1139-4DD4-92FC-9FF15E35CE62",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx3-48c8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE35C17F-0C60-4A40-9949-D4C5D94D1D7A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx3-48yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07BA078E-30B7-4E2C-B240-BF64E98143E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx3-48yc12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBFD0706-CACB-40FA-A41B-46B39C6E1D33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx3-48yc8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5951D243-CB68-4B41-A913-D879CE502795",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050sx3-96yc8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73156612-D338-4E20-8C82-0E65DAA72331",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050tx-48:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78E7CDCC-ADC6-4854-BFC4-72DA47C5F10B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050tx-64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B03678D-AD7B-4B1A-8E6A-1811DD8B1483",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050tx-72q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E803639C-13A1-48CA-A589-C83654AE454F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050tx2-128:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A495D282-D3DC-4D18-AB72-2358834C238E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7050tx3-48c8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "388C57D8-4B3C-4E5D-84AA-0CB7506F825A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7060cx-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D518C8D5-A86B-46E5-A646-8939BFA2E116",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7060cx2-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1608297-7079-4F3B-857E-708B74E944D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7060dx4-32:-:*:*:*:*:*:*:*",
"matchCriteriaId": "806A01C5-231D-4F9D-A292-E9DD706A0C66",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7060px4-32:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC10746F-8FC0-49EF-BB9C-EC49B734DFA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7060sx2-48yc6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26582E98-B710-46D7-B8F2-9286E0592FA6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7150s-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93D74C0B-E470-4D45-98E2-775DE43997DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7150s-52:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B2CAA23-003C-43E6-87CE-61E4369C2D30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7150s-64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7445075-D130-472C-B259-6BACE678541D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7150sc-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF3FA52A-3A67-4515-9790-598860102893",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7150sc-64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6336F166-FAD3-4846-84B9-45F5FAA3D437",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7170-32c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8EFEEA5-0FC4-4FFC-BF5D-BDBAA1B55C70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7170-32cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2959C68-8731-4F37-B9E7-61E5936D3D8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7170-64c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6FB3395-8D13-4477-A46E-37A88272CFAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720xp-24y6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AFDBCBB-2C1A-4B88-AE28-EF63D5B9EDD2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720xp-24zy4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58757129-BF9C-4BD8-B692-BB57023F8A48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720xp-48y6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2756BB4B-1053-4EAC-AC0B-785FD5039D5F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720xp-48zc2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D36540-7723-4284-A207-6BD27728CA25",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:720xp-96zc2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF95CB28-E010-4A1D-A746-F9DDF015868F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7250qx-64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0DD95B3B-D655-42DC-85C2-2C6FDBCC77F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7260cx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E40D14DE-BAFB-461F-9AA7-E3EDC2D8D468",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7260cx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "901E5B76-0EB7-4EAD-A281-15B9F78041AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7260cx3-64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49BAE58E-F4B5-4C8F-9EEB-5A0F38A96F0C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7260qx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE1DE992-9BFA-4794-82F4-66F464BB384E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6466FE3-DCE8-4DA5-B893-2BA864F73BC5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C02B50F5-B316-4081-BC9E-6F1778049096",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280r2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21CB1AAF-FC82-4A80-9932-42E8EFA3906A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60FC964C-9835-443A-A584-3A5D6022E914",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280sr3-48yc8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8143579F-AD53-4D74-AE3E-4D465DCD7A57",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280sr3k-48yc8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79AB0F1D-ACCA-490C-96F2-FC23A8611CB8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7300x-32q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDF8A65D-6FBC-4C38-8B45-418E6C5EB16C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7300x-64s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F088D51-24F4-49AD-8397-73D1EAF45F56",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7300x-64t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "69BA5C6D-40C0-4AA3-AC10-D7F097D8EDD9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7300x3-32c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0040BDDF-D711-4619-9E96-96EFBD33CAA0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7300x3-48yc4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4AA716D-CAD1-4689-8A26-977A2E5F869E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7304x3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78FE473B-CA6E-4E8D-8DBF-676B1ECBB185",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7308x3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F1EF943-154C-4B5B-B803-E186FEA8C5A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7320x-32c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5AD08CBF-6F42-4F98-B413-F65C5613BE6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7324x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8862F74-E399-41EE-A081-62D99A7C1755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7328x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F16261D-639F-4CAB-BDA6-EF3F277E663C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7368x4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "161DB0D9-9BAC-4546-88D3-5547F4B6149C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06C61DCC-D1CF-4CE5-9634-4BE3E071E83E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC651584-113E-4859-9F14-12D62F3BD626",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "583725F6-8583-425C-A847-700DBB9169E7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6A4B3C-FF12-4DCD-9945-8450AD0BDEED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3-24d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE1BB565-2668-4242-8A00-5CC9C30B9AC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3-24p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15F1A605-8836-4A64-AC5E-ADAB34F8F104",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3-36cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE8A047A-9FD9-4AE1-9E47-457A46BAE3A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3k-36cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "019B0670-389B-4A4E-8C72-52202E3AA8EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7504r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8387CCEA-F00C-4F1F-B966-ACF8B16F1D22",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7508r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55AE2A1C-A4FD-423B-A77E-2E24C2310A6A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7512r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4B0D708-B426-4CA1-BE87-08BD14B7EACE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3-36p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D19E86BF-AA91-4262-8EF9-B7FC48C6F3F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3-48cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58443CDE-33D8-4460-A861-CDC07431AA22",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3k-48cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64BE8C68-FE98-4162-A3D3-54494D5444F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7804r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A54F3D32-5A07-4791-90BF-96BD8A24C2F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7808r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F078B04-2DA0-4A4B-BB1A-408DC14CB61F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling message with an invalid Type-Length-Value (TLV) causes the PTP agent to restart. Repeated restarts of the service will make the service unavailable."
},
{
"lang": "es",
"value": "Para ciertos sistemas que ejecutan EOS, un paquete de protocolo de tiempo de precisi\u00f3n (PTP) de un mensaje de administraci\u00f3n/se\u00f1alizaci\u00f3n con un valor de tipo, longitud y valor (TLV) no v\u00e1lido hace que el agente PTP se reinicie. Los reinicios repetidos del servicio har\u00e1n que el servicio no est\u00e9 disponible."
}
],
"id": "CVE-2021-28510",
"lastModified": "2024-11-21T05:59:48.603",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "psirt@arista.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-01-26T21:15:22.147",
"references": [
{
"source": "psirt@arista.com",
"tags": [
"Exploit",
"Mitigation",
"Vendor Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/15439-security-advisory-0076"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mitigation",
"Vendor Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/15439-security-advisory-0076"
}
],
"sourceIdentifier": "psirt@arista.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "psirt@arista.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-1284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-13 20:15
Modified
2024-11-21 07:48
Severity ?
9.3 (Critical) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
On affected modular platforms running Arista EOS equipped with both redundant supervisor modules and having the redundancy protocol configured with RPR or SSO, an existing unprivileged user can login to the standby supervisor as a root user, leading to a privilege escalation. Valid user credentials are required in order to exploit this vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@arista.com | https://www.arista.com/en/support/advisories-notices/security-advisory/16985-security-advisory-0082 | Exploit, Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.arista.com/en/support/advisories-notices/security-advisory/16985-security-advisory-0082 | Exploit, Mitigation, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arista | eos | * | |
| arista | eos | * | |
| arista | eos | * | |
| arista | eos | * | |
| arista | eos | * | |
| arista | eos | * | |
| arista | 704x3 | - | |
| arista | 7304x | - | |
| arista | 7304x3 | - | |
| arista | 7308x | - | |
| arista | 7316x | - | |
| arista | 7324x | - | |
| arista | 7328x | - | |
| arista | 7504r | - | |
| arista | 7504r3 | - | |
| arista | 7508r | - | |
| arista | 7508r3 | - | |
| arista | 7512r | - | |
| arista | 7512r3 | - | |
| arista | 7516r | - | |
| arista | 755x | - | |
| arista | 758x | - | |
| arista | 7804r3 | - | |
| arista | 7808r3 | - | |
| arista | 7812r3 | - | |
| arista | 7816r3 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "498704F8-24D4-48C9-A5CB-4A8F7054AA49",
"versionEndIncluding": "4.23.13m",
"versionStartIncluding": "4.23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8923F137-B1BA-49FF-A100-AD357966EE4F",
"versionEndExcluding": "4.24.11m",
"versionStartIncluding": "4.24.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4D6EA8CE-BAA4-4B4D-8A9F-A65018FC6B3A",
"versionEndExcluding": "4.25.10m",
"versionStartIncluding": "4.25.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "659190E5-DFB0-4172-BD6F-1B9E22533CE5",
"versionEndExcluding": "4.26.9m",
"versionStartIncluding": "4.26.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20966F67-1C70-458C-A4EF-02612345DE48",
"versionEndExcluding": "4.27.7m",
"versionStartIncluding": "4.27.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F57FAA3-518C-498C-9580-19A207C8F176",
"versionEndExcluding": "4.28.4m",
"versionStartIncluding": "4.28.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:704x3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7C0C33F-72A7-41CA-A666-1CEC9F0FE02F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7304x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65C6E0C9-7F81-4CE3-BD46-7939667E5969",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7304x3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78FE473B-CA6E-4E8D-8DBF-676B1ECBB185",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7308x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7A8ABF1-ADF4-474D-B01B-8BB271E1263E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7316x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73ECE6D6-12E5-4396-9C19-3B2E08E13147",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7324x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8862F74-E399-41EE-A081-62D99A7C1755",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7328x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F16261D-639F-4CAB-BDA6-EF3F277E663C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7504r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1F369D-93BF-4259-99F5-97FBEF79BBA5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7504r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8387CCEA-F00C-4F1F-B966-ACF8B16F1D22",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7508r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F35978B6-889C-47DB-971B-B2A12FF537E0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7508r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55AE2A1C-A4FD-423B-A77E-2E24C2310A6A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7512r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2360E039-5F12-4210-8578-7EBDA4575A6E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7512r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4B0D708-B426-4CA1-BE87-08BD14B7EACE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7516r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D45E5E5-7EB9-41E7-8EEE-570E6646EDDD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:755x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "585E3617-2B1F-4E58-853A-0E9703B91B80",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:758x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "13B1D90C-73CC-49A2-B202-B07D96226729",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7804r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A54F3D32-5A07-4791-90BF-96BD8A24C2F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7808r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F078B04-2DA0-4A4B-BB1A-408DC14CB61F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7812r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9B99200-EC76-404E-9900-5D1DC3B9A758",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7816r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A172A49-1A0E-464B-BDDD-A8F52856D595",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "On affected modular platforms running Arista EOS equipped with both redundant supervisor modules and having the redundancy protocol configured with RPR or SSO, an existing unprivileged user can login to the standby supervisor as a root user, leading to a privilege escalation. Valid user credentials are required in order to exploit this vulnerability."
}
],
"id": "CVE-2023-24509",
"lastModified": "2024-11-21T07:48:00.993",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.5,
"impactScore": 6.0,
"source": "psirt@arista.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-13T20:15:08.843",
"references": [
{
"source": "psirt@arista.com",
"tags": [
"Exploit",
"Mitigation",
"Vendor Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/16985-security-advisory-0082"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mitigation",
"Vendor Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/16985-security-advisory-0082"
}
],
"sourceIdentifier": "psirt@arista.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "psirt@arista.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-08-29 17:15
Modified
2024-11-21 07:48
Severity ?
5.3 (Medium) - CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
On affected platforms running Arista EOS with VXLAN configured, malformed or truncated packets received over a VXLAN tunnel and forwarded in hardware can cause egress ports to be unable to forward packets. The device will continue to be susceptible to the issue until remediation is in place.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arista | eos | * | |
| arista | eos | * | |
| arista | eos | * | |
| arista | eos | 4.25.0f | |
| arista | 7280cr3-32d4 | - | |
| arista | 7280cr3-32p4 | - | |
| arista | 7280cr3-36s | - | |
| arista | 7280cr3-96 | - | |
| arista | 7280cr3a-24d12 | - | |
| arista | 7280cr3a-48d6 | - | |
| arista | 7280cr3a-72 | - | |
| arista | 7280dr3-24 | - | |
| arista | 7280dr3a-36 | - | |
| arista | 7280dr3a-54 | - | |
| arista | 7280dr3ak-36 | - | |
| arista | 7280dr3ak-54 | - | |
| arista | 7280dr3am-36 | - | |
| arista | 7280dr3am-54 | - | |
| arista | 7280pr3-24 | - | |
| arista | 7280r3 | - | |
| arista | 7280sr3-40yc6 | - | |
| arista | 7280sr3-48yc8 | - | |
| arista | 7280tr3-40c6 | - | |
| arista | 7500r3-24d | - | |
| arista | 7500r3-24p | - | |
| arista | 7500r3-36cq | - | |
| arista | 7500r3k-36cq | - | |
| arista | 7500r3k-48y4d | - | |
| arista | 7504r3 | - | |
| arista | 7508r3 | - | |
| arista | 7512r3 | - | |
| arista | 7800r3-36d | - | |
| arista | 7800r3-36p | - | |
| arista | 7800r3-48cq | - | |
| arista | 7800r3a-36d | - | |
| arista | 7800r3a-36dm | - | |
| arista | 7800r3a-36p | - | |
| arista | 7800r3a-36pm | - | |
| arista | 7800r3ak-36dm | - | |
| arista | 7800r3ak-36pm | - | |
| arista | 7800r3k-36dm | - | |
| arista | 7800r3k-48cq | - | |
| arista | 7800r3k-48cqms | - | |
| arista | 7800r3k-72y7512r3 | - | |
| arista | 7808r3 | - | |
| arista | 7812r3 | - | |
| arista | 7816r3 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A9F1F226-FDB1-4452-B166-D08635DAEC5B",
"versionEndIncluding": "4.22.13m",
"versionStartIncluding": "4.22.1f",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13BE6AE1-4649-4E0B-A4CA-2632CD400940",
"versionEndIncluding": "4.23.14m",
"versionStartIncluding": "4.23.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2909559A-6FB4-400C-A1AE-BF2B883F4964",
"versionEndIncluding": "4.24.11m",
"versionStartIncluding": "4.24.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:4.25.0f:*:*:*:*:*:*:*",
"matchCriteriaId": "37536357-7701-48BE-9751-9BADD8E4AAAF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:7280cr3-32d4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FEC18B3-7980-4EBF-8E15-F8E92DADD062",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3-32p4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87E85F7C-F33B-49C1-A526-ACC1BEF3B65C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3-36s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3B9CB1B-730E-45C9-A0B1-3C2F4A72A159",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3-96:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E54F451-CA87-4F32-A088-AE18123CE07A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3a-24d12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43B967ED-2212-4558-A9AC-ACA94C94FD39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3a-48d6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD7877C6-9DE4-4952-94D2-3A456D02CF1A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3a-72:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FD635FB-5EA8-4B02-894C-4C016090AAB3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280dr3-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85D9E9FF-564E-4B16-8070-33A366F48FE9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280dr3a-36:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC1F6DBC-212F-4E0B-B039-06955322B0D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280dr3a-54:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC474A71-8D2F-4138-9D65-E2F86B0B62DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280dr3ak-36:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1943057A-5776-4B20-97C7-03CE14AEA367",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280dr3ak-54:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE86A14-76ED-4427-94CC-7BF335BB9369",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280dr3am-36:-:*:*:*:*:*:*:*",
"matchCriteriaId": "986DCBF4-E4FB-41EE-BD1B-D62A4EC7237E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280dr3am-54:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4EA04EA0-170A-4B79-96B8-8F09D6FFC261",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280pr3-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F14163D2-B236-4C78-9DB4-97DE6D996EBC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60FC964C-9835-443A-A584-3A5D6022E914",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280sr3-40yc6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4B5A8D4-43BA-4591-BE00-00031D4BDBE3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280sr3-48yc8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8143579F-AD53-4D74-AE3E-4D465DCD7A57",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280tr3-40c6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "939772F0-4352-46C1-B6D5-38FA12EBF6E1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3-24d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE1BB565-2668-4242-8A00-5CC9C30B9AC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3-24p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15F1A605-8836-4A64-AC5E-ADAB34F8F104",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3-36cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE8A047A-9FD9-4AE1-9E47-457A46BAE3A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3k-36cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "019B0670-389B-4A4E-8C72-52202E3AA8EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3k-48y4d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FCDF5089-5914-4B4F-A2E6-0EB2B40698A5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7504r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8387CCEA-F00C-4F1F-B966-ACF8B16F1D22",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7508r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55AE2A1C-A4FD-423B-A77E-2E24C2310A6A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7512r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4B0D708-B426-4CA1-BE87-08BD14B7EACE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3-36d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E49B089-AE52-4B47-A3B4-547D10ACED9A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3-36p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D19E86BF-AA91-4262-8EF9-B7FC48C6F3F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3-48cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58443CDE-33D8-4460-A861-CDC07431AA22",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3a-36d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26FDC60C-860F-40BD-AF13-54712B56C87F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3a-36dm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70658CB0-D114-40E5-866D-B21875FFF93C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3a-36p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6BBA281-F67E-4D13-BDCD-E1164912EC8C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3a-36pm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3B0C0EE-3C5E-4E3E-9BAE-9D5D06A98CAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3ak-36dm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABAC894C-D39E-4BB2-A968-E2F23C299A29",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3ak-36pm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C6E3F9-0191-4BC5-A89C-58BF13C195B6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3k-36dm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0B813A1-8BD1-4AFA-95A3-5947A918E9AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3k-48cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64BE8C68-FE98-4162-A3D3-54494D5444F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3k-48cqms:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9615121C-4EC0-44F5-8C00-E70271CC04A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3k-72y7512r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "185E4E68-D5EF-4B7B-B1EF-7EF1B00F118C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7808r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F078B04-2DA0-4A4B-BB1A-408DC14CB61F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7812r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9B99200-EC76-404E-9900-5D1DC3B9A758",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7816r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A172A49-1A0E-464B-BDDD-A8F52856D595",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "On affected platforms running Arista EOS with VXLAN configured, malformed or truncated packets received over a VXLAN tunnel and forwarded in hardware can cause egress ports to be unable to forward packets. The device will continue to be susceptible to the issue until remediation is in place.\n"
}
],
"id": "CVE-2023-24548",
"lastModified": "2024-11-21T07:48:06.157",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"source": "psirt@arista.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-29T17:15:11.790",
"references": [
{
"source": "psirt@arista.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/18043-security-advisory-0089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/18043-security-advisory-0089"
}
],
"sourceIdentifier": "psirt@arista.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "psirt@arista.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-12-28 19:15
Modified
2024-11-21 05:14
Severity ?
Summary
An issue with ARP packets in Arista’s EOS affecting the 7800R3, 7500R3, and 7280R3 series of products may result in issues that cause a kernel crash, followed by a device reload. The affected Arista EOS versions are: 4.24.2.4F and below releases in the 4.24.x train; 4.23.4M and below releases in the 4.23.x train; 4.22.6M and below releases in the 4.22.x train.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arista | eos | * | |
| arista | eos | * | |
| arista | eos | * | |
| arista | 7280cr2ak-30 | - | |
| arista | 7280cr2k-60 | - | |
| arista | 7280cr3-32d4 | - | |
| arista | 7280cr3-32p4 | - | |
| arista | 7280cr3-96 | - | |
| arista | 7280cr3k-32d4 | - | |
| arista | 7280cr3k-32p4 | - | |
| arista | 7280cr3k-96 | - | |
| arista | 7280dr3-24 | - | |
| arista | 7280dr3k-24 | - | |
| arista | 7280pr3-24 | - | |
| arista | 7280pr3k-24 | - | |
| arista | 7280sr3-48yc8 | - | |
| arista | 7280sr3k-48yc8 | - | |
| arista | 7500r3-24d | - | |
| arista | 7500r3-24p | - | |
| arista | 7500r3-36cq | - | |
| arista | 7500r3k-36cq | - | |
| arista | 7504r3 | - | |
| arista | 7508r3 | - | |
| arista | 7512r3 | - | |
| arista | 7800r3-36p | - | |
| arista | 7800r3-48cq | - | |
| arista | 7800r3k-48cq | - | |
| arista | 7804r3 | - | |
| arista | 7808r3 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "188A9EBD-1DD4-4111-A66D-67C0A0035662",
"versionEndIncluding": "4.22.6m",
"versionStartIncluding": "4.22.0f",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F80FCF7B-38CD-43B5-82EE-139A0D249D70",
"versionEndIncluding": "4.23.4m",
"versionStartIncluding": "4.23.0f",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9AA43823-81E3-461A-8DC0-0D74D075A0FD",
"versionEndIncluding": "4.24.2.4f",
"versionStartIncluding": "4.24.0f",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arista:7280cr2ak-30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99506386-8D68-46F4-AEA9-4C16C16545B9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr2k-60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F569286-C19F-48CB-AB24-89C4A1EB6F81",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3-32d4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FEC18B3-7980-4EBF-8E15-F8E92DADD062",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3-32p4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87E85F7C-F33B-49C1-A526-ACC1BEF3B65C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3-96:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E54F451-CA87-4F32-A088-AE18123CE07A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3k-32d4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16CB1780-6DEC-4140-A771-9139C77A8A88",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3k-32p4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11DE9CB6-4453-4EED-B7FC-6374F9225B83",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280cr3k-96:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A98C94CB-7DFC-4CAC-9D98-B3E80BF1EE56",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280dr3-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85D9E9FF-564E-4B16-8070-33A366F48FE9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280dr3k-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56AF4A54-7568-4FE0-BE5F-02BD9FADDCE5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280pr3-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F14163D2-B236-4C78-9DB4-97DE6D996EBC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280pr3k-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4057906A-B27B-4B53-97F6-3F5F35794990",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280sr3-48yc8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8143579F-AD53-4D74-AE3E-4D465DCD7A57",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7280sr3k-48yc8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79AB0F1D-ACCA-490C-96F2-FC23A8611CB8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3-24d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE1BB565-2668-4242-8A00-5CC9C30B9AC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3-24p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15F1A605-8836-4A64-AC5E-ADAB34F8F104",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3-36cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE8A047A-9FD9-4AE1-9E47-457A46BAE3A4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7500r3k-36cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "019B0670-389B-4A4E-8C72-52202E3AA8EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7504r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8387CCEA-F00C-4F1F-B966-ACF8B16F1D22",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7508r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55AE2A1C-A4FD-423B-A77E-2E24C2310A6A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7512r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4B0D708-B426-4CA1-BE87-08BD14B7EACE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3-36p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D19E86BF-AA91-4262-8EF9-B7FC48C6F3F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3-48cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58443CDE-33D8-4460-A861-CDC07431AA22",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7800r3k-48cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64BE8C68-FE98-4162-A3D3-54494D5444F5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7804r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A54F3D32-5A07-4791-90BF-96BD8A24C2F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arista:7808r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F078B04-2DA0-4A4B-BB1A-408DC14CB61F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue with ARP packets in Arista\u2019s EOS affecting the 7800R3, 7500R3, and 7280R3 series of products may result in issues that cause a kernel crash, followed by a device reload. The affected Arista EOS versions are: 4.24.2.4F and below releases in the 4.24.x train; 4.23.4M and below releases in the 4.23.x train; 4.22.6M and below releases in the 4.22.x train."
},
{
"lang": "es",
"value": "Un problema con los paquetes ARP en el EOS de Arista afectando a la serie de productos 7800R3, 7500R3 y 7280R3, puede resultar en un problema que causa un bloqueo del kernel, seguido de una recarga del dispositivo.\u0026#xa0;Las versiones de Arista EOS afectadas son: 4.24.2.4F y versiones por debajo en el tren 4.24.x;\u0026#xa0;4.23.4M y versiones por debajo en el tren 4.23.x;\u0026#xa0;4.22.6M y versiones por debajo en el tren 4.22.x"
}
],
"id": "CVE-2020-24360",
"lastModified": "2024-11-21T05:14:39.737",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-12-28T19:15:12.847",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/11999-security-advisory-59"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/11999-security-advisory-59"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-404"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2020-24360
Vulnerability from cvelistv5
Published
2020-12-28 18:08
Modified
2024-08-04 15:12
Severity ?
EPSS score ?
Summary
An issue with ARP packets in Arista’s EOS affecting the 7800R3, 7500R3, and 7280R3 series of products may result in issues that cause a kernel crash, followed by a device reload. The affected Arista EOS versions are: 4.24.2.4F and below releases in the 4.24.x train; 4.23.4M and below releases in the 4.23.x train; 4.22.6M and below releases in the 4.22.x train.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.arista.com/en/support/advisories-notices/security-advisories/11999-security-advisory-59 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:12:08.717Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/11999-security-advisory-59"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue with ARP packets in Arista\u2019s EOS affecting the 7800R3, 7500R3, and 7280R3 series of products may result in issues that cause a kernel crash, followed by a device reload. The affected Arista EOS versions are: 4.24.2.4F and below releases in the 4.24.x train; 4.23.4M and below releases in the 4.23.x train; 4.22.6M and below releases in the 4.22.x train."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-28T18:08:57",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/11999-security-advisory-59"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-24360",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue with ARP packets in Arista\u2019s EOS affecting the 7800R3, 7500R3, and 7280R3 series of products may result in issues that cause a kernel crash, followed by a device reload. The affected Arista EOS versions are: 4.24.2.4F and below releases in the 4.24.x train; 4.23.4M and below releases in the 4.23.x train; 4.22.6M and below releases in the 4.22.x train."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.arista.com/en/support/advisories-notices/security-advisories/11999-security-advisory-59",
"refsource": "CONFIRM",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/11999-security-advisory-59"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-24360",
"datePublished": "2020-12-28T18:08:57",
"dateReserved": "2020-08-15T00:00:00",
"dateUpdated": "2024-08-04T15:12:08.717Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-24548
Vulnerability from cvelistv5
Published
2023-08-29 16:13
Modified
2024-09-30 17:46
Severity ?
EPSS score ?
Summary
On affected platforms running Arista EOS with VXLAN configured, malformed or truncated packets received over a VXLAN tunnel and forwarded in hardware can cause egress ports to be unable to forward packets. The device will continue to be susceptible to the issue until remediation is in place.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Arista Networks | EOS |
Version: 4.25.0F < Version: 4.24.0 < Version: 4.23.0 < Version: 4.22.1F < |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:03:18.834Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/18043-security-advisory-0089"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24548",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-30T17:34:44.954023Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T17:46:19.199Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "EOS",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "=4.25.0F",
"status": "affected",
"version": "4.25.0F",
"versionType": "custom"
},
{
"lessThanOrEqual": "\u003c=4.24.11M",
"status": "affected",
"version": "4.24.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "\u003c=4.23.14M",
"status": "affected",
"version": "4.23.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "\u003c=4.22.13M",
"status": "affected",
"version": "4.22.1F",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cb\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eIn order to be vulnerable to CVE-2023-24548, the following three conditions must be met:\u003c/span\u003e\u003c/p\u003e\u003cbr\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eIP routing should be enabled:\u003c/span\u003e\u003c/p\u003e\u003cbr\u003e\u003cdiv\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eSwitch\u0026gt; show running-config section ip routing\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eip routing\u003c/span\u003e\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e\u003cbr\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eAND\u003c/span\u003e\u003c/p\u003e\u003cbr\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eVXLAN should be configured - a sample configuration is found below:\u003c/span\u003e\u003c/p\u003e\u003cbr\u003e\u003cdiv\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003e# Loopback interface configuration\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eswitch\u0026gt; show running-config section loopback\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003einterface Loopback0\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003e\u0026nbsp; \u0026nbsp;ip address 10.0.0.1/32\u003c/span\u003e\u003c/p\u003e\u003cbr\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003e# VXLAN VTEP configuration\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eswitch\u0026gt; show running-config section vxlan\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003einterface Vxlan1\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003e\u0026nbsp; \u0026nbsp;vxlan source-interface Loopback0\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003e\u0026nbsp; \u0026nbsp;vxlan udp-port 4789\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003e\u0026nbsp; \u0026nbsp;vxlan flood vtep 10.0.0.2\u003c/span\u003e\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e\u003cbr\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eAND\u003c/span\u003e\u003c/p\u003e\u003cbr\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eVXLAN extended VLAN or VNI must be routable - two examples are shown below:\u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003e\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003cbr\u003e\u003cdiv\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003e# Overlay interface\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eswitch\u0026gt; show running-config section vlan\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003evlan 100\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003einterface Ethernet1/1\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003e\u0026nbsp; \u0026nbsp;switchport access vlan 100\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003einterface Vlan100\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003e\u0026nbsp; \u0026nbsp;ip address 1.0.0.1/24\u003c/span\u003e\u003c/p\u003e\u003cbr\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eInterface Vxlan1\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003e\u0026nbsp; vxlan vlan 100 vni 100000\u003c/span\u003e\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e\u003cbr\u003e\u003cdiv\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eswitch\u0026gt; show running-config section red\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003evrf instance red\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eip routing vrf red\u003c/span\u003e\u003c/p\u003e\u003cbr\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003einterface Vxlan1\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003e\u0026nbsp; \u0026nbsp;vxlan vrf red vni 200000\u003c/span\u003e\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e\u003cbr\u003e\u003cbr\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eWhether such a configuration exists can be checked as follows:\u003c/span\u003e\u003c/p\u003e\u003cbr\u003e\u003cdiv\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eswitch\u0026gt; show vxlan vni\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eVNI to VLAN Mapping for Vxlan1\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eVNI \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; VLAN \u0026nbsp; \u0026nbsp; \u0026nbsp; Source \u0026nbsp; \u0026nbsp; \u0026nbsp; Interface \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; 802.1Q Tag\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003e------------ ---------- ------------ ----------------- ----------\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: rgb(255, 255, 0);\"\u003e100000\u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003e \u0026nbsp; \u0026nbsp; \u0026nbsp; \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 0);\"\u003e100\u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003e\u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; static \u0026nbsp; \u0026nbsp; \u0026nbsp; Ethernet1/1 \u0026nbsp; \u0026nbsp; \u0026nbsp; untagged\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003e\u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;Vxlan1 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; 100\u003c/span\u003e\u003c/p\u003e\u003cbr\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eVNI to dynamic VLAN Mapping for Vxlan1\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eVNI \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; VLAN \u0026nbsp; \u0026nbsp; \u0026nbsp; VRF \u0026nbsp; \u0026nbsp; \u0026nbsp; Source\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003e------------ ---------- --------- ------------\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: rgb(255, 255, 0);\"\u003e200000\u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003e \u0026nbsp; \u0026nbsp; \u0026nbsp; \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 0);\"\u003e1006\u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003e \u0026nbsp; \u0026nbsp; \u0026nbsp; red \u0026nbsp; \u0026nbsp; \u0026nbsp; evpn\u003c/span\u003e\u003c/p\u003e\u003cbr\u003e\u003cbr\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eswitch\u0026gt; show vlan\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eVLAN Name \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; Status \u0026nbsp; Ports\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003e----- -------------------------------- --------- -------------------------------\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: rgb(255, 255, 0);\"\u003e100\u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003e \u0026nbsp; VLAN0100 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; active \u0026nbsp; Cpu, \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 0);\"\u003eVx1\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: rgb(255, 255, 0);\"\u003e1006\u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003e* VLAN1006 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; active \u0026nbsp; Cpu, \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 0);\"\u003eVx1\u003c/span\u003e\u003c/p\u003e\u003cbr\u003e\u003cbr\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eswitch\u0026gt; show ip interface brief\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003e\u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;Address\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eInterface \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; IP Address \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; Status \u0026nbsp; \u0026nbsp; \u0026nbsp; Protocol \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; MTU \u0026nbsp; Owner\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003e----------------- --------------------- ------------ -------------- ----------- -------\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: rgb(255, 255, 0);\"\u003eVlan100\u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003e \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; 1.0.0.1/24 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 0);\"\u003eup\u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003e \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; up \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; 1500\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: rgb(255, 255, 0);\"\u003eVlan1006\u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003e\u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; unassigned \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 0);\"\u003eup\u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003e \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; up \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; 10168\u003c/span\u003e\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e\u003cbr\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eFrom the above outputs, it can be seen that IP routing is enabled, VXLAN is configured, and VNIs 100000 (mapped to VLAN 100) and 200000 (mapped to VRF red) are routable.\u003c/span\u003e\u003c/p\u003e\u003c/b\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "In order to be vulnerable to CVE-2023-24548, the following three conditions must be met:\n\n\nIP routing should be enabled:\n\n\nSwitch\u003e show running-config section ip routing\n\nip routing\n\n\n\n\nAND\n\n\nVXLAN should be configured - a sample configuration is found below:\n\n\n# Loopback interface configuration\n\nswitch\u003e show running-config section loopback\n\ninterface Loopback0\n\n\u00a0 \u00a0ip address 10.0.0.1/32\n\n\n# VXLAN VTEP configuration\n\nswitch\u003e show running-config section vxlan\n\ninterface Vxlan1\n\n\u00a0 \u00a0vxlan source-interface Loopback0\n\n\u00a0 \u00a0vxlan udp-port 4789\n\n\u00a0 \u00a0vxlan flood vtep 10.0.0.2\n\n\n\n\nAND\n\n\nVXLAN extended VLAN or VNI must be routable - two examples are shown below:\u00a0\n\n\n# Overlay interface\n\nswitch\u003e show running-config section vlan\n\nvlan 100\n\ninterface Ethernet1/1\n\n\u00a0 \u00a0switchport access vlan 100\n\ninterface Vlan100\n\n\u00a0 \u00a0ip address 1.0.0.1/24\n\n\nInterface Vxlan1\n\n\u00a0 vxlan vlan 100 vni 100000\n\n\n\n\nswitch\u003e show running-config section red\n\nvrf instance red\n\nip routing vrf red\n\n\ninterface Vxlan1\n\n\u00a0 \u00a0vxlan vrf red vni 200000\n\n\n\n\n\nWhether such a configuration exists can be checked as follows:\n\n\nswitch\u003e show vxlan vni\n\nVNI to VLAN Mapping for Vxlan1\n\nVNI \u00a0 \u00a0 \u00a0 \u00a0 VLAN \u00a0 \u00a0 \u00a0 Source \u00a0 \u00a0 \u00a0 Interface \u00a0 \u00a0 \u00a0 \u00a0 802.1Q Tag\n\n------------ ---------- ------------ ----------------- ----------\n\n100000 \u00a0 \u00a0 \u00a0 100\u00a0 \u00a0 \u00a0 \u00a0 static \u00a0 \u00a0 \u00a0 Ethernet1/1 \u00a0 \u00a0 \u00a0 untagged\n\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0Vxlan1 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 100\n\n\nVNI to dynamic VLAN Mapping for Vxlan1\n\nVNI \u00a0 \u00a0 \u00a0 \u00a0 VLAN \u00a0 \u00a0 \u00a0 VRF \u00a0 \u00a0 \u00a0 Source\n\n------------ ---------- --------- ------------\n\n200000 \u00a0 \u00a0 \u00a0 1006 \u00a0 \u00a0 \u00a0 red \u00a0 \u00a0 \u00a0 evpn\n\n\n\nswitch\u003e show vlan\n\nVLAN Name \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 Status \u00a0 Ports\n\n----- -------------------------------- --------- -------------------------------\n\n100 \u00a0 VLAN0100 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 active \u00a0 Cpu, Vx1\n\n1006* VLAN1006 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 active \u00a0 Cpu, Vx1\n\n\n\nswitch\u003e show ip interface brief\n\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0Address\n\nInterface \u00a0 \u00a0 \u00a0 \u00a0 IP Address \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 Status \u00a0 \u00a0 \u00a0 Protocol \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 MTU \u00a0 Owner\n\n----------------- --------------------- ------------ -------------- ----------- -------\n\nVlan100 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 1.0.0.1/24 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 up \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 up \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 1500\n\nVlan1006\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 unassigned \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 up \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 up \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 10168\n\n\n\n\nFrom the above outputs, it can be seen that IP routing is enabled, VXLAN is configured, and VNIs 100000 (mapped to VLAN 100) and 200000 (mapped to VRF red) are routable.\n\n\n\n"
}
],
"datePublic": "2023-08-23T15:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cb\u003e\u003cspan style=\"background-color: transparent;\"\u003eOn\u003c/span\u003e \u003cspan style=\"background-color: transparent;\"\u003eaffected platforms running Arista EOS with VXLAN configured, malformed or truncated packets received over a VXLAN tunnel and forwarded in hardware can cause egress ports to be unable to forward packets. The device will continue to be susceptible to the issue until remediation is in place.\u003c/span\u003e\u003c/b\u003e\u003cbr\u003e"
}
],
"value": "On affected platforms running Arista EOS with VXLAN configured, malformed or truncated packets received over a VXLAN tunnel and forwarded in hardware can cause egress ports to be unable to forward packets. The device will continue to be susceptible to the issue until remediation is in place.\n"
}
],
"impacts": [
{
"capecId": "CAPEC-583",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-583 Disabling Network Hardware"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-29T16:13:10.451Z",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/18043-security-advisory-0089"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cb\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eThe recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. For more information about upgrading see \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.arista.com/en/um-eos/eos-upgrades-and-downgrades\"\u003e\u003cspan style=\"background-color: transparent;\"\u003eEOS User Manual: Upgrades and Downgrades\u003c/span\u003e\u003c/a\u003e\u003c/p\u003e\u003cbr\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eCVE-2023-24548 has been fixed in the following releases:\u003c/span\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003e4.30.0F and later releases in the 4.30.x train\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003e4.29.0F and later releases in the 4.29.x train\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003e4.28.0F and later releases in the 4.28.x train\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003e4.27.0F and later releases in the 4.27.x train\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003e4.26.0F and later releases in the 4.26.x train\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003cli\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003e4.25.1F and later releases in the 4.25.x train\u003c/span\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003cspan style=\"background-color: transparent;\"\u003eNo remediation is planned for EOS software versions that are beyond their \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.arista.com/en/support/product-documentation/eos-life-cycle-policy\"\u003e\u003cspan style=\"background-color: transparent;\"\u003estandard EOS support lifecycle\u003c/span\u003e\u003c/a\u003e\u003cspan style=\"background-color: transparent;\"\u003e (i.e. 4.22, 4.23).\u003c/span\u003e\u003c/b\u003e\u003cbr\u003e"
}
],
"value": "The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. For more information about upgrading see EOS User Manual: Upgrades and Downgrades https://www.arista.com/en/um-eos/eos-upgrades-and-downgrades \n\n\nCVE-2023-24548 has been fixed in the following releases:\n\n * 4.30.0F and later releases in the 4.30.x train\n\n\n * 4.29.0F and later releases in the 4.29.x train\n\n\n * 4.28.0F and later releases in the 4.28.x train\n\n\n * 4.27.0F and later releases in the 4.27.x train\n\n\n * 4.26.0F and later releases in the 4.26.x train\n\n\n * 4.25.1F and later releases in the 4.25.x train\n\n\n\n\nNo remediation is planned for EOS software versions that are beyond their standard EOS support lifecycle https://www.arista.com/en/support/product-documentation/eos-life-cycle-policy (i.e. 4.22, 4.23).\n"
}
],
"source": {
"advisory": "Security Advisory 89",
"defect": [
"828687"
],
"discovery": "INTERNAL"
},
"title": "On affected platforms running Arista EOS with VXLAN configured, malformed or truncated packets received over a VXLAN tunnel and forwarded in hardware can cause egress ports to be unable to forward packets",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cb\u003e\u003cspan style=\"background-color: transparent;\"\u003eThere is no known mitigation for the issue. The recommended resolution is to upgrade to a remediated software version at your earliest convenience.\u003c/span\u003e\u003c/b\u003e\u003cbr\u003e"
}
],
"value": "There is no known mitigation for the issue. The recommended resolution is to upgrade to a remediated software version at your earliest convenience.\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2023-24548",
"datePublished": "2023-08-29T16:13:10.451Z",
"dateReserved": "2023-01-26T11:37:43.827Z",
"dateUpdated": "2024-09-30T17:46:19.199Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-3646
Vulnerability from cvelistv5
Published
2023-08-29 16:31
Modified
2024-09-30 17:44
Severity ?
EPSS score ?
Summary
On affected platforms running Arista EOS with mirroring to multiple destinations configured, an internal system error may trigger a kernel panic and cause system reload.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Arista Networks | EOS |
Version: 4.28.2F < Version: 4.29.0 < |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:01:57.478Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/18042-security-advisory-0088"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-3646",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-30T17:34:25.757684Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T17:44:07.777Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "EOS",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "4.28.5.1M ",
"status": "affected",
"version": "4.28.2F",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.29.1F",
"status": "affected",
"version": "4.29.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cb\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eMirroring to multiple destinations must be configured:\u003c/span\u003e\u003c/p\u003e\u003cdiv\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eswitch(config)#show monitor session\u003c/span\u003e\u003c/p\u003e\u003cbr\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eSession s1\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003e------------------------\u003c/span\u003e\u003c/p\u003e\u003cbr\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eSources:\u003c/span\u003e\u003c/p\u003e\u003cbr\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eBoth Interfaces: \u0026nbsp; \u0026nbsp; \u0026nbsp; Et1/1\u003c/span\u003e\u003c/p\u003e\u003cbr\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eDestination Ports:\u003c/span\u003e\u003c/p\u003e\u003cbr\u003e\u003cp\u003e\u003cspan style=\"background-color: rgb(255, 255, 0);\"\u003e\u0026nbsp; \u0026nbsp; Et9/1 : active\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: rgb(255, 255, 0);\"\u003e\u0026nbsp; \u0026nbsp; Et10/1 : active\u003c/span\u003e\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eIn the above example two destinations, Et9/1 and Et10/1, are configured.\u003c/span\u003e\u003c/p\u003e\u003cbr\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eMirroring config must be added with mirror destination being ethernet port, example:\u003c/span\u003e\u003c/p\u003e\u003cdiv\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eswitch # show running-config | section monitor\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: rgb(255, 255, 0);\"\u003emonitor session APCON destination Ethernet54/1\u003c/span\u003e\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eIn the above example the argument after destination is an Ethernet port.\u003c/span\u003e\u003c/p\u003e\u003c/b\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "Mirroring to multiple destinations must be configured:\n\nswitch(config)#show monitor session\n\n\nSession s1\n\n------------------------\n\n\nSources:\n\n\nBoth Interfaces: \u00a0 \u00a0 \u00a0 Et1/1\n\n\nDestination Ports:\n\n\n\u00a0 \u00a0 Et9/1 : active\n\n\u00a0 \u00a0 Et10/1 : active\n\n\n\nIn the above example two destinations, Et9/1 and Et10/1, are configured.\n\n\nMirroring config must be added with mirror destination being ethernet port, example:\n\nswitch # show running-config | section monitor\n\nmonitor session APCON destination Ethernet54/1\n\n\n\nIn the above example the argument after destination is an Ethernet port.\n\n\n\n"
}
],
"datePublic": "2023-08-23T15:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eOn affected platforms running Arista EOS with mirroring to multiple destinations configured, an internal system error may trigger a kernel panic and cause system reload.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "On affected platforms running Arista EOS with mirroring to multiple destinations configured, an internal system error may trigger a kernel panic and cause system reload.\n"
}
],
"impacts": [
{
"capecId": "CAPEC-603",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-603 Blockage"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-29T16:31:57.668Z",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/18042-security-advisory-0088"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below.\u003cbr\u003eFor more information about upgrading see \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.arista.com/en/um-eos/eos-upgrades-and-downgrades\"\u003eEOS User Manual: Upgrades and Downgrades\u003c/a\u003e\u003c/p\u003e\u003cp\u003eCVE-2023-3646 has been fixed in the following releases:\u003c/p\u003e\u003cul\u003e\u003cli\u003e4.28.6M and later releases in the 4.28.x train\u003c/li\u003e\u003cli\u003e4.29.2F and later releases in the 4.29.x train\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below.\nFor more information about upgrading see EOS User Manual: Upgrades and Downgrades https://www.arista.com/en/um-eos/eos-upgrades-and-downgrades \n\nCVE-2023-3646 has been fixed in the following releases:\n\n * 4.28.6M and later releases in the 4.28.x train\n * 4.29.2F and later releases in the 4.29.x train\n\n\n"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ch3\u003eHotfix\u003c/h3\u003e\u003cp\u003eThe following hotfix can be applied to remediate CVE-2023-3646. The hotfix only applies to the releases listed below and no other releases. All other versions require upgrading to a release containing the fix (as listed above):\u003c/p\u003e\u003cul\u003e\u003cli\u003e4.28.2F through 4.28.5.1M releases in the 4.28.x train\u003c/li\u003e\u003cli\u003e4.29.1F and earlier releases in the 4.29.X train\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eNote: Installing/uninstalling the Hotfix will result in a restart of the SandFapNi agent and an associated reprogramming of the switch chip. This process could result in outages from 5-20 minutes, depending on the number of active ports in the particular system.\u003c/p\u003e\u003cp\u003eTo determine which hotfix to use, run \u201c\u003cb\u003eshow version\u003c/b\u003e\u201d from the CLI and refer to the \u201cArchitecture\u201d Field.\u003c/p\u003e\u003cdiv\u003eVersion: 1.0\u003cbr\u003eURL: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.arista.com/support/advisories-notices/sa-download/?sa=88-SecurityAdvisory88_CVE-2023-3646_Hotfix_i686.swix\"\u003eSecurityAdvisory88_CVE-2023-3646_Hotfix_i686.swix\u003c/a\u003e\u003cpre\u003eSWIX hash:(SHA-512)\n9c01d1bc1d657879e1a1b657a8c0dab090d589efc3f2c64e9cac1ae0356fce14496809893bffb0892b1505f8b4ee25cad0064bd7315ba6737dc5fdb200539f1a\n\u003c/pre\u003e\u003c/div\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cdiv\u003eURL: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.arista.com/support/advisories-notices/sa-download/?sa=88-SecurityAdvisory88_CVE-2023-3646_Hotfix_x86_64.swix\"\u003eSecurityAdvisory88_CVE-2023-3646_Hotfix_x86_64.swix\u003c/a\u003e\u003cpre\u003eSWIX hash:(SHA512)\n98e98c2c34f81df4da3e4068ac9a81191f4c6ef1acab884972d092c79a7495e00d9a25c8713620d3e25b4699f777810a627634eb8078dcbbb19317ed27a9b0d5 \n\u003c/pre\u003e\u003c/div\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cp\u003eFor instructions on installation and verification of the hotfix patch, refer to the \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.arista.com/en/um-eos/eos-managing-eos-extensions?searchword=eos%20section%206%206%20managing%20eos%20extensions\"\u003e\u201cmanaging eos extensions\u201d\u003c/a\u003e\u0026nbsp;section in the EOS User Manual. Ensure that the patch is made persistent across reboots by running the command \u2018copy installed-extensions boot-extensions\u2019.\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "HotfixThe following hotfix can be applied to remediate CVE-2023-3646. The hotfix only applies to the releases listed below and no other releases. All other versions require upgrading to a release containing the fix (as listed above):\n\n * 4.28.2F through 4.28.5.1M releases in the 4.28.x train\n * 4.29.1F and earlier releases in the 4.29.X train\n\n\nNote: Installing/uninstalling the Hotfix will result in a restart of the SandFapNi agent and an associated reprogramming of the switch chip. This process could result in outages from 5-20 minutes, depending on the number of active ports in the particular system.\n\nTo determine which hotfix to use, run \u201cshow version\u201d from the CLI and refer to the \u201cArchitecture\u201d Field.\n\nVersion: 1.0\nURL: SecurityAdvisory88_CVE-2023-3646_Hotfix_i686.swix https://www.arista.com/support/advisories-notices/sa-download/ SWIX hash:(SHA-512)\n9c01d1bc1d657879e1a1b657a8c0dab090d589efc3f2c64e9cac1ae0356fce14496809893bffb0892b1505f8b4ee25cad0064bd7315ba6737dc5fdb200539f1a\n\n\n\n\n\u00a0\n\nURL: SecurityAdvisory88_CVE-2023-3646_Hotfix_x86_64.swix https://www.arista.com/support/advisories-notices/sa-download/ SWIX hash:(SHA512)\n98e98c2c34f81df4da3e4068ac9a81191f4c6ef1acab884972d092c79a7495e00d9a25c8713620d3e25b4699f777810a627634eb8078dcbbb19317ed27a9b0d5 \n\n\n\n\n\u00a0\n\nFor instructions on installation and verification of the hotfix patch, refer to the \u201cmanaging eos extensions\u201d https://www.arista.com/en/um-eos/eos-managing-eos-extensions \u00a0section in the EOS User Manual. Ensure that the patch is made persistent across reboots by running the command \u2018copy installed-extensions boot-extensions\u2019.\n\n\n"
}
],
"source": {
"advisory": "88",
"defect": [
"BUG829136",
"BUG765111"
],
"discovery": "INTERNAL"
},
"title": "On affected platforms running Arista EOS with mirroring to multiple destinations configured, an internal system error may trigger a kernel panic and cause system reload.",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cb\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eThe suggestion to prevent this issue is to remove any mirroring config\u003c/span\u003e\u003c/p\u003e\u003cdiv\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003e#show monitor session\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: rgb(255, 255, 0);\"\u003eNo sessions created\u003c/span\u003e\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eThis example confirms that the system does not have any mirroring config present which will prevent this issue from occurring.\u003c/span\u003e\u003c/p\u003e\u003c/b\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "The suggestion to prevent this issue is to remove any mirroring config\n\n#show monitor session\n\nNo sessions created\n\n\n\nThis example confirms that the system does not have any mirroring config present which will prevent this issue from occurring.\n\n\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2023-3646",
"datePublished": "2023-08-29T16:31:57.668Z",
"dateReserved": "2023-07-12T17:53:27.986Z",
"dateUpdated": "2024-09-30T17:44:07.777Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-24509
Vulnerability from cvelistv5
Published
2023-04-13 00:00
Modified
2024-08-02 10:56
Severity ?
EPSS score ?
Summary
On affected modular platforms running Arista EOS equipped with both redundant supervisor modules and having the redundancy protocol configured with RPR or SSO, an existing unprivileged user can login to the standby supervisor as a root user, leading to a privilege escalation. Valid user credentials are required in order to exploit this vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Arista Networks | Arista EOS |
Version: 4.23.0 4.23.13M Version: 4.28.0 < Version: 4.27.0 < Version: 4.286.0 < Version: 4.25.0 < Version: 4.24.0 < |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:56:04.282Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/16985-security-advisory-0082"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Arista EOS",
"vendor": "Arista Networks",
"versions": [
{
"status": "affected",
"version": "4.23.0 4.23.13M"
},
{
"lessThanOrEqual": "4.28.3M",
"status": "affected",
"version": "4.28.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.27.6M",
"status": "affected",
"version": "4.27.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.26.8M",
"status": "affected",
"version": "4.286.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.25.9M",
"status": "affected",
"version": "4.25.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.24.10M",
"status": "affected",
"version": "4.24.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "In order to be vulnerable to CVE-2023-24509, the following conditions must be met:\n\nTwo supervisor modules must both be inserted and active. To determine the status of the supervisor modules,\n\nswitch#show module \nModule Ports Card Type Model Serial No.\n------- ----- ------------------------ ---------------- -----------\n1 3 DCS-7500-SUP2 Supervisor DCS-7500-SUP2 SSJ17133450\n2 2 Standby supervisor DCS-7500-SUP2 SSJ17133441\n \nModule Status Uptime Power off reason\n------- ------- ------- ----------------\n1 Active 0:24:58 N/A\n2 Standby 0:24:58 N/A\nSupervisor redundancy protocol must be configured with RPR(Route Processor Redundancy) or SSO (Stateful Switchover) on the switch. To determine the state and the current redundancy protocol of both supervisors on the switch,\n\nswitch#show redundancy status\n my state = ACTIVE\npeer state = STANDBY WARM\n Unit = Primary\n Unit ID = 1\n \nRedundancy Protocol (Operational) = Route Processor Redundancy\nRedundancy Protocol (Configured) = Route Processor Redundancy\nCommunications = Up\nReady for switchover\n \n Last switchover time = 7:23:56 ago\nLast switchover reason = Supervisor has control of the active supervisor lock"
}
],
"credits": [
{
"lang": "en",
"value": "Arista would like to acknowledge and thank Marc-Andr\u00e9 Labont\u00e9, Senior Information Security Analyst at Desjardins for responsibly reporting CVE-2023-24509."
}
],
"datePublic": "2023-02-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "On affected modular platforms running Arista EOS equipped with both redundant supervisor modules and having the redundancy protocol configured with RPR or SSO, an existing unprivileged user can login to the standby supervisor as a root user, leading to a privilege escalation. Valid user credentials are required in order to exploit this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-13T00:00:00",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/16985-security-advisory-0082"
}
],
"solutions": [
{
"lang": "en",
"value": "The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below.\n\nCVE-2023-24509 has been fixed in the following releases:\n\n4.28.4M and later releases in the 4.28.x train\n4.27.7M and later releases in the 4.27.x train\n4.26.9M and later releases in the 4.26.x train\n4.25.10M and later releases in the 4.25.x train\n4.24.11M and later releases in the 4.24.x train"
},
{
"lang": "en",
"value": "The following hotfix can be applied to remediate CVE-2023-24509. The hotfix only applies to the releases listed below and no other releases. All other versions require upgrading to a release containing the fix (as listed above).: \n\n4.28.3M and below releases in the 4.28.x train\n4.27.6M and below releases in the 4.27.x train\n4.26.8M and below releases in the 4.26.x train\n4.25.9M and below releases in the 4.25.x train\n4.24.10M\n4.23.13M\nNote: Installing/uninstalling the SWIX will cause ConfigAgent to restart and disconnect existing CLI sessions.\n\nVersion: 1.0\n\nURL: SecurityAdvisory82_CVE-2023-24509_Hotfix.swix\n\nSWIX hash:\n\n(SHA-512)7833ab99e11cfea1ec28c09aedffd062cfc865a20a843ee6184caff1081e748c8a02590644d0c7b0e377027379cbaadc8b1a70d1c37097bf98c1bedb429dca56"
}
],
"source": {
"advisory": "82",
"defect": [
"723401"
],
"discovery": "EXTERNAL"
},
"title": "On affected modular platforms running Arista EOS equipped with both redundant supervisor modules and having the redundancy protocol configured with RPR or SSO, an existing unprivileged user can login to the standby supervisor as a root user, leading t ...",
"workarounds": [
{
"lang": "en",
"value": "The workaround is to disable \u201cssh\u201d CLI command in unprivileged mode on the SSH client devices by using command authorization. This can be done with Role-Based Access Control (RBAC).\n\nIf the \u201cssh\u201d CLI command is currently used to connect to a remote host, the destination address can be added to an allowlist with RBAC."
}
],
"x_ConverterErrors": {
"TITLE": {
"error": "TITLE too long. Truncating in v5 record.",
"message": "Truncated!"
}
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2023-24509",
"datePublished": "2023-04-13T00:00:00",
"dateReserved": "2023-01-24T00:00:00",
"dateUpdated": "2024-08-02T10:56:04.282Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-28510
Vulnerability from cvelistv5
Published
2023-01-24 00:00
Modified
2024-08-03 21:47
Severity ?
EPSS score ?
Summary
For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling message with an invalid Type-Length-Value (TLV) causes the PTP agent to restart. Repeated restarts of the service will make the service unavailable.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Arista Networks | EOS |
Version: 4.22 Version: 4.27.1 < Version: 4.26.4 < Version: 4.25.6 < Version: 4.24.8 < Version: 4.23.10 < |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:47:32.671Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/15439-security-advisory-0076"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EOS",
"vendor": "Arista Networks",
"versions": [
{
"status": "affected",
"version": "4.22"
},
{
"lessThanOrEqual": "4.27.0",
"status": "affected",
"version": "4.27.1",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.26.0",
"status": "affected",
"version": "4.26.4",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.25.0",
"status": "affected",
"version": "4.25.6",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.24.0",
"status": "affected",
"version": "4.24.8",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.23.0",
"status": "affected",
"version": "4.23.10",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling message with an invalid Type-Length-Value (TLV) causes the PTP agent to restart. Repeated restarts of the service will make the service unavailable."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-24T00:00:00",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/15439-security-advisory-0076"
}
],
"solutions": [
{
"lang": "en",
"value": "The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Artista recommends customers move to the latest version of each release that contains all the fixes listed below.\n\nCVE-2021-28510 has been fixed in the following releases:\n4.27.2 and later releases in the 4.27.x train\n4.26.5 and later releases in the 4.26.x train\n4.25.7 and later releases in the 4.25.x train\n4.24.9 and later releases in the 4.24.x train\n4.23.11 and later releases in the 4.23.x train\n"
},
{
"lang": "en",
"value": "Hotfix\n\nThe following hotfix can be applied to remediate CVE-2021-28510\nNote: Installing/uninstalling the SWIX will cause the PTP agent to restart.\n\nVersion: 1.0\nURL:SecurityAdvisory76_CVE-2021-28510_Hotfix.swix\n\nSWIX hash: (SHA-512)2b78b8274b7c73083775b0327e13819c655db07e22b80038bb3843002c679a798b53a4638c549a86183e01a835377bf262d27e60020a39516a5d215e2fadb437 "
}
],
"source": {
"advisory": "76",
"defect": [
"BUG",
"638107"
],
"discovery": "INTERNAL"
},
"title": "For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling message with an invalid Type-Length-Value (TLV) causes the PTP agent to restart. Repeated restarts of the service will make the service unavailable.",
"workarounds": [
{
"lang": "en",
"value": "Install ACL rules to drop PTP packets from untrusted sources. Best practice is to block access to untrusted (non-management) networks."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2021-28510",
"datePublished": "2023-01-24T00:00:00",
"dateReserved": "2021-03-16T00:00:00",
"dateUpdated": "2024-08-03T21:47:32.671Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}