CVE-2023-24548 (GCVE-0-2023-24548)
Vulnerability from cvelistv5
Published
2023-08-29 16:13
Modified
2024-09-30 17:46
Severity ?
VLAI Severity ?
High (confidence: 0.9557)
EPSS score ?
0.05%
(0.17061)
CWE
- CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Summary
On affected platforms running Arista EOS with VXLAN configured, malformed or truncated packets received over a VXLAN tunnel and forwarded in hardware can cause egress ports to be unable to forward packets. The device will continue to be susceptible to the issue until remediation is in place.
References
► | URL | Tags | |
---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Arista Networks | EOS |
Version: 4.25.0F < Version: 4.24.0 < Version: 4.23.0 < Version: 4.22.1F < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T11:03:18.834Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.arista.com/en/support/advisories-notices/security-advisory/18043-security-advisory-0089", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-24548", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-09-30T17:34:44.954023Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-30T17:46:19.199Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "EOS", vendor: "Arista Networks", versions: [ { lessThanOrEqual: "=4.25.0F", status: "affected", version: "4.25.0F", versionType: "custom", }, { lessThanOrEqual: "<=4.24.11M", status: "affected", version: "4.24.0", versionType: "custom", }, { lessThanOrEqual: "<=4.23.14M", status: "affected", version: "4.23.0", versionType: "custom", }, { lessThanOrEqual: "<=4.22.13M", status: "affected", version: "4.22.1F", versionType: "custom", }, ], }, ], configurations: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<b><p><span style=\"background-color: transparent;\">In order to be vulnerable to CVE-2023-24548, the following three conditions must be met:</span></p><br><p><span style=\"background-color: transparent;\">IP routing should be enabled:</span></p><br><div><table><tbody><tr><td><p><span style=\"background-color: transparent;\">Switch> show running-config section ip routing</span></p><p><span style=\"background-color: transparent;\">ip routing</span></p></td></tr></tbody></table></div><br><p><span style=\"background-color: transparent;\">AND</span></p><br><p><span style=\"background-color: transparent;\">VXLAN should be configured - a sample configuration is found below:</span></p><br><div><table><tbody><tr><td><p><span style=\"background-color: transparent;\"># Loopback interface configuration</span></p><p><span style=\"background-color: transparent;\">switch> show running-config section loopback</span></p><p><span style=\"background-color: transparent;\">interface Loopback0</span></p><p><span style=\"background-color: transparent;\"> ip address 10.0.0.1/32</span></p><br><p><span style=\"background-color: transparent;\"># VXLAN VTEP configuration</span></p><p><span style=\"background-color: transparent;\">switch> show running-config section vxlan</span></p><p><span style=\"background-color: transparent;\">interface Vxlan1</span></p><p><span style=\"background-color: transparent;\"> vxlan source-interface Loopback0</span></p><p><span style=\"background-color: transparent;\"> vxlan udp-port 4789</span></p><p><span style=\"background-color: transparent;\"> vxlan flood vtep 10.0.0.2</span></p></td></tr></tbody></table></div><br><p><span style=\"background-color: transparent;\">AND</span></p><br><p><span style=\"background-color: transparent;\">VXLAN extended VLAN or VNI must be routable - two examples are shown below:</span><span style=\"background-color: transparent;\"> </span></p><br><div><table><tbody><tr><td><p><span style=\"background-color: transparent;\"># Overlay interface</span></p><p><span style=\"background-color: transparent;\">switch> show running-config section vlan</span></p><p><span style=\"background-color: transparent;\">vlan 100</span></p><p><span style=\"background-color: transparent;\">interface Ethernet1/1</span></p><p><span style=\"background-color: transparent;\"> switchport access vlan 100</span></p><p><span style=\"background-color: transparent;\">interface Vlan100</span></p><p><span style=\"background-color: transparent;\"> ip address 1.0.0.1/24</span></p><br><p><span style=\"background-color: transparent;\">Interface Vxlan1</span></p><p><span style=\"background-color: transparent;\"> vxlan vlan 100 vni 100000</span></p></td></tr></tbody></table></div><br><div><table><tbody><tr><td><p><span style=\"background-color: transparent;\">switch> show running-config section red</span></p><p><span style=\"background-color: transparent;\">vrf instance red</span></p><p><span style=\"background-color: transparent;\">ip routing vrf red</span></p><br><p><span style=\"background-color: transparent;\">interface Vxlan1</span></p><p><span style=\"background-color: transparent;\"> vxlan vrf red vni 200000</span></p></td></tr></tbody></table></div><br><br><p><span style=\"background-color: transparent;\">Whether such a configuration exists can be checked as follows:</span></p><br><div><table><tbody><tr><td><p><span style=\"background-color: transparent;\">switch> show vxlan vni</span></p><p><span style=\"background-color: transparent;\">VNI to VLAN Mapping for Vxlan1</span></p><p><span style=\"background-color: transparent;\">VNI VLAN Source Interface 802.1Q Tag</span></p><p><span style=\"background-color: transparent;\">------------ ---------- ------------ ----------------- ----------</span></p><p><span style=\"background-color: rgb(255, 255, 0);\">100000</span><span style=\"background-color: transparent;\"> </span><span style=\"background-color: rgb(255, 255, 0);\">100</span><span style=\"background-color: transparent;\"> static Ethernet1/1 untagged</span></p><p><span style=\"background-color: transparent;\"> Vxlan1 100</span></p><br><p><span style=\"background-color: transparent;\">VNI to dynamic VLAN Mapping for Vxlan1</span></p><p><span style=\"background-color: transparent;\">VNI VLAN VRF Source</span></p><p><span style=\"background-color: transparent;\">------------ ---------- --------- ------------</span></p><p><span style=\"background-color: rgb(255, 255, 0);\">200000</span><span style=\"background-color: transparent;\"> </span><span style=\"background-color: rgb(255, 255, 0);\">1006</span><span style=\"background-color: transparent;\"> red evpn</span></p><br><br><p><span style=\"background-color: transparent;\">switch> show vlan</span></p><p><span style=\"background-color: transparent;\">VLAN Name Status Ports</span></p><p><span style=\"background-color: transparent;\">----- -------------------------------- --------- -------------------------------</span></p><p><span style=\"background-color: rgb(255, 255, 0);\">100</span><span style=\"background-color: transparent;\"> VLAN0100 active Cpu, </span><span style=\"background-color: rgb(255, 255, 0);\">Vx1</span></p><p><span style=\"background-color: rgb(255, 255, 0);\">1006</span><span style=\"background-color: transparent;\">* VLAN1006 active Cpu, </span><span style=\"background-color: rgb(255, 255, 0);\">Vx1</span></p><br><br><p><span style=\"background-color: transparent;\">switch> show ip interface brief</span></p><p><span style=\"background-color: transparent;\"> Address</span></p><p><span style=\"background-color: transparent;\">Interface IP Address Status Protocol MTU Owner</span></p><p><span style=\"background-color: transparent;\">----------------- --------------------- ------------ -------------- ----------- -------</span></p><p><span style=\"background-color: rgb(255, 255, 0);\">Vlan100</span><span style=\"background-color: transparent;\"> 1.0.0.1/24 </span><span style=\"background-color: rgb(255, 255, 0);\">up</span><span style=\"background-color: transparent;\"> up 1500</span></p><p><span style=\"background-color: rgb(255, 255, 0);\">Vlan1006</span><span style=\"background-color: transparent;\"> unassigned </span><span style=\"background-color: rgb(255, 255, 0);\">up</span><span style=\"background-color: transparent;\"> up 10168</span></p></td></tr></tbody></table></div><br><p><span style=\"background-color: transparent;\">From the above outputs, it can be seen that IP routing is enabled, VXLAN is configured, and VNIs 100000 (mapped to VLAN 100) and 200000 (mapped to VRF red) are routable.</span></p></b><br><br>", }, ], value: "In order to be vulnerable to CVE-2023-24548, the following three conditions must be met:\n\n\nIP routing should be enabled:\n\n\nSwitch> show running-config section ip routing\n\nip routing\n\n\n\n\nAND\n\n\nVXLAN should be configured - a sample configuration is found below:\n\n\n# Loopback interface configuration\n\nswitch> show running-config section loopback\n\ninterface Loopback0\n\n ip address 10.0.0.1/32\n\n\n# VXLAN VTEP configuration\n\nswitch> show running-config section vxlan\n\ninterface Vxlan1\n\n vxlan source-interface Loopback0\n\n vxlan udp-port 4789\n\n vxlan flood vtep 10.0.0.2\n\n\n\n\nAND\n\n\nVXLAN extended VLAN or VNI must be routable - two examples are shown below: \n\n\n# Overlay interface\n\nswitch> show running-config section vlan\n\nvlan 100\n\ninterface Ethernet1/1\n\n switchport access vlan 100\n\ninterface Vlan100\n\n ip address 1.0.0.1/24\n\n\nInterface Vxlan1\n\n vxlan vlan 100 vni 100000\n\n\n\n\nswitch> show running-config section red\n\nvrf instance red\n\nip routing vrf red\n\n\ninterface Vxlan1\n\n vxlan vrf red vni 200000\n\n\n\n\n\nWhether such a configuration exists can be checked as follows:\n\n\nswitch> show vxlan vni\n\nVNI to VLAN Mapping for Vxlan1\n\nVNI VLAN Source Interface 802.1Q Tag\n\n------------ ---------- ------------ ----------------- ----------\n\n100000 100 static Ethernet1/1 untagged\n\n Vxlan1 100\n\n\nVNI to dynamic VLAN Mapping for Vxlan1\n\nVNI VLAN VRF Source\n\n------------ ---------- --------- ------------\n\n200000 1006 red evpn\n\n\n\nswitch> show vlan\n\nVLAN Name Status Ports\n\n----- -------------------------------- --------- -------------------------------\n\n100 VLAN0100 active Cpu, Vx1\n\n1006* VLAN1006 active Cpu, Vx1\n\n\n\nswitch> show ip interface brief\n\n Address\n\nInterface IP Address Status Protocol MTU Owner\n\n----------------- --------------------- ------------ -------------- ----------- -------\n\nVlan100 1.0.0.1/24 up up 1500\n\nVlan1006 unassigned up up 10168\n\n\n\n\nFrom the above outputs, it can be seen that IP routing is enabled, VXLAN is configured, and VNIs 100000 (mapped to VLAN 100) and 200000 (mapped to VRF red) are routable.\n\n\n\n", }, ], datePublic: "2023-08-23T15:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<b><span style=\"background-color: transparent;\">On</span> <span style=\"background-color: transparent;\">affected platforms running Arista EOS with VXLAN configured, malformed or truncated packets received over a VXLAN tunnel and forwarded in hardware can cause egress ports to be unable to forward packets. The device will continue to be susceptible to the issue until remediation is in place.</span></b><br>", }, ], value: "On affected platforms running Arista EOS with VXLAN configured, malformed or truncated packets received over a VXLAN tunnel and forwarded in hardware can cause egress ports to be unable to forward packets. The device will continue to be susceptible to the issue until remediation is in place.\n", }, ], impacts: [ { capecId: "CAPEC-583", descriptions: [ { lang: "en", value: "CAPEC-583 Disabling Network Hardware", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-29T16:13:10.451Z", orgId: "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7", shortName: "Arista", }, references: [ { url: "https://www.arista.com/en/support/advisories-notices/security-advisory/18043-security-advisory-0089", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<b><p><span style=\"background-color: transparent;\">The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. For more information about upgrading see </span><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.arista.com/en/um-eos/eos-upgrades-and-downgrades\"><span style=\"background-color: transparent;\">EOS User Manual: Upgrades and Downgrades</span></a></p><br><p><span style=\"background-color: transparent;\">CVE-2023-24548 has been fixed in the following releases:</span></p><ul><li><p><span style=\"background-color: transparent;\">4.30.0F and later releases in the 4.30.x train</span></p></li><li><p><span style=\"background-color: transparent;\">4.29.0F and later releases in the 4.29.x train</span></p></li><li><p><span style=\"background-color: transparent;\">4.28.0F and later releases in the 4.28.x train</span></p></li><li><p><span style=\"background-color: transparent;\">4.27.0F and later releases in the 4.27.x train</span></p></li><li><p><span style=\"background-color: transparent;\">4.26.0F and later releases in the 4.26.x train</span></p></li><li><p><span style=\"background-color: transparent;\">4.25.1F and later releases in the 4.25.x train</span></p></li></ul><span style=\"background-color: transparent;\">No remediation is planned for EOS software versions that are beyond their </span><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.arista.com/en/support/product-documentation/eos-life-cycle-policy\"><span style=\"background-color: transparent;\">standard EOS support lifecycle</span></a><span style=\"background-color: transparent;\"> (i.e. 4.22, 4.23).</span></b><br>", }, ], value: "The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. For more information about upgrading see EOS User Manual: Upgrades and Downgrades https://www.arista.com/en/um-eos/eos-upgrades-and-downgrades \n\n\nCVE-2023-24548 has been fixed in the following releases:\n\n * 4.30.0F and later releases in the 4.30.x train\n\n\n * 4.29.0F and later releases in the 4.29.x train\n\n\n * 4.28.0F and later releases in the 4.28.x train\n\n\n * 4.27.0F and later releases in the 4.27.x train\n\n\n * 4.26.0F and later releases in the 4.26.x train\n\n\n * 4.25.1F and later releases in the 4.25.x train\n\n\n\n\nNo remediation is planned for EOS software versions that are beyond their standard EOS support lifecycle https://www.arista.com/en/support/product-documentation/eos-life-cycle-policy (i.e. 4.22, 4.23).\n", }, ], source: { advisory: "Security Advisory 89", defect: [ "828687", ], discovery: "INTERNAL", }, title: "On affected platforms running Arista EOS with VXLAN configured, malformed or truncated packets received over a VXLAN tunnel and forwarded in hardware can cause egress ports to be unable to forward packets", workarounds: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<b><span style=\"background-color: transparent;\">There is no known mitigation for the issue. The recommended resolution is to upgrade to a remediated software version at your earliest convenience.</span></b><br>", }, ], value: "There is no known mitigation for the issue. The recommended resolution is to upgrade to a remediated software version at your earliest convenience.\n", }, ], x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7", assignerShortName: "Arista", cveId: "CVE-2023-24548", datePublished: "2023-08-29T16:13:10.451Z", dateReserved: "2023-01-26T11:37:43.827Z", dateUpdated: "2024-09-30T17:46:19.199Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { fkie_nvd: { configurations: "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.22.1f\", \"versionEndIncluding\": \"4.22.13m\", \"matchCriteriaId\": \"A9F1F226-FDB1-4452-B166-D08635DAEC5B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.23.0\", \"versionEndIncluding\": \"4.23.14m\", \"matchCriteriaId\": \"13BE6AE1-4649-4E0B-A4CA-2632CD400940\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.24.0\", \"versionEndIncluding\": \"4.24.11m\", \"matchCriteriaId\": \"2909559A-6FB4-400C-A1AE-BF2B883F4964\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:arista:eos:4.25.0f:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"37536357-7701-48BE-9751-9BADD8E4AAAF\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7280cr3-32d4:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7FEC18B3-7980-4EBF-8E15-F8E92DADD062\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7280cr3-32p4:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"87E85F7C-F33B-49C1-A526-ACC1BEF3B65C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7280cr3-36s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A3B9CB1B-730E-45C9-A0B1-3C2F4A72A159\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7280cr3-96:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2E54F451-CA87-4F32-A088-AE18123CE07A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7280cr3a-24d12:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"43B967ED-2212-4558-A9AC-ACA94C94FD39\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7280cr3a-48d6:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD7877C6-9DE4-4952-94D2-3A456D02CF1A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7280cr3a-72:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2FD635FB-5EA8-4B02-894C-4C016090AAB3\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7280dr3-24:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"85D9E9FF-564E-4B16-8070-33A366F48FE9\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7280dr3a-36:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DC1F6DBC-212F-4E0B-B039-06955322B0D7\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7280dr3a-54:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BC474A71-8D2F-4138-9D65-E2F86B0B62DC\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7280dr3ak-36:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1943057A-5776-4B20-97C7-03CE14AEA367\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7280dr3ak-54:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1AE86A14-76ED-4427-94CC-7BF335BB9369\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7280dr3am-36:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"986DCBF4-E4FB-41EE-BD1B-D62A4EC7237E\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7280dr3am-54:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4EA04EA0-170A-4B79-96B8-8F09D6FFC261\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7280pr3-24:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F14163D2-B236-4C78-9DB4-97DE6D996EBC\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7280r3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"60FC964C-9835-443A-A584-3A5D6022E914\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7280sr3-40yc6:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D4B5A8D4-43BA-4591-BE00-00031D4BDBE3\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7280sr3-48yc8:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8143579F-AD53-4D74-AE3E-4D465DCD7A57\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7280tr3-40c6:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"939772F0-4352-46C1-B6D5-38FA12EBF6E1\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7500r3-24d:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BE1BB565-2668-4242-8A00-5CC9C30B9AC9\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7500r3-24p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"15F1A605-8836-4A64-AC5E-ADAB34F8F104\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7500r3-36cq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BE8A047A-9FD9-4AE1-9E47-457A46BAE3A4\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7500r3k-36cq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"019B0670-389B-4A4E-8C72-52202E3AA8EF\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7500r3k-48y4d:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FCDF5089-5914-4B4F-A2E6-0EB2B40698A5\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7504r3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8387CCEA-F00C-4F1F-B966-ACF8B16F1D22\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7508r3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"55AE2A1C-A4FD-423B-A77E-2E24C2310A6A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7512r3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C4B0D708-B426-4CA1-BE87-08BD14B7EACE\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7800r3-36d:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1E49B089-AE52-4B47-A3B4-547D10ACED9A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7800r3-36p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D19E86BF-AA91-4262-8EF9-B7FC48C6F3F8\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7800r3-48cq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"58443CDE-33D8-4460-A861-CDC07431AA22\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7800r3a-36d:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"26FDC60C-860F-40BD-AF13-54712B56C87F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7800r3a-36dm:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"70658CB0-D114-40E5-866D-B21875FFF93C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7800r3a-36p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E6BBA281-F67E-4D13-BDCD-E1164912EC8C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7800r3a-36pm:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F3B0C0EE-3C5E-4E3E-9BAE-9D5D06A98CAB\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7800r3ak-36dm:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ABAC894C-D39E-4BB2-A968-E2F23C299A29\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7800r3ak-36pm:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D2C6E3F9-0191-4BC5-A89C-58BF13C195B6\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7800r3k-36dm:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C0B813A1-8BD1-4AFA-95A3-5947A918E9AF\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7800r3k-48cq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"64BE8C68-FE98-4162-A3D3-54494D5444F5\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7800r3k-48cqms:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9615121C-4EC0-44F5-8C00-E70271CC04A2\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7800r3k-72y7512r3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"185E4E68-D5EF-4B7B-B1EF-7EF1B00F118C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7808r3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2F078B04-2DA0-4A4B-BB1A-408DC14CB61F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7812r3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E9B99200-EC76-404E-9900-5D1DC3B9A758\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arista:7816r3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5A172A49-1A0E-464B-BDDD-A8F52856D595\"}]}]}]", descriptions: "[{\"lang\": \"en\", \"value\": \"On affected platforms running Arista EOS with VXLAN configured, malformed or truncated packets received over a VXLAN tunnel and forwarded in hardware can cause egress ports to be unable to forward packets. The device will continue to be susceptible to the issue until remediation is in place.\\n\"}]", id: "CVE-2023-24548", lastModified: "2024-11-21T07:48:06.157", metrics: "{\"cvssMetricV31\": [{\"source\": \"psirt@arista.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 5.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"ADJACENT_NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.6, \"impactScore\": 3.6}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 6.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"ADJACENT_NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 3.6}]}", published: "2023-08-29T17:15:11.790", references: "[{\"url\": \"https://www.arista.com/en/support/advisories-notices/security-advisory/18043-security-advisory-0089\", \"source\": \"psirt@arista.com\", \"tags\": [\"Exploit\", \"Vendor Advisory\"]}, {\"url\": \"https://www.arista.com/en/support/advisories-notices/security-advisory/18043-security-advisory-0089\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Vendor Advisory\"]}]", sourceIdentifier: "psirt@arista.com", vulnStatus: "Modified", weaknesses: "[{\"source\": \"psirt@arista.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-120\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-120\"}]}]", }, nvd: "{\"cve\":{\"id\":\"CVE-2023-24548\",\"sourceIdentifier\":\"psirt@arista.com\",\"published\":\"2023-08-29T17:15:11.790\",\"lastModified\":\"2024-11-21T07:48:06.157\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"On affected platforms running Arista EOS with VXLAN configured, malformed or truncated packets received over a VXLAN tunnel and forwarded in hardware can cause egress ports to be unable to forward packets. The device will continue to be susceptible to the issue until remediation is in place.\\n\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@arista.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.6,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"psirt@arista.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-120\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-120\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.22.1f\",\"versionEndIncluding\":\"4.22.13m\",\"matchCriteriaId\":\"A9F1F226-FDB1-4452-B166-D08635DAEC5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.23.0\",\"versionEndIncluding\":\"4.23.14m\",\"matchCriteriaId\":\"13BE6AE1-4649-4E0B-A4CA-2632CD400940\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.24.0\",\"versionEndIncluding\":\"4.24.11m\",\"matchCriteriaId\":\"2909559A-6FB4-400C-A1AE-BF2B883F4964\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:eos:4.25.0f:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37536357-7701-48BE-9751-9BADD8E4AAAF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7280cr3-32d4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FEC18B3-7980-4EBF-8E15-F8E92DADD062\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7280cr3-32p4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87E85F7C-F33B-49C1-A526-ACC1BEF3B65C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7280cr3-36s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3B9CB1B-730E-45C9-A0B1-3C2F4A72A159\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7280cr3-96:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E54F451-CA87-4F32-A088-AE18123CE07A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7280cr3a-24d12:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43B967ED-2212-4558-A9AC-ACA94C94FD39\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7280cr3a-48d6:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD7877C6-9DE4-4952-94D2-3A456D02CF1A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7280cr3a-72:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FD635FB-5EA8-4B02-894C-4C016090AAB3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7280dr3-24:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85D9E9FF-564E-4B16-8070-33A366F48FE9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7280dr3a-36:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC1F6DBC-212F-4E0B-B039-06955322B0D7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7280dr3a-54:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC474A71-8D2F-4138-9D65-E2F86B0B62DC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7280dr3ak-36:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1943057A-5776-4B20-97C7-03CE14AEA367\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7280dr3ak-54:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1AE86A14-76ED-4427-94CC-7BF335BB9369\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7280dr3am-36:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"986DCBF4-E4FB-41EE-BD1B-D62A4EC7237E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7280dr3am-54:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4EA04EA0-170A-4B79-96B8-8F09D6FFC261\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7280pr3-24:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F14163D2-B236-4C78-9DB4-97DE6D996EBC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7280r3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"60FC964C-9835-443A-A584-3A5D6022E914\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7280sr3-40yc6:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4B5A8D4-43BA-4591-BE00-00031D4BDBE3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7280sr3-48yc8:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8143579F-AD53-4D74-AE3E-4D465DCD7A57\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7280tr3-40c6:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"939772F0-4352-46C1-B6D5-38FA12EBF6E1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7500r3-24d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE1BB565-2668-4242-8A00-5CC9C30B9AC9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7500r3-24p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15F1A605-8836-4A64-AC5E-ADAB34F8F104\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7500r3-36cq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE8A047A-9FD9-4AE1-9E47-457A46BAE3A4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7500r3k-36cq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"019B0670-389B-4A4E-8C72-52202E3AA8EF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7500r3k-48y4d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCDF5089-5914-4B4F-A2E6-0EB2B40698A5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7504r3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8387CCEA-F00C-4F1F-B966-ACF8B16F1D22\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7508r3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55AE2A1C-A4FD-423B-A77E-2E24C2310A6A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7512r3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4B0D708-B426-4CA1-BE87-08BD14B7EACE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7800r3-36d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E49B089-AE52-4B47-A3B4-547D10ACED9A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7800r3-36p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D19E86BF-AA91-4262-8EF9-B7FC48C6F3F8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7800r3-48cq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58443CDE-33D8-4460-A861-CDC07431AA22\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7800r3a-36d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26FDC60C-860F-40BD-AF13-54712B56C87F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7800r3a-36dm:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"70658CB0-D114-40E5-866D-B21875FFF93C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7800r3a-36p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6BBA281-F67E-4D13-BDCD-E1164912EC8C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7800r3a-36pm:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3B0C0EE-3C5E-4E3E-9BAE-9D5D06A98CAB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7800r3ak-36dm:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABAC894C-D39E-4BB2-A968-E2F23C299A29\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7800r3ak-36pm:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2C6E3F9-0191-4BC5-A89C-58BF13C195B6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7800r3k-36dm:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0B813A1-8BD1-4AFA-95A3-5947A918E9AF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7800r3k-48cq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"64BE8C68-FE98-4162-A3D3-54494D5444F5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7800r3k-48cqms:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9615121C-4EC0-44F5-8C00-E70271CC04A2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7800r3k-72y7512r3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"185E4E68-D5EF-4B7B-B1EF-7EF1B00F118C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7808r3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F078B04-2DA0-4A4B-BB1A-408DC14CB61F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7812r3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9B99200-EC76-404E-9900-5D1DC3B9A758\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:7816r3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A172A49-1A0E-464B-BDDD-A8F52856D595\"}]}]}],\"references\":[{\"url\":\"https://www.arista.com/en/support/advisories-notices/security-advisory/18043-security-advisory-0089\",\"source\":\"psirt@arista.com\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://www.arista.com/en/support/advisories-notices/security-advisory/18043-security-advisory-0089\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]}]}}", vulnrichment: { containers: "{\"cna\": {\"affected\": [{\"defaultStatus\": \"unaffected\", \"product\": \"EOS\", \"vendor\": \"Arista Networks\", \"versions\": [{\"lessThanOrEqual\": \"=4.25.0F\", \"status\": \"affected\", \"version\": \"4.25.0F\", \"versionType\": \"custom\"}, {\"lessThanOrEqual\": \"<=4.24.11M\", \"status\": \"affected\", \"version\": \"4.24.0\", \"versionType\": \"custom\"}, {\"lessThanOrEqual\": \"<=4.23.14M\", \"status\": \"affected\", \"version\": \"4.23.0\", \"versionType\": \"custom\"}, {\"lessThanOrEqual\": \"<=4.22.13M\", \"status\": \"affected\", \"version\": \"4.22.1F\", \"versionType\": \"custom\"}]}], \"configurations\": [{\"lang\": \"en\", \"supportingMedia\": [{\"base64\": false, \"type\": \"text/html\", \"value\": \"<b><p><span style=\\\"background-color: transparent;\\\">In order to be vulnerable to CVE-2023-24548, the following three conditions must be met:</span></p><br><p><span style=\\\"background-color: transparent;\\\">IP routing should be enabled:</span></p><br><div><table><tbody><tr><td><p><span style=\\\"background-color: transparent;\\\">Switch> show running-config section ip routing</span></p><p><span style=\\\"background-color: transparent;\\\">ip routing</span></p></td></tr></tbody></table></div><br><p><span style=\\\"background-color: transparent;\\\">AND</span></p><br><p><span style=\\\"background-color: transparent;\\\">VXLAN should be configured - a sample configuration is found below:</span></p><br><div><table><tbody><tr><td><p><span style=\\\"background-color: transparent;\\\"># Loopback interface configuration</span></p><p><span style=\\\"background-color: transparent;\\\">switch> show running-config section loopback</span></p><p><span style=\\\"background-color: transparent;\\\">interface Loopback0</span></p><p><span style=\\\"background-color: transparent;\\\"> ip address 10.0.0.1/32</span></p><br><p><span style=\\\"background-color: transparent;\\\"># VXLAN VTEP configuration</span></p><p><span style=\\\"background-color: transparent;\\\">switch> show running-config section vxlan</span></p><p><span style=\\\"background-color: transparent;\\\">interface Vxlan1</span></p><p><span style=\\\"background-color: transparent;\\\"> vxlan source-interface Loopback0</span></p><p><span style=\\\"background-color: transparent;\\\"> vxlan udp-port 4789</span></p><p><span style=\\\"background-color: transparent;\\\"> vxlan flood vtep 10.0.0.2</span></p></td></tr></tbody></table></div><br><p><span style=\\\"background-color: transparent;\\\">AND</span></p><br><p><span style=\\\"background-color: transparent;\\\">VXLAN extended VLAN or VNI must be routable - two examples are shown below:</span><span style=\\\"background-color: transparent;\\\"> </span></p><br><div><table><tbody><tr><td><p><span style=\\\"background-color: transparent;\\\"># Overlay interface</span></p><p><span style=\\\"background-color: transparent;\\\">switch> show running-config section vlan</span></p><p><span style=\\\"background-color: transparent;\\\">vlan 100</span></p><p><span style=\\\"background-color: transparent;\\\">interface Ethernet1/1</span></p><p><span style=\\\"background-color: transparent;\\\"> switchport access vlan 100</span></p><p><span style=\\\"background-color: transparent;\\\">interface Vlan100</span></p><p><span style=\\\"background-color: transparent;\\\"> ip address 1.0.0.1/24</span></p><br><p><span style=\\\"background-color: transparent;\\\">Interface Vxlan1</span></p><p><span style=\\\"background-color: transparent;\\\"> vxlan vlan 100 vni 100000</span></p></td></tr></tbody></table></div><br><div><table><tbody><tr><td><p><span style=\\\"background-color: transparent;\\\">switch> show running-config section red</span></p><p><span style=\\\"background-color: transparent;\\\">vrf instance red</span></p><p><span style=\\\"background-color: transparent;\\\">ip routing vrf red</span></p><br><p><span style=\\\"background-color: transparent;\\\">interface Vxlan1</span></p><p><span style=\\\"background-color: transparent;\\\"> vxlan vrf red vni 200000</span></p></td></tr></tbody></table></div><br><br><p><span style=\\\"background-color: transparent;\\\">Whether such a configuration exists can be checked as follows:</span></p><br><div><table><tbody><tr><td><p><span style=\\\"background-color: transparent;\\\">switch> show vxlan vni</span></p><p><span style=\\\"background-color: transparent;\\\">VNI to VLAN Mapping for Vxlan1</span></p><p><span style=\\\"background-color: transparent;\\\">VNI VLAN Source Interface 802.1Q Tag</span></p><p><span style=\\\"background-color: transparent;\\\">------------ ---------- ------------ ----------------- ----------</span></p><p><span style=\\\"background-color: rgb(255, 255, 0);\\\">100000</span><span style=\\\"background-color: transparent;\\\"> </span><span style=\\\"background-color: rgb(255, 255, 0);\\\">100</span><span style=\\\"background-color: transparent;\\\"> static Ethernet1/1 untagged</span></p><p><span style=\\\"background-color: transparent;\\\"> Vxlan1 100</span></p><br><p><span style=\\\"background-color: transparent;\\\">VNI to dynamic VLAN Mapping for Vxlan1</span></p><p><span style=\\\"background-color: transparent;\\\">VNI VLAN VRF Source</span></p><p><span style=\\\"background-color: transparent;\\\">------------ ---------- --------- ------------</span></p><p><span style=\\\"background-color: rgb(255, 255, 0);\\\">200000</span><span style=\\\"background-color: transparent;\\\"> </span><span style=\\\"background-color: rgb(255, 255, 0);\\\">1006</span><span style=\\\"background-color: transparent;\\\"> red evpn</span></p><br><br><p><span style=\\\"background-color: transparent;\\\">switch> show vlan</span></p><p><span style=\\\"background-color: transparent;\\\">VLAN Name Status Ports</span></p><p><span style=\\\"background-color: transparent;\\\">----- -------------------------------- --------- -------------------------------</span></p><p><span style=\\\"background-color: rgb(255, 255, 0);\\\">100</span><span style=\\\"background-color: transparent;\\\"> VLAN0100 active Cpu, </span><span style=\\\"background-color: rgb(255, 255, 0);\\\">Vx1</span></p><p><span style=\\\"background-color: rgb(255, 255, 0);\\\">1006</span><span style=\\\"background-color: transparent;\\\">* VLAN1006 active Cpu, </span><span style=\\\"background-color: rgb(255, 255, 0);\\\">Vx1</span></p><br><br><p><span style=\\\"background-color: transparent;\\\">switch> show ip interface brief</span></p><p><span style=\\\"background-color: transparent;\\\"> Address</span></p><p><span style=\\\"background-color: transparent;\\\">Interface IP Address Status Protocol MTU Owner</span></p><p><span style=\\\"background-color: transparent;\\\">----------------- --------------------- ------------ -------------- ----------- -------</span></p><p><span style=\\\"background-color: rgb(255, 255, 0);\\\">Vlan100</span><span style=\\\"background-color: transparent;\\\"> 1.0.0.1/24 </span><span style=\\\"background-color: rgb(255, 255, 0);\\\">up</span><span style=\\\"background-color: transparent;\\\"> up 1500</span></p><p><span style=\\\"background-color: rgb(255, 255, 0);\\\">Vlan1006</span><span style=\\\"background-color: transparent;\\\"> unassigned </span><span style=\\\"background-color: rgb(255, 255, 0);\\\">up</span><span style=\\\"background-color: transparent;\\\"> up 10168</span></p></td></tr></tbody></table></div><br><p><span style=\\\"background-color: transparent;\\\">From the above outputs, it can be seen that IP routing is enabled, VXLAN is configured, and VNIs 100000 (mapped to VLAN 100) and 200000 (mapped to VRF red) are routable.</span></p></b><br><br>\"}], \"value\": \"In order to be vulnerable to CVE-2023-24548, the following three conditions must be met:\\n\\n\\nIP routing should be enabled:\\n\\n\\nSwitch> show running-config section ip routing\\n\\nip routing\\n\\n\\n\\n\\nAND\\n\\n\\nVXLAN should be configured - a sample configuration is found below:\\n\\n\\n# Loopback interface configuration\\n\\nswitch> show running-config section loopback\\n\\ninterface Loopback0\\n\\n\\u00a0 \\u00a0ip address 10.0.0.1/32\\n\\n\\n# VXLAN VTEP configuration\\n\\nswitch> show running-config section vxlan\\n\\ninterface Vxlan1\\n\\n\\u00a0 \\u00a0vxlan source-interface Loopback0\\n\\n\\u00a0 \\u00a0vxlan udp-port 4789\\n\\n\\u00a0 \\u00a0vxlan flood vtep 10.0.0.2\\n\\n\\n\\n\\nAND\\n\\n\\nVXLAN extended VLAN or VNI must be routable - two examples are shown below:\\u00a0\\n\\n\\n# Overlay interface\\n\\nswitch> show running-config section vlan\\n\\nvlan 100\\n\\ninterface Ethernet1/1\\n\\n\\u00a0 \\u00a0switchport access vlan 100\\n\\ninterface Vlan100\\n\\n\\u00a0 \\u00a0ip address 1.0.0.1/24\\n\\n\\nInterface Vxlan1\\n\\n\\u00a0 vxlan vlan 100 vni 100000\\n\\n\\n\\n\\nswitch> show running-config section red\\n\\nvrf instance red\\n\\nip routing vrf red\\n\\n\\ninterface Vxlan1\\n\\n\\u00a0 \\u00a0vxlan vrf red vni 200000\\n\\n\\n\\n\\n\\nWhether such a configuration exists can be checked as follows:\\n\\n\\nswitch> show vxlan vni\\n\\nVNI to VLAN Mapping for Vxlan1\\n\\nVNI \\u00a0 \\u00a0 \\u00a0 \\u00a0 VLAN \\u00a0 \\u00a0 \\u00a0 Source \\u00a0 \\u00a0 \\u00a0 Interface \\u00a0 \\u00a0 \\u00a0 \\u00a0 802.1Q Tag\\n\\n------------ ---------- ------------ ----------------- ----------\\n\\n100000 \\u00a0 \\u00a0 \\u00a0 100\\u00a0 \\u00a0 \\u00a0 \\u00a0 static \\u00a0 \\u00a0 \\u00a0 Ethernet1/1 \\u00a0 \\u00a0 \\u00a0 untagged\\n\\n\\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0Vxlan1 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 100\\n\\n\\nVNI to dynamic VLAN Mapping for Vxlan1\\n\\nVNI \\u00a0 \\u00a0 \\u00a0 \\u00a0 VLAN \\u00a0 \\u00a0 \\u00a0 VRF \\u00a0 \\u00a0 \\u00a0 Source\\n\\n------------ ---------- --------- ------------\\n\\n200000 \\u00a0 \\u00a0 \\u00a0 1006 \\u00a0 \\u00a0 \\u00a0 red \\u00a0 \\u00a0 \\u00a0 evpn\\n\\n\\n\\nswitch> show vlan\\n\\nVLAN Name \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 Status \\u00a0 Ports\\n\\n----- -------------------------------- --------- -------------------------------\\n\\n100 \\u00a0 VLAN0100 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 active \\u00a0 Cpu, Vx1\\n\\n1006* VLAN1006 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 active \\u00a0 Cpu, Vx1\\n\\n\\n\\nswitch> show ip interface brief\\n\\n\\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0Address\\n\\nInterface \\u00a0 \\u00a0 \\u00a0 \\u00a0 IP Address \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 Status \\u00a0 \\u00a0 \\u00a0 Protocol \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 MTU \\u00a0 Owner\\n\\n----------------- --------------------- ------------ -------------- ----------- -------\\n\\nVlan100 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 1.0.0.1/24 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 up \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 up \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 1500\\n\\nVlan1006\\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 unassigned \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 up \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 up \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 10168\\n\\n\\n\\n\\nFrom the above outputs, it can be seen that IP routing is enabled, VXLAN is configured, and VNIs 100000 (mapped to VLAN 100) and 200000 (mapped to VRF red) are routable.\\n\\n\\n\\n\"}], \"datePublic\": \"2023-08-23T15:00:00.000Z\", \"descriptions\": [{\"lang\": \"en\", \"supportingMedia\": [{\"base64\": false, \"type\": \"text/html\", \"value\": \"<b><span style=\\\"background-color: transparent;\\\">On</span> <span style=\\\"background-color: transparent;\\\">affected platforms running Arista EOS with VXLAN configured, malformed or truncated packets received over a VXLAN tunnel and forwarded in hardware can cause egress ports to be unable to forward packets. The device will continue to be susceptible to the issue until remediation is in place.</span></b><br>\"}], \"value\": \"On affected platforms running Arista EOS with VXLAN configured, malformed or truncated packets received over a VXLAN tunnel and forwarded in hardware can cause egress ports to be unable to forward packets. The device will continue to be susceptible to the issue until remediation is in place.\\n\"}], \"impacts\": [{\"capecId\": \"CAPEC-583\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-583 Disabling Network Hardware\"}]}], \"metrics\": [{\"cvssV3_1\": {\"attackComplexity\": \"HIGH\", \"attackVector\": \"ADJACENT_NETWORK\", \"availabilityImpact\": \"HIGH\", \"baseScore\": 5.3, \"baseSeverity\": \"MEDIUM\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"scope\": \"UNCHANGED\", \"userInteraction\": \"NONE\", \"vectorString\": \"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"version\": \"3.1\"}, \"format\": \"CVSS\", \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"problemTypes\": [{\"descriptions\": [{\"cweId\": \"CWE-120\", \"description\": \"CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')\", \"lang\": \"en\", \"type\": \"CWE\"}]}], \"providerMetadata\": {\"orgId\": \"c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7\", \"shortName\": \"Arista\", \"dateUpdated\": \"2023-08-29T16:13:10.451Z\"}, \"references\": [{\"url\": \"https://www.arista.com/en/support/advisories-notices/security-advisory/18043-security-advisory-0089\"}], \"solutions\": [{\"lang\": \"en\", \"supportingMedia\": [{\"base64\": false, \"type\": \"text/html\", \"value\": \"<b><p><span style=\\\"background-color: transparent;\\\">The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. For more information about upgrading see </span><a target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.arista.com/en/um-eos/eos-upgrades-and-downgrades\\\"><span style=\\\"background-color: transparent;\\\">EOS User Manual: Upgrades and Downgrades</span></a></p><br><p><span style=\\\"background-color: transparent;\\\">CVE-2023-24548 has been fixed in the following releases:</span></p><ul><li><p><span style=\\\"background-color: transparent;\\\">4.30.0F and later releases in the 4.30.x train</span></p></li><li><p><span style=\\\"background-color: transparent;\\\">4.29.0F and later releases in the 4.29.x train</span></p></li><li><p><span style=\\\"background-color: transparent;\\\">4.28.0F and later releases in the 4.28.x train</span></p></li><li><p><span style=\\\"background-color: transparent;\\\">4.27.0F and later releases in the 4.27.x train</span></p></li><li><p><span style=\\\"background-color: transparent;\\\">4.26.0F and later releases in the 4.26.x train</span></p></li><li><p><span style=\\\"background-color: transparent;\\\">4.25.1F and later releases in the 4.25.x train</span></p></li></ul><span style=\\\"background-color: transparent;\\\">No remediation is planned for EOS software versions that are beyond their </span><a target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.arista.com/en/support/product-documentation/eos-life-cycle-policy\\\"><span style=\\\"background-color: transparent;\\\">standard EOS support lifecycle</span></a><span style=\\\"background-color: transparent;\\\"> (i.e. 4.22, 4.23).</span></b><br>\"}], \"value\": \"The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. For more information about upgrading see EOS User Manual: Upgrades and Downgrades https://www.arista.com/en/um-eos/eos-upgrades-and-downgrades \\n\\n\\nCVE-2023-24548 has been fixed in the following releases:\\n\\n * 4.30.0F and later releases in the 4.30.x train\\n\\n\\n * 4.29.0F and later releases in the 4.29.x train\\n\\n\\n * 4.28.0F and later releases in the 4.28.x train\\n\\n\\n * 4.27.0F and later releases in the 4.27.x train\\n\\n\\n * 4.26.0F and later releases in the 4.26.x train\\n\\n\\n * 4.25.1F and later releases in the 4.25.x train\\n\\n\\n\\n\\nNo remediation is planned for EOS software versions that are beyond their standard EOS support lifecycle https://www.arista.com/en/support/product-documentation/eos-life-cycle-policy (i.e. 4.22, 4.23).\\n\"}], \"source\": {\"advisory\": \"Security Advisory 89\", \"defect\": [\"828687\"], \"discovery\": \"INTERNAL\"}, \"title\": \"On affected platforms running Arista EOS with VXLAN configured, malformed or truncated packets received over a VXLAN tunnel and forwarded in hardware can cause egress ports to be unable to forward packets\", \"workarounds\": [{\"lang\": \"en\", \"supportingMedia\": [{\"base64\": false, \"type\": \"text/html\", \"value\": \"<b><span style=\\\"background-color: transparent;\\\">There is no known mitigation for the issue. The recommended resolution is to upgrade to a remediated software version at your earliest convenience.</span></b><br>\"}], \"value\": \"There is no known mitigation for the issue. The recommended resolution is to upgrade to a remediated software version at your earliest convenience.\\n\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}}, \"adp\": [{\"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T11:03:18.834Z\"}, \"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.arista.com/en/support/advisories-notices/security-advisory/18043-security-advisory-0089\", \"tags\": [\"x_transferred\"]}]}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-24548\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-30T17:34:44.954023Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-30T17:46:14.286Z\"}}]}", cveMetadata: "{\"cveId\": \"CVE-2023-24548\", \"assignerOrgId\": \"c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"Arista\", \"dateReserved\": \"2023-01-26T11:37:43.827Z\", \"datePublished\": \"2023-08-29T16:13:10.451Z\", \"dateUpdated\": \"2024-09-30T17:46:19.199Z\"}", dataType: "CVE_RECORD", dataVersion: "5.1", }, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…