VYPR

Eos

by Arista

CVEs (63)

  • CVE-2023-24510Jun 5, 2023
    risk 0.00cvss epss 0.01

    On the affected platforms running EOS, a malformed DHCP packet might cause the DHCP relay agent to restart.

  • CVE-2023-24512Apr 25, 2023
    risk 0.00cvss epss 0.01

    On affected platforms running Arista EOS, an authorized attacker with permissions to perform gNMI requests could craft a request allowing it to update arbitrary configurations in the switch. This situation occurs only when the Streaming Telemetry Agent (referred to as the…

  • CVE-2023-24509Apr 13, 2023
    risk 0.00cvss epss 0.00

    On affected modular platforms running Arista EOS equipped with both redundant supervisor modules and having the redundancy protocol configured with RPR or SSO, an existing unprivileged user can login to the standby supervisor as a root user, leading to a privilege escalation.…

  • CVE-2023-24511Apr 12, 2023
    risk 0.00cvss epss 0.01

    On affected platforms running Arista EOS with SNMP configured, a specially crafted packet can cause a memory leak in the snmpd process. This may result in the snmpd processing being terminated (causing SNMP requests to time out until snmpd is automatically restarted) and…

  • CVE-2021-28510Jan 24, 2023
    risk 0.00cvss epss 0.01

    For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling message with an invalid Type-Length-Value (TLV) causes the PTP agent to restart. Repeated restarts of the service will make the service unavailable.

  • CVE-2021-28511Aug 5, 2022
    risk 0.00cvss epss 0.00

    This advisory documents the impact of an internally found vulnerability in Arista EOS for security ACL bypass. The impact of this vulnerability is that the security ACL drop rule might be bypassed if a NAT ACL rule filter with permit action matches the packet flow. This could…

  • CVE-2021-28509May 26, 2022
    risk 0.00cvss epss 0.00

    This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak MACsec sensitive data in…

  • CVE-2021-28508May 26, 2022
    risk 0.00cvss epss 0.00

    This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak IPsec sensitive data in…

  • CVE-2021-28505Apr 14, 2022
    risk 0.00cvss epss 0.01

    On affected Arista EOS platforms, if a VXLAN match rule exists in an IPv4 access-list that is applied to the ingress of an L2 or an L3 port/SVI, the VXLAN rule and subsequent ACL rules in that access list will ignore the specified IP protocol.

  • CVE-2021-28500Jan 14, 2022
    risk 0.00cvss epss 0.01

    An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local users with nopassword configuration.

  • CVE-2021-28507Jan 14, 2022
    risk 0.00cvss epss 0.01

    An issue has recently been discovered in Arista EOS where, under certain conditions, the service ACL configured for OpenConfig gNOI and OpenConfig RESTCONF might be bypassed, which results in the denied requests being forwarded to the agent.

  • CVE-2021-28506Jan 14, 2022
    risk 0.00cvss epss 0.01

    An issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip authorization and authentication which could potentially allow a factory reset of the device.

  • CVE-2021-28501Jan 14, 2022
    risk 0.00cvss epss 0.01

    An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local users with nopassword configuration.

  • CVE-2021-28496Oct 21, 2021
    risk 0.00cvss epss 0.00

    On systems running Arista EOS and CloudEOS with the affected release version, when using shared secret profiles the password configured for use by BiDirectional Forwarding Detection (BFD) will be leaked when displaying output over eAPI or other JSON outputs to other…

  • CVE-2020-24360Dec 28, 2020
    risk 0.00cvss epss 0.01

    An issue with ARP packets in Arista’s EOS affecting the 7800R3, 7500R3, and 7280R3 series of products may result in issues that cause a kernel crash, followed by a device reload. The affected Arista EOS versions are: 4.24.2.4F and below releases in the 4.24.x train; 4.23.4M…

  • CVE-2020-26569Dec 28, 2020
    risk 0.00cvss epss 0.01

    In EVPN VxLAN setups in Arista EOS, specific malformed packets can lead to incorrect MAC to IP bindings and as a result packets can be incorrectly forwarded across VLAN boundaries. This can result in traffic being discarded on the receiving VLAN. This affects versions: 4.21.12M…

  • CVE-2020-15897Oct 26, 2020
    risk 0.00cvss epss 0.01

    Arista EOS before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23.5M, and 4.24.x before 4.24.2F allows remote attackers to cause traffic loss or incorrect forwarding of traffic via a malformed link-state PDU to the IS-IS router.

  • CVE-2020-17355Oct 21, 2020
    risk 0.00cvss epss 0.01

    Arista EOS before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23.5M, and 4.24.x before 4.24.2F allows remote attackers to cause a denial of service (restart of agents) by crafting a malformed DHCP packet which leads to an incorrect route being installed.

  • CVE-2019-18948Apr 16, 2020
    risk 0.00cvss epss 0.01

    An issue was found in Arista EOS. Specific malformed ARP packets can impact the software forwarding of VxLAN packets. This issue is found in Arista’s EOS VxLAN code, which can allow attackers to crash the VxlanSwFwd agent. This affects EOS 4.21.8M and below releases in the…

  • CVE-2019-14810Oct 10, 2019
    risk 0.00cvss epss 0.01

    A vulnerability has been found in the implementation of the Label Distribution Protocol (LDP) protocol in EOS. Under race conditions, the LDP agent can establish an LDP session with a malicious peer potentially allowing the possibility of a Denial of Service (DoS) attack on…