What is the severity of CVE-2015-8236?

CVE-2015-8236 has a high severity, allowing remote attackers to execute arbitrary code as root.

How do I fix CVE-2015-8236?

To fix CVE-2015-8236, upgrade to Arista EOS versions 4.11.12 or later, 4.12.11 or later, 4.13.14M or later, 4.14.5FX.5 or later, or 4.15.0FX1.1 or later.

What versions of Arista EOS are affected by CVE-2015-8236?

CVE-2015-8236 affects versions of Arista EOS prior to 4.11.12, 4.12 before 4.12.11, 4.13 before 4.13.14M, 4.14 before 4.14.5FX.5, and 4.15 before 4.15.0FX1.1.

Can CVE-2015-8236 be exploited remotely?

Yes, CVE-2015-8236 can be exploited remotely due to compromised management-plane access.

What are the potential impacts of CVE-2015-8236?

Exploitation of CVE-2015-8236 may lead to unauthorized root access and potential full system compromise.

Vulnerability/
CVE-2015-8236

critical

CWE

264

19/11/2015

6/8/2024

CVE-2015-8236

First published: Thu Nov 19 2015(Updated: )

Arista EOS before 4.11.12, 4.12 before 4.12.11, 4.13 before 4.13.14M, 4.14 before 4.14.5FX.5, and 4.15 before 4.15.0FX1.1 allows remote attackers to execute arbitrary code as root by leveraging management-plane access, aka Bug 138716.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Arista EOS	<=4.11.11
Arista EOS	=4.12.5.2
Arista EOS	=4.12.6.1
Arista EOS	=4.12.7.1
Arista EOS	=4.12.8
Arista EOS	=4.12.8.1
Arista EOS	=4.12.9
Arista EOS	=4.12.10
Arista EOS	=4.13.1.1f
Arista EOS	=4.13.2.1f
Arista EOS	=4.13.3.1f
Arista EOS	=4.13.4.1f
Arista EOS	=4.13.5
Arista EOS	=4.13.5.1f
Arista EOS	=4.13.6
Arista EOS	=4.13.7.2m
Arista EOS	=4.13.7.3m
Arista EOS	=4.13.7m
Arista EOS	=4.13.8m
Arista EOS	=4.13.9.1m
Arista EOS	=4.13.9m
Arista EOS	=4.13.10m
Arista EOS	=4.13.11m
Arista EOS	=4.13.12m
Arista EOS	=4.13.13m
Arista EOS	=4.14.0f
Arista EOS	=4.14.1f
Arista EOS	=4.14.2f
Arista EOS	=4.14.3.1f
Arista EOS	=4.14.3f
Arista EOS	=4.14.4.1f
Arista EOS	=4.14.4.2f
Arista EOS	=4.14.4f
Arista EOS	=4.14.5.1f-ssu
Arista EOS	=4.14.5f
Arista EOS	=4.14.5fx
Arista EOS	=4.14.5fx.1
Arista EOS	=4.14.5fx.2
Arista EOS	=4.14.5fx.3
Arista EOS	=4.14.5fx.4
Arista EOS	=4.14.6f
Arista EOS	=4.14.7.1f
Arista EOS	=4.14.7f
Arista EOS	=4.14.8.1f
Arista EOS	=4.14.8f
Arista EOS	=4.14.9
Arista EOS	=4.15.0f
Arista EOS	=4.15.0fx
Arista EOS	=4.15.0fx1
Arista EOS	=4.15.0fxa
Arista EOS	=4.15.1f
Arista EOS	=4.15.1fx-7060qx
Arista EOS	=4.15.1fx-7060x
Arista EOS	=4.15.1fxb
Arista EOS	=4.15.2f

Never miss a vulnerability like this again

Reference Links

https://www.arista.com/support/advisories-notices/security-advisories/1221-security-advisory-15

Frequently Asked Questions

What is the severity of CVE-2015-8236?
CVE-2015-8236 has a high severity, allowing remote attackers to execute arbitrary code as root.
How do I fix CVE-2015-8236?
To fix CVE-2015-8236, upgrade to Arista EOS versions 4.11.12 or later, 4.12.11 or later, 4.13.14M or later, 4.14.5FX.5 or later, or 4.15.0FX1.1 or later.
What versions of Arista EOS are affected by CVE-2015-8236?
CVE-2015-8236 affects versions of Arista EOS prior to 4.11.12, 4.12 before 4.12.11, 4.13 before 4.13.14M, 4.14 before 4.14.5FX.5, and 4.15 before 4.15.0FX1.1.
Can CVE-2015-8236 be exploited remotely?
Yes, CVE-2015-8236 can be exploited remotely due to compromised management-plane access.
What are the potential impacts of CVE-2015-8236?
Exploitation of CVE-2015-8236 may lead to unauthorized root access and potential full system compromise.

collector/nvd-index
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/references
agent/author
agent/severity
agent/last-modified-date
agent/weakness
agent/description
agent/event
agent/tags
agent/first-publish-date
agent/source
vendor/arista
canonical/arista eos
version/arista eos/4.11.11
version/arista eos/4.12.5.2
version/arista eos/4.12.6.1
version/arista eos/4.12.7.1
version/arista eos/4.12.8
version/arista eos/4.12.8.1
version/arista eos/4.12.9
version/arista eos/4.12.10
version/arista eos/4.13.1.1f
version/arista eos/4.13.2.1f
version/arista eos/4.13.3.1f
version/arista eos/4.13.4.1f
version/arista eos/4.13.5
version/arista eos/4.13.5.1f
version/arista eos/4.13.6
version/arista eos/4.13.7.2m
version/arista eos/4.13.7.3m
version/arista eos/4.13.7m
version/arista eos/4.13.8m
version/arista eos/4.13.9.1m
version/arista eos/4.13.9m
version/arista eos/4.13.10m
version/arista eos/4.13.11m
version/arista eos/4.13.12m
version/arista eos/4.13.13m
version/arista eos/4.14.0f
version/arista eos/4.14.1f
version/arista eos/4.14.2f
version/arista eos/4.14.3.1f
version/arista eos/4.14.3f
version/arista eos/4.14.4.1f
version/arista eos/4.14.4.2f
version/arista eos/4.14.4f
version/arista eos/4.14.5.1f-ssu
version/arista eos/4.14.5f
version/arista eos/4.14.5fx
version/arista eos/4.14.5fx.1
version/arista eos/4.14.5fx.2
version/arista eos/4.14.5fx.3
version/arista eos/4.14.5fx.4
version/arista eos/4.14.6f
version/arista eos/4.14.7.1f
version/arista eos/4.14.7f
version/arista eos/4.14.8.1f
version/arista eos/4.14.8f
version/arista eos/4.14.9
version/arista eos/4.15.0f
version/arista eos/4.15.0fx
version/arista eos/4.15.0fx1
version/arista eos/4.15.0fxa
version/arista eos/4.15.1f
version/arista eos/4.15.1fx-7060qx
version/arista eos/4.15.1fx-7060x
version/arista eos/4.15.1fxb
version/arista eos/4.15.2f