Advisory Published
Updated

CVE-2020-15898

First published: Mon Dec 28 2020(Updated: )

In Arista EOS malformed packets can be incorrectly forwarded across VLAN boundaries in one direction. This vulnerability is only susceptible to exploitation by unidirectional traffic (ex. UDP) and not bidirectional traffic (ex. TCP). This affects: EOS 7170 platforms version 4.21.4.1F and below releases in the 4.21.x train; EOS X-Series versions 4.21.11M and below releases in the 4.21.x train; 4.22.6M and below releases in the 4.22.x train; 4.23.4M and below releases in the 4.23.x train; 4.24.2.1F and below releases in the 4.24.x train.

Credit: cve@mitre.org

Affected SoftwareAffected VersionHow to fix
Arista EOS>=4.21.0f<=4.21.4.1f
Arista 7170-32c
Arista 7170-32cd
Arista 7170-64c
Arista EOS>=4.21.0f<=4.21.11m
Arista EOS>=4.22.0f<=4.22.6m
Arista EOS>=4.23.0f<=4.23.4m
Arista EOS>=4.24.0f<=4.24.2.1f
Arista 7050cx3-32s
Arista 7050cx3m-32s
Arista 7050qx-32s
Arista 7050qx2-32s
Arista 7050sx-128
Arista 7050sx-64
Arista 7050sx-72q
Arista 7050sx2-128
Arista 7050sx2-72q
Arista 7050sx3-48c8
Arista 7050sx3-48yc
Arista 7050sx3-48yc12
Arista 7050sx3-48yc8
Arista 7050sx3-96yc8
Arista 7050tx-48
Arista 7050tx-64
Arista 7050tx-72q
Arista 7050tx2-128
Arista 7050tx3-48c8
Arista 7060cx-32s
Arista 7060cx2-32s
Arista 7060dx4-32
Arista 7060px4-32
Arista 7060sx2-48yc6
Arista 720xp-24y6
Arista 720xp-24zy4
Arista 720xp-48y6
Arista 720xp-48zc2
Arista 720xp-96zc2
Arista 7250qx-64
Arista 7260cx
Arista 7260cx3
Arista 7260cx3-64
Arista 7260qx
Arista 7300x-32q
Arista 7300x-64s
Arista 7300x-64t
Arista 7300x3-32c
Arista 7300x3-48yc4
Arista 7304x3
Arista 7308x3
Arista 7320x-32c
Arista 7324x
Arista 7328x
Arista 7368x4

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is CVE-2020-15898?

    CVE-2020-15898 is a vulnerability in Arista EOS where malformed packets can be incorrectly forwarded across VLAN boundaries in one direction.

  • What is the severity of CVE-2020-15898?

    The severity of CVE-2020-15898 is medium with a CVSS score of 5.3.

  • Which Arista platforms are affected by CVE-2020-15898?

    EOS 7170 platforms version 4.21.4.1F and below are affected.

  • Can the vulnerability be exploited with bidirectional traffic?

    No, this vulnerability is only susceptible to exploitation by unidirectional traffic (ex. UDP) and not bidirectional traffic (ex. TCP).

  • How can I fix CVE-2020-15898?

    To fix CVE-2020-15898, upgrade your EOS 7170 platforms to version 4.21.4.1G or later.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203