CVE-2020-15898
First published: Mon Dec 28 2020(Updated: )
In Arista EOS malformed packets can be incorrectly forwarded across VLAN boundaries in one direction. This vulnerability is only susceptible to exploitation by unidirectional traffic (ex. UDP) and not bidirectional traffic (ex. TCP). This affects: EOS 7170 platforms version 4.21.4.1F and below releases in the 4.21.x train; EOS X-Series versions 4.21.11M and below releases in the 4.21.x train; 4.22.6M and below releases in the 4.22.x train; 4.23.4M and below releases in the 4.23.x train; 4.24.2.1F and below releases in the 4.24.x train.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Arista EOS | >=4.21.0f<=4.21.4.1f | |
| Arista 7170-32c | ||
| Arista 7170-32cd | ||
| Arista 7170-64c | ||
| Arista EOS | >=4.21.0f<=4.21.11m | |
| Arista EOS | >=4.22.0f<=4.22.6m | |
| Arista EOS | >=4.23.0f<=4.23.4m | |
| Arista EOS | >=4.24.0f<=4.24.2.1f | |
| Arista 7050cx3-32s | ||
| Arista 7050cx3m-32s | ||
| Arista 7050qx-32s | ||
| Arista 7050qx2-32s | ||
| Arista 7050sx-128 | ||
| Arista 7050sx-64 | ||
| Arista 7050sx-72q | ||
| Arista 7050sx2-128 | ||
| Arista 7050sx2-72q | ||
| Arista 7050sx3-48c8 | ||
| Arista 7050sx3-48yc | ||
| Arista 7050sx3-48yc12 | ||
| Arista 7050sx3-48yc8 | ||
| Arista 7050sx3-96yc8 | ||
| Arista 7050tx-48 | ||
| Arista 7050tx-64 | ||
| Arista 7050tx-72q | ||
| Arista 7050tx2-128 | ||
| Arista 7050tx3-48c8 | ||
| Arista 7060cx-32s | ||
| Arista 7060cx2-32s | ||
| Arista 7060dx4-32 | ||
| Arista 7060px4-32 | ||
| Arista 7060sx2-48yc6 | ||
| Arista 720xp-24y6 | ||
| Arista 720xp-24zy4 | ||
| Arista 720xp-48y6 | ||
| Arista 720xp-48zc2 | ||
| Arista 720xp-96zc2 | ||
| Arista 7250qx-64 | ||
| Arista 7260cx | ||
| Arista 7260cx3 | ||
| Arista 7260cx3-64 | ||
| Arista 7260qx | ||
| Arista 7300x-32q | ||
| Arista 7300x-64s | ||
| Arista 7300x-64t | ||
| Arista 7300x3-32c | ||
| Arista 7300x3-48yc4 | ||
| Arista 7304x3 | ||
| Arista 7308x3 | ||
| Arista 7320x-32c | ||
| Arista 7324x | ||
| Arista 7328x | ||
| Arista 7368x4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-15898?
CVE-2020-15898 is a vulnerability in Arista EOS where malformed packets can be incorrectly forwarded across VLAN boundaries in one direction.
What is the severity of CVE-2020-15898?
The severity of CVE-2020-15898 is medium with a CVSS score of 5.3.
Which Arista platforms are affected by CVE-2020-15898?
EOS 7170 platforms version 4.21.4.1F and below are affected.
Can the vulnerability be exploited with bidirectional traffic?
No, this vulnerability is only susceptible to exploitation by unidirectional traffic (ex. UDP) and not bidirectional traffic (ex. TCP).
How can I fix CVE-2020-15898?
To fix CVE-2020-15898, upgrade your EOS 7170 platforms to version 4.21.4.1G or later.
- collector/nvd-index
- agent/severity
- agent/references
- agent/author
- agent/description
- agent/type
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/arista
- canonical/arista eos
- version/arista eos/4.21.0f
- version/arista eos/4.21.4.1f
- canonical/arista 7170-32c
- canonical/arista 7170-32cd
- canonical/arista 7170-64c
- version/arista eos/4.21.11m
- version/arista eos/4.22.0f
- version/arista eos/4.22.6m
- version/arista eos/4.23.0f
- version/arista eos/4.23.4m
- version/arista eos/4.24.0f
- version/arista eos/4.24.2.1f
- canonical/arista 7050cx3-32s
- canonical/arista 7050cx3m-32s
- canonical/arista 7050qx-32s
- canonical/arista 7050qx2-32s
- canonical/arista 7050sx-128
- canonical/arista 7050sx-64
- canonical/arista 7050sx-72q
- canonical/arista 7050sx2-128
- canonical/arista 7050sx2-72q
- canonical/arista 7050sx3-48c8
- canonical/arista 7050sx3-48yc
- canonical/arista 7050sx3-48yc12
- canonical/arista 7050sx3-48yc8
- canonical/arista 7050sx3-96yc8
- canonical/arista 7050tx-48
- canonical/arista 7050tx-64
- canonical/arista 7050tx-72q
- canonical/arista 7050tx2-128
- canonical/arista 7050tx3-48c8
- canonical/arista 7060cx-32s
- canonical/arista 7060cx2-32s
- canonical/arista 7060dx4-32
- canonical/arista 7060px4-32
- canonical/arista 7060sx2-48yc6
- canonical/arista 720xp-24y6
- canonical/arista 720xp-24zy4
- canonical/arista 720xp-48y6
- canonical/arista 720xp-48zc2
- canonical/arista 720xp-96zc2
- canonical/arista 7250qx-64
- canonical/arista 7260cx
- canonical/arista 7260cx3
- canonical/arista 7260cx3-64
- canonical/arista 7260qx
- canonical/arista 7300x-32q
- canonical/arista 7300x-64s
- canonical/arista 7300x-64t
- canonical/arista 7300x3-32c
- canonical/arista 7300x3-48yc4
- canonical/arista 7304x3
- canonical/arista 7308x3
- canonical/arista 7320x-32c
- canonical/arista 7324x
- canonical/arista 7328x
- canonical/arista 7368x4