First published: Mon Dec 28 2020(Updated: )
In EVPN VxLAN setups in Arista EOS, specific malformed packets can lead to incorrect MAC to IP bindings and as a result packets can be incorrectly forwarded across VLAN boundaries. This can result in traffic being discarded on the receiving VLAN. This affects versions: 4.21.12M and below releases in the 4.21.x train; 4.22.7M and below releases in the 4.22.x train; 4.23.5M and below releases in the 4.23.x train; 4.24.2F and below releases in the 4.24.x train.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Arista EOS | >=4.21.0f<=4.21.12m | |
Arista EOS | >=4.22.0f<=4.22.7m | |
Arista EOS | >=4.23.0f<=4.23.5m | |
Arista EOS | >=4.24.0f<=4.24.2f | |
Arista 7010t-48 | ||
Arista 7050cx3-32s | ||
Arista 7050cx3m-32s | ||
Arista 7050qx-32s | ||
Arista 7050qx2-32s | ||
Arista 7050sx-128 | ||
Arista 7050sx-64 | ||
Arista 7050sx-72q | ||
Arista 7050sx2-128 | ||
Arista 7050sx2-72q | ||
Arista 7050sx3-48c8 | ||
Arista 7050sx3-48yc | ||
Arista 7050sx3-48yc12 | ||
Arista 7050sx3-48yc8 | ||
Arista 7050sx3-96yc8 | ||
Arista 7050tx-48 | ||
Arista 7050tx-64 | ||
Arista 7050tx-72q | ||
Arista 7050tx2-128 | ||
Arista 7050tx3-48c8 | ||
Arista 7060cx-32s | ||
Arista 7060cx2-32s | ||
Arista 7060dx4-32 | ||
Arista 7060px4-32 | ||
Arista 7060sx2-48yc6 | ||
Arista 720xp-24y6 | ||
Arista 720xp-24zy4 | ||
Arista 720xp-48y6 | ||
Arista 720xp-48zc2 | ||
Arista 720xp-96zc2 | ||
Arista 7250qx-64 | ||
Arista 7260cx | ||
Arista 7260cx3 | ||
Arista 7260cx3-64 | ||
Arista 7260qx | ||
Arista 7300x-32q | ||
Arista 7300x-64s | ||
Arista 7300x-64t | ||
Arista 7300x3-32c | ||
Arista 7300x3-48yc4 | ||
Arista 7304x3 | ||
Arista 7308x3 | ||
Arista 7320x-32c | ||
Arista 7324x | ||
Arista 7328x | ||
Arista 7368x4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-26569 is a vulnerability in EVPN VxLAN setups in Arista EOS where specific malformed packets can lead to incorrect MAC to IP bindings.
Arista EOS versions 4.21.12M and below releases in 4.21 series, 4.22.7M and below releases in 4.22 series, 4.23.5M and below releases in 4.23 series, and 4.24.2F and below releases in 4.24 series are affected by CVE-2020-26569.
The severity of CVE-2020-26569 is medium with a CVSS score of 5.9.
CVE-2020-26569 can be exploited by sending specific malformed packets in EVPN VxLAN setups in Arista EOS.
To fix CVE-2020-26569, it is recommended to upgrade to a fixed version of Arista EOS mentioned in the security advisory.