Filters

Arista EOSOn affected platforms running Arista EOS with mirroring to multiple destinations configured, an internal system error may trigger a kernel panic and cause system reload.

7.5
First published (updated )

Arista EOSOn affected platforms running Arista EOS with VXLAN configured, malformed or truncated packets received over a VXLAN tunnel and forwarded in hardware can cause egress ports to be unable to forward packets

First published (updated )

Arista EOSOn the affected platforms running EOS, a malformed DHCP packet might cause the DHCP relay agent to r…

7.5
First published (updated )

Arista EOSOn affected platforms running Arista EOS, an authorized attacker with permissions to perform gNMI re…

8.8
First published (updated )

Arista EOSCVE-2023-24509

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Arista EOSOn affected platforms running Arista EOS with SNMP configured, a specially crafted packet can cause …

7.5
First published (updated )

Arista EOSFor certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling message with an invalid Type-Length-Value (TLV) causes the PTP agent to restart. Repeated restarts of the service will make the service unavailable.

7.5
First published (updated )

Arista EOSThis advisory documents the impact of an internally found vulnerability in Arista EOS for security ACL bypass. The impact of this vulnerability is that the security ACL drop rule might be bypassed if a NAT ACL rule filter with permit action matches t ...

First published (updated )

Arista EOSTerminAttr streams MACsec sensitive data in clear text to other authorized users in CVP

First published (updated )

Arista EOSTerminAttr streams IPsec sensitive data in clear text to other authorized users in CVP

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Arista EOSOn Arista Strata family products which have “TCAM profile” feature enabled when Port IPv4 access-list has a rule which matches on “vxlan” as protocol then that rule and subsequent rules ( rules declared after it in ACL ) do not match on IP protocol fi ...

7.5
First published (updated )

Arista EOSOn affected Arista EOS platforms, if a VXLAN match rule exists in an IPv4 access-list that is applied to the ingress of an L2 or an L3 port/SVI, the VXLAN rule and subsequent ACL rules in that access list will ignore the specified IP protocol.

7.5
First published (updated )

Arista EOSIn Arista's EOS software affected releases, eAPI might skip re-evaluating user credentials when certificate based authentication is used, which allows remote attackers to access the device via eAPI.

First published (updated )

Arista EOSAn issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local users with nopassword configuration.

First published (updated )

Arista EOSAn issue has recently been discovered in Arista EOS where, under certain conditions, the service ACL configured for OpenConfig gNOI and OpenConfig RESTCONF might be bypassed, which results in the denied requests being forwarded to the agent.

7.1
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Arista EOSAn issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip authorization and authentication which could potentially allow a factory reset of the device.

First published (updated )

Arista EOSIn Arista's EOS software affected releases, the shared secret profiles sensitive configuration might be leaked when displaying output over eAPI or other JSON outputs to authenticated users on the device.

First published (updated )

Arista EOSIn Arista EOS malformed packets can be incorrectly forwarded across VLAN boundaries in one direction…

First published (updated )

Arista EOSAn issue with ARP packets in Arista’s EOS affecting the 7800R3, 7500R3, and 7280R3 series of product…

7.4
First published (updated )

Arista EOSIn EVPN VxLAN setups in Arista EOS, specific malformed packets can lead to incorrect MAC to IP bindi…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Arista EOSArista EOS before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23.5M, and 4.24.x before 4.24.2F …

7.5
First published (updated )

Arista EOSArista EOS before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23.5M, and 4.24.x before 4.24.2F …

7.5
First published (updated )

Arista EOSWhen receiving a query, dnsmasq does not check if there is already a pending request for the same na…

First published (updated )

Arista EOSWeak Encryption

First published (updated )

Arista EOSWhen getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query() if the reply …

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Arista EOSAn issue was found in Arista EOS. Specific malformed ARP packets can impact the software forwarding …

7.5
First published (updated )

Juniper JUNOSBuffer Overflow

First published (updated )

Arista EOSInteger Overflow

First published (updated )

Arista EOSThe ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows attackers to cause a de…

First published (updated )

Arista EOSBuffer Overflow

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Arista CloudVision PortalGo before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic conta…

7.5
First published (updated )

Arista EOSArista EOS through 4.21.0F allows a crash because 802.1x authentication is mishandled.

First published (updated )

Arista EOSArista EOS before 4.20.2F allows remote BGP peers to cause a denial of service (Rib agent restart) v…

7.5
First published (updated )

Arista EOSThe Mlag agent in Arista EOS 4.19 before 4.19.4M and 4.20 before 4.20.2F allows remote attackers to …

First published (updated )

Linux Linux kernelUse After Free

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Arubanetworks ArubaosBuffer Overflow

First published (updated )

Arista EOSArista EOS before 4.11.12, 4.12 before 4.12.11, 4.13 before 4.13.14M, 4.14 before 4.14.5FX.5, and 4.…

First published (updated )

Debian Debian LinuxDivide by Zero

7.5
First published (updated )

Arista EOSThe process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process tran…

3.5
First published (updated )

Redhat Enterprise Linux For Power Big Endian EusThe C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

SUSE Linux Enterprise ServerBuffer Overflow

7.5
First published (updated )

Redhat Enterprise Linux Compute Node EusBuffer Overflow

First published (updated )

IBM QRadar Security Information and Event ManagerGNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability

First published (updated )

IBM QRadar Security Information and Event ManagerGNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability

First published (updated )

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203