Latest Arista Vulnerabilities

CVE-2023-24547
On Arista MOS configuration of a BGP password will cause the password to be logged in clear text.
Arista MOS>=0.13.0<=0.39.4
Arista 7130
Arista 7130-16g3s
Arista 7130-48g3s
Arista 7130-96s
CVE-2023-3646
On affected platforms running Arista EOS with mirroring to multiple destinations configured, an internal system error may trigger a kernel panic and cause system reload.
Arista EOS>=4.28.2f<=4.28.5.1m
Arista EOS>=4.29.0<4.29.2f
Arista 7280cr3-32d4
Arista 7280cr3-32p4
Arista 7280cr3-36s
Arista 7280cr3-96
and 42 more
CVE-2023-24548
On affected platforms running Arista EOS with VXLAN configured, malformed or truncated packets received over a VXLAN tunnel and forwarded in hardware can cause egress ports to be unable to forward pac...
Arista EOS>=4.22.1f<=4.22.13m
Arista EOS>=4.23.0<=4.23.14m
Arista EOS>=4.24.0<=4.24.11m
Arista EOS=4.25.0f
Arista 7280cr3-32d4
Arista 7280cr3-32p4
and 41 more
CVE-2023-24546
On affected versions of the CloudVision Portal improper access controls on the connection from devices to CloudVision could enable a malicious actor with network access to CloudVision to get broader a...
Arista CloudVision Portal>=2021.1<=2021.3
Arista CloudVision Portal=2022.1.0
Arista CloudVision Portal=2022.1.1
Arista CloudVision Portal=2022.2.0
Arista CloudVision Portal=2022.2.1
Arista CloudVision Portal=2022.3.0
CVE-2023-24510
On the affected platforms running EOS, a malformed DHCP packet might cause the DHCP relay agent to restart.
Arista EOS<=4.25.10m
Arista EOS>=4.26.0<4.26.10m
Arista EOS>=4.27.0<4.27.10m
Arista EOS>=4.28.0<4.28.7m
Arista EOS>=4.29.0<4.29.2f
Arista Ceos
and 95 more
CVE-2023-24512
On affected platforms running Arista EOS, an authorized attacker with permissions to perform gNMI requests could craft a request allowing it to update arbitrary configurations in the switch. This situ...
Arista EOS>=4.26.0<4.26.10m
Arista EOS>=4.27.0<4.27.9m
Arista EOS>=4.28.0<4.28.6m
Arista EOS>=4.29.0<4.29.2f
Arista 32qd
Arista 48ehs
and 107 more
CVE-2023-24509
Arista EOS>=4.23<=4.23.13m
Arista EOS>=4.24.0<4.24.11m
Arista EOS>=4.25.0<4.25.10m
Arista EOS>=4.26.0<4.26.9m
Arista EOS>=4.27.0<4.27.7m
Arista EOS>=4.28.0<4.28.4m
and 20 more
CVE-2023-24545
On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial of service attack by sending malformed packets to the switch. This causes ...
Arista CloudEOS>=4.26.0<4.26.9m
Arista CloudEOS>=4.27.0<4.27.8m
Arista CloudEOS>=4.28.0<4.28.5m
Arista CloudEOS>=4.29.0<4.29.2f
Arista Dca-200-veos
CVE-2023-24511
On affected platforms running Arista EOS with SNMP configured, a specially crafted packet can cause a memory leak in the snmpd process. This may result in the snmpd processing being terminated (causin...
Arista EOS>=4.26.0<4.26.10m
Arista EOS>=4.27.0<4.27.9m
Arista EOS>=4.28.0<4.28.6m
Arista EOS>=4.29.0<4.29.2f
Arista Ceos-lab
Arista CloudEOS
and 108 more
CVE-2023-24513
On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial of service attack by sending malformed packets to the switch. This causes ...
Arista CloudEOS>=4.26.0<4.26.9m
Arista CloudEOS>=4.27.0<4.27.8m
Arista CloudEOS>=4.28.0<4.28.5m
Arista CloudEOS>=4.29.0<4.29.2f
Amazon Aws Marketplace
Equinix Network Edge
and 3 more
CVE-2021-28510
For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling message with an invalid Type-Length-Value (TLV) causes the PTP agent to restart. Repeated restarts of ...
Arista EOS<4.23.10
Arista EOS>=4.24.0<4.24.8
Arista EOS>=4.25.0<4.25.6
Arista EOS>=4.26.0<4.26.4
Arista EOS>=4.27.0<4.27.1
Arista 7020r
and 75 more
CVE-2022-29071
This advisory documents an internally found vulnerability in the on premises deployment model of Arista CloudVision Portal (CVP) where under a certain set of conditions, user passwords can be leaked i...
Arista CloudVision Portal>=2020.2.0<=2022.1.0
CVE-2021-28511
This advisory documents the impact of an internally found vulnerability in Arista EOS for security ACL bypass. The impact of this vulnerability is that the security ACL drop rule might be bypassed if ...
Arista EOS<=4.24.9
Arista EOS>=4.25.0<=4.25.8
Arista EOS>=4.26.0<=4.26.5
Arista EOS>=4.27.0<=4.27.3
Arista 7050cx3-32s
Arista 7050cx3m-32s
and 13 more
CVE-2021-28508
This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is...
Arista Terminattr<1.10.11
Arista Terminattr>=1.11.0<1.16.8
Arista Terminattr>=1.17.0<1.19.0
Arista EOS>=4.23<=4.23.11
Arista EOS>=4.24<4.24.10
Arista EOS>=4.25<4.25.8
and 45 more
CVE-2021-28509
This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is...
Arista Terminattr<1.10.11
Arista Terminattr>=1.11.0<1.16.8
Arista Terminattr>=1.17.0<1.19.2
Arista EOS>=4.23<=4.23.11
Arista EOS>=4.24<4.24.10
Arista EOS>=4.25<4.25.8
and 45 more
CVE-2021-28505
On affected Arista EOS platforms, if a VXLAN match rule exists in an IPv4 access-list that is applied to the ingress of an L2 or an L3 port/SVI, the VXLAN rule and subsequent ACL rules in that access ...
Arista EOS>=4.26<4.26.4m
Arista EOS>=4.27<4.27.1f
Arista Ccs-710p-12
Arista Ccs-710p-16p
Arista Ccs-720xp-24y6
Arista Ccs-720xp-24zy4
and 13 more
CVE-2021-28504
On Arista Strata family products which have “TCAM profile” feature enabled when Port IPv4 access-list has a rule which matches on “vxlan” as protocol then that rule and subsequent rules ( rules declar...
Arista EOS>=4.26<4.26.4m
Arista EOS>=4.27<4.27.1f
Arista Ccs-710p-12
Arista Ccs-710p-16p
Arista Ccs-720xp-24y6
Arista Ccs-720xp-24zy4
and 13 more
CVE-2021-28503
The impact of this vulnerability is that Arista's EOS eAPI may skip re-evaluating user credentials when certificate based authentication is used, which allows remote attackers to access the device via...
Arista EOS>=4.22<=4.22.9m
Arista EOS>=4.23<=4.23.9
Arista EOS>=4.24<=4.24.7
Arista EOS>=4.25<=4.25.5
Arista EOS>=4.26<=4.26.2
CVE-2021-28507
An issue has recently been discovered in Arista EOS where, under certain conditions, the service ACL configured for OpenConfig gNOI and OpenConfig RESTCONF might be bypassed, which results in the deni...
Arista EOS>=4.23.0<=4.23.9m
Arista EOS>=4.24.0<=4.24.7m
Arista EOS>=4.25.0<=4.25.3
Arista EOS>=4.25.4<=4.25.4m
Arista EOS>=4.25.5<=4.25.5.1m
Arista EOS>=4.26.0<=4.26.2f
and 5 more
CVE-2021-28501
An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local users...
Arista Terminattr<=1.16.2
CVE-2021-28500
An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local users...
Arista EOS<4.20
Arista EOS>=4.21.0<=4.21.14m
Arista EOS>=4.22.0<=4.22.11m
Arista EOS>=4.23.0<=4.23.8m
Arista EOS>=4.24.6.0<=4.24.6m
Arista EOS>=4.25.0<=4.25.4m
and 1 more
CVE-2021-28506
An issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip authorization and authentication which could potentially allow a factory reset of the device.
Arista EOS>=4.24.0<=4.24.7m
Arista EOS>=4.25.0<=4.25.3
Arista EOS>=4.25.4<=4.25.4m
Arista EOS>=4.25.5<=4.25.5.1m
Arista EOS>=4.26.0<=4.26.2f
CVE-2021-28496
Arista EOS>=4.22<=4.22.7m
Arista EOS>=4.23<4.23.10
Arista EOS>=4.24<4.24.8
Arista EOS>=4.25<4.25.5
Arista EOS>=4.26<4.26.2
CVE-2021-28494
In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, under certain conditions, authentication is bypassed by unprivileged users who are accessing the Web U...
Arista Metamako Operating System<=0.34.0
Arista 7130
CVE-2021-28498
In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, user enable passwords set in clear text could result in unprivileged users getting complete access to ...
Arista Metamako Operating System>=0.10.0<=0.13.0
Arista Metamako Operating System>=0.26.0<0.26.7
Arista Metamako Operating System>=0.31.0<0.32.0
Arista 7130
CVE-2021-28497
In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, under certain conditions, the bash shell might be accessible to unprivileged users in situations where...
Arista Metamako Operating System<=0.26.6
Arista Metamako Operating System>=0.31.0<0.32.0
Arista 7130
CVE-2021-28495
In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, under certain conditions, user authentication can be bypassed when API access is enabled via the JSON-...
Arista Metamako Operating System>=0.10.0<=0.13.0
Arista Metamako Operating System>=0.20.0<=0.26.7
Arista Metamako Operating System>=0.30.0<0.32.0
Arista 7130
CVE-2021-28493
In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, under certain conditions, a user may be able to execute commands despite not having the privileges to ...
Arista Metamako Operating System<=0.32.0
Arista 7130
CVE-2020-24588
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticat...
redhat/kernel-rt<0:4.18.0-348.rt7.130.el8
redhat/kernel<0:4.18.0-348.el8
Google Android
redhat/kernel<5.13
ubuntu/linux<4.15.0-151.157
ubuntu/linux<5.4.0-77.86
and 866 more
CVE-2020-26140
A vulnerability was found in Linux Kernel. Where the Wifi implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent ...
redhat/kernel-rt<0:4.18.0-348.rt7.130.el8
redhat/kernel<0:4.18.0-348.el8
Google Android
Alfa Awus036h Firmware Windows 10=6.1316.1209
Alfa Awus036h
Siemens Scalance W1748-1 Firmware
and 405 more
CVE-2020-26139
An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be ...
redhat/kernel-rt<0:4.18.0-348.rt7.130.el8
redhat/kernel<0:4.18.0-348.el8
Google Android
redhat/kernel<5.13
ubuntu/linux<4.15.0-151.157
ubuntu/linux<5.4.0-77.86
and 785 more
CVE-2020-26144
A flaw was found in the Linux kernel, where the WiFi implementations accept plaintext A-MSDU frames as long as the first 8 bytes correspond to a valid RFC1042 (ex., LLC/SNAP) header for EAPOL. The hig...
redhat/kernel-rt<0:4.18.0-348.rt7.130.el8
redhat/kernel<0:4.18.0-348.el8
Samsung Galaxy I9305 Firmware=4.4.4
Samsung Galaxy I9305
Arista C-250 Firmware<10.0.1-31
Arista C-250
and 32 more
CVE-2020-26143
A vulnerability was found in Linux kernel, where the WiFi implementations assemble fragments even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or ...
redhat/kernel-rt<0:4.18.0-348.rt7.130.el8
redhat/kernel<0:4.18.0-348.el8
Alfa Awus036h Firmware Windows 10=1030.36.604
Alfa Awus036h
Arista C-75 Firmware
Arista C-75
and 8 more
CVE-2020-26147
An issue was discovered in the Linux kernel 5.8.9. The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of them were sent in plaintext. This vulnerability can be abused t...
redhat/kernel-rt<0:4.18.0-348.rt7.130.el8
redhat/kernel<0:4.18.0-348.el8
Google Android
redhat/Kernel<5.13
ubuntu/linux<4.15.0-151.157
ubuntu/linux<5.4.0-77.86
and 159 more
CVE-2020-26146
A vulnerability was found in Linux kernel, where the WiFi implementation reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vu...
redhat/kernel-rt<0:4.18.0-348.rt7.130.el8
redhat/kernel<0:4.18.0-348.el8
Google Android
Samsung Galaxy I9305 Firmware=4.4.4
Samsung Galaxy I9305
Arista C-250 Firmware<10.0.1-31
and 35 more
CVE-2020-24586
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting t...
redhat/kernel-rt<0:4.18.0-348.rt7.130.el8
redhat/kernel<0:4.18.0-348.el8
redhat/kernel<5.13
ubuntu/linux<4.15.0-151.157
ubuntu/linux<5.4.0-77.86
ubuntu/linux<5.8.0-59.66
and 212 more
CVE-2020-24587
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An ad...
redhat/kernel-rt<0:4.18.0-348.rt7.130.el8
redhat/kernel<0:4.18.0-348.el8
Google Android
redhat/kernel<5.13
ubuntu/linux-oracle-5.8<5.8.0-1033.34~20.04.1
ubuntu/linux-oracle-5.8<5.13~
and 789 more
CVE-2020-15898
In Arista EOS malformed packets can be incorrectly forwarded across VLAN boundaries in one direction. This vulnerability is only susceptible to exploitation by unidirectional traffic (ex. UDP) and not...
Arista EOS>=4.21.0f<=4.21.4.1f
Arista 7170-32c
Arista 7170-32cd
Arista 7170-64c
Arista EOS>=4.21.0f<=4.21.11m
Arista EOS>=4.22.0f<=4.22.6m
and 47 more
CVE-2020-24360
An issue with ARP packets in Arista’s EOS affecting the 7800R3, 7500R3, and 7280R3 series of products may result in issues that cause a kernel crash, followed by a device reload. The affected Arista E...
Arista EOS>=4.22.0f<=4.22.6m
Arista EOS>=4.23.0f<=4.23.4m
Arista EOS>=4.24.0f<=4.24.2.4f
Arista 7280cr2ak-30
Arista 7280cr2k-60
Arista 7280cr3-32d4
and 23 more
CVE-2020-26569
In EVPN VxLAN setups in Arista EOS, specific malformed packets can lead to incorrect MAC to IP bindings and as a result packets can be incorrectly forwarded across VLAN boundaries. This can result in ...
Arista EOS>=4.21.0f<=4.21.12m
Arista EOS>=4.22.0f<=4.22.7m
Arista EOS>=4.23.0f<=4.23.5m
Arista EOS>=4.24.0f<=4.24.2f
Arista 7010t-48
Arista 7050cx3-32s
and 44 more
CVE-2020-15897
Arista EOS before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23.5M, and 4.24.x before 4.24.2F allows remote attackers to cause traffic loss or incorrect forwarding of traffic via a malformed lin...
Arista EOS<4.21.12m
Arista EOS>=4.22<4.22.7m
Arista EOS>=4.23<4.23.5m
Arista EOS>=4.24<4.24.2f
CVE-2020-13100
Arista’s CloudVision eXchange (CVX) server before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23.5M, and 4.24.x before 4.24.2F allows remote attackers to cause a denial of service (crash and rest...
Arista Cloudvision Exchange>=4.21.5f<4.21.12m
Arista Cloudvision Exchange>=4.22.0<4.22.7m
Arista Cloudvision Exchange>=4.23.0<4.23.5m
Arista Cloudvision Exchange>=4.24.0<4.24.2f
CVE-2020-17355
Arista EOS before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23.5M, and 4.24.x before 4.24.2F allows remote attackers to cause a denial of service (restart of agents) by crafting a malformed DHC...
Arista EOS>=4.21.0<4.21.12m
Arista EOS>=4.22<4.22.7m
Arista EOS>=4.23<4.23.5m
Arista EOS>=4.24.0<4.24.2f
CVE-2020-25686
A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 1...
debian/dnsmasq
redhat/dnsmasq<2.83
Thekelleys Dnsmasq<2.83
Fedoraproject Fedora=32
Fedoraproject Fedora=33
Debian Debian Linux=10.0
and 5 more
CVE-2020-25685
A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only us...
debian/dnsmasq
Thekelleys Dnsmasq<2.83
Fedoraproject Fedora=32
Fedoraproject Fedora=33
Debian Debian Linux=10.0
Arista EOS>=4.21<4.21.14m
and 5 more
CVE-2020-25684
A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending...
Thekelleys Dnsmasq<2.83
Fedoraproject Fedora=32
Fedoraproject Fedora=33
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Arista EOS>=4.21<4.21.14m
and 6 more
CVE-2020-24333
A vulnerability in Arista’s CloudVision Portal (CVP) prior to 2020.2 allows users with “read-only” or greater access rights to the Configlet Management module to download files not intended for access...
Arista CloudVision Portal<2020.2.0
CVE-2020-3702
u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the ...
ubuntu/linux<4.4.0-223.256
ubuntu/linux<5.11.0-38.42
ubuntu/linux<5.12~
ubuntu/linux<4.15.0-161.169
ubuntu/linux<5.4.0-89.100
ubuntu/linux-hwe<4.15.0-161.169~16.04.1
and 175 more
CVE-2020-11622
A vulnerability exists in Arista’s Cloud EOS VM / vEOS 4.23.2M and below releases in the 4.23.x train, 4.22.4M and below releases in the 4.22.x train, 4.21.3M to 4.21.9M releases in the 4.21.x train, ...
Arista CloudEOS>=4.21.3m<=4.21.9m
Arista CloudEOS>=4.22.0<=4.22.4m
Arista CloudEOS>=4.23.0<=4.23.2m
Arista CloudEOS=4.21.3fx-7368
Arista CloudEOS=4.21.4-fcrfx
Arista CloudEOS=4.21.4.1
and 16 more
CVE-2020-13881
In support.c in pam_tacplus 1.3.8 through 1.5.1, the TACACS+ shared secret gets logged via syslog if the DEBUG loglevel and journald are used.
ubuntu/libpam-tacplus<1.3.8-2+
ubuntu/libpam-tacplus<1.3.8-2+
ubuntu/libpam-tacplus<1.3.8-2+
Pam Tacplus Project Pam Tacplus>=1.3.8<=1.5.1
Debian Debian Linux=8.0
Debian Debian Linux=9.0
and 5 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203