Filtered by vendor Arista
Subscribe
Total
94 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-24510 | 1 Arista | 97 7010t, 7010t-48, 7010tx-48 and 94 more | 2024-11-21 | N/A | 7.5 HIGH |
|
On the affected platforms running EOS, a malformed DHCP packet might cause the DHCP relay agent to restart.
|
|||||
| CVE-2023-24509 | 1 Arista | 21 704x3, 7304x, 7304x3 and 18 more | 2024-11-21 | N/A | 9.3 CRITICAL |
|
On affected modular platforms running Arista EOS equipped with both redundant supervisor modules and having the redundancy protocol configured with RPR or SSO, an existing unprivileged user can login to the standby supervisor as a root user, leading to a privilege escalation. Valid user credentials are required in order to exploit this vulnerability.
|
|||||
| CVE-2022-29071 | 1 Arista | 1 Cloudvision Portal | 2024-11-21 | N/A | 4.0 MEDIUM |
|
This advisory documents an internally found vulnerability in the on premises deployment model of Arista CloudVision Portal (CVP) where under a certain set of conditions, user passwords can be leaked in the Audit and System logs. The impact of this vulnerability is that the CVP user login passwords might be leaked to other authenticated users.
|
|||||
| CVE-2021-28511 | 1 Arista | 16 7050cx3-32s, 7050cx3m-32s, 7050sx3-48c8 and 13 more | 2024-11-21 | N/A | 5.8 MEDIUM |
|
This advisory documents the impact of an internally found vulnerability in Arista EOS for security ACL bypass. The impact of this vulnerability is that the security ACL drop rule might be bypassed if a NAT ACL rule filter with permit action matches the packet flow. This could allow a host with an IP address in a range that matches the range allowed by a NAT ACL and a range denied by a Security ACL to be forwarded incorrectly as it should have been denied by the Security ACL. This can enable an A ...
Show More |
|||||
| CVE-2021-28510 | 1 Arista | 77 7020r, 7050cx3-32s, 7050cx3m-32s and 74 more | 2024-11-21 | N/A | 5.3 MEDIUM |
|
For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling message with an invalid Type-Length-Value (TLV) causes the PTP agent to restart. Repeated restarts of the service will make the service unavailable.
|
|||||
| CVE-2021-28509 | 1 Arista | 45 7050cx3-32s, 7050cx3m-32s, 7050sx3-48c8 and 42 more | 2024-11-21 | 3.6 LOW | 6.1 MEDIUM |
|
This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak MACsec sensitive data in clear text in CVP to other authorized users, which could cause MACsec traffic to be decrypted or modified by other authorized users on the device.
|
|||||
| CVE-2021-28508 | 1 Arista | 45 7050cx3-32s, 7050cx3m-32s, 7050sx3-48c8 and 42 more | 2024-11-21 | 3.6 LOW | 6.8 MEDIUM |
|
This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak IPsec sensitive data in clear text in CVP to other authorized users, which could cause IPsec traffic to be decrypted or modified by other authorized users on the device.
|
|||||
| CVE-2021-28507 | 1 Arista | 1 Eos | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
|
An issue has recently been discovered in Arista EOS where, under certain conditions, the service ACL configured for OpenConfig gNOI and OpenConfig RESTCONF might be bypassed, which results in the denied requests being forwarded to the agent.
|
|||||
| CVE-2021-28506 | 1 Arista | 1 Eos | 2024-11-21 | 9.4 HIGH | 9.1 CRITICAL |
|
An issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip authorization and authentication which could potentially allow a factory reset of the device.
|
|||||
| CVE-2021-28505 | 1 Arista | 18 Ccs-710p-12, Ccs-710p-16p, Ccs-720xp-24y6 and 15 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
On affected Arista EOS platforms, if a VXLAN match rule exists in an IPv4 access-list that is applied to the ingress of an L2 or an L3 port/SVI, the VXLAN rule and subsequent ACL rules in that access list will ignore the specified IP protocol.
|
|||||
| CVE-2021-28504 | 1 Arista | 18 Ccs-710p-12, Ccs-710p-16p, Ccs-720xp-24y6 and 15 more | 2024-11-21 | 4.3 MEDIUM | 7.5 HIGH |
|
On Arista Strata family products which have “TCAM profile” feature enabled when Port IPv4 access-list has a rule which matches on “vxlan” as protocol then that rule and subsequent rules ( rules declared after it in ACL ) do not match on IP protocol field as expected.
|
|||||
| CVE-2021-28503 | 1 Arista | 1 Eos | 2024-11-21 | 6.8 MEDIUM | 7.4 HIGH |
|
The impact of this vulnerability is that Arista's EOS eAPI may skip re-evaluating user credentials when certificate based authentication is used, which allows remote attackers to access the device via eAPI.
|
|||||
| CVE-2021-28501 | 1 Arista | 1 Terminattr | 2024-11-21 | 6.9 MEDIUM | 9.1 CRITICAL |
|
An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local users with nopassword configuration.
|
|||||
| CVE-2021-28500 | 1 Arista | 1 Eos | 2024-11-21 | 6.9 MEDIUM | 9.1 CRITICAL |
|
An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local users with nopassword configuration.
|
|||||
| CVE-2021-28499 | 1 Arista | 2 7130, Metamako Operating System | 2024-11-21 | 2.1 LOW | 6.3 MEDIUM |
|
In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, user account passwords set in clear text could leak to users without any password. This issue affects: Arista Metamako Operating System MOS-0.18 and post releases in the MOS-0.1x train All releases in the MOS-0.2x train MOS-0.31.1 and prior releases in the MOS-0.3x train
|
|||||
| CVE-2021-28498 | 1 Arista | 2 7130, Metamako Operating System | 2024-11-21 | 7.2 HIGH | 8.7 HIGH |
|
In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, user enable passwords set in clear text could result in unprivileged users getting complete access to the systems. This issue affects: Arista Metamako Operating System MOS-0.13 and post releases in the MOS-0.1x train MOS-0.26.6 and prior releases in the MOS-0.2x train MOS-0.31.1 and prior releases in the MOS-0.3x train
|
|||||
| CVE-2021-28497 | 1 Arista | 2 7130, Metamako Operating System | 2024-11-21 | 4.6 MEDIUM | 4.4 MEDIUM |
|
In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, under certain conditions, the bash shell might be accessible to unprivileged users in situations where they should not have access. This issue affects: Arista Metamako Operating System All releases in the MOS-0.1x train MOS-0.26.6 and below releases in the MOS-0.2x train MOS-0.31.1 and below releases in the MOS-0.3x train
|
|||||
| CVE-2021-28496 | 1 Arista | 1 Eos | 2024-11-21 | 4.0 MEDIUM | 5.7 MEDIUM |
|
On systems running Arista EOS and CloudEOS with the affected release version, when using shared secret profiles the password configured for use by BiDirectional Forwarding Detection (BFD) will be leaked when displaying output over eAPI or other JSON outputs to other authenticated users on the device. The affected EOS Versions are: all releases in 4.22.x train, 4.23.9 and below releases in the 4.23.x train, 4.24.7 and below releases in the 4.24.x train, 4.25.4 and below releases in the 4.25.x tra ...
Show More |
|||||
| CVE-2021-28495 | 1 Arista | 2 7130, Metamako Operating System | 2024-11-21 | 6.8 MEDIUM | 7.2 HIGH |
|
In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, under certain conditions, user authentication can be bypassed when API access is enabled via the JSON-RPC APIs. This issue affects: Arista Metamako Operating System All releases in the MOS-0.1x train MOS-0.13 and post releases in the MOS-0.1x train MOS-0.26.6 and below releases in the MOS-0.2x train MOS-0.31.1 and below releases in the MOS-0.3x train
|
|||||
| CVE-2021-28494 | 1 Arista | 2 7130, Metamako Operating System | 2024-11-21 | 6.5 MEDIUM | 9.6 CRITICAL |
|
In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, under certain conditions, authentication is bypassed by unprivileged users who are accessing the Web UI. This issue affects: Arista Metamako Operating System MOS-0.34.0 and prior releases
|
|||||
| CVE-2021-28493 | 1 Arista | 2 7130, Metamako Operating System | 2024-11-21 | 4.6 MEDIUM | 8.4 HIGH |
|
In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, under certain conditions, a user may be able to execute commands despite not having the privileges to do so. This issue affects: Arista Metamako Operating System All releases in the MOS-0.1x train MOS-0.32.0 and prior releases
|
|||||
| CVE-2020-9015 | 1 Arista | 6 Dcs-7050cx3-32s-r, Dcs-7050cx3-32s-r Firmware, Dcs-7050qx-32s-r and 3 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Arista DCS-7050QX-32S-R 4.20.9M, DCS-7050CX3-32S-R 4.20.11M, and DCS-7280SRAM-48C6-R 4.22.0.1F devices (and possibly other products) allow attackers to bypass intended TACACS+ shell restrictions via a | character. NOTE: the vendor reports that this is a configuration issue relating to an overly permissive regular expression in the TACACS+ server permitted commands
|
|||||
| CVE-2020-3702 | 3 Arista, Debian, Qualcomm | 30 Access Point, Av2, C-75 and 27 more | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
|
u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8 ...
Show More |
|||||
| CVE-2020-26569 | 1 Arista | 47 7010t-48, 7050cx3-32s, 7050cx3m-32s and 44 more | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
|
In EVPN VxLAN setups in Arista EOS, specific malformed packets can lead to incorrect MAC to IP bindings and as a result packets can be incorrectly forwarded across VLAN boundaries. This can result in traffic being discarded on the receiving VLAN. This affects versions: 4.21.12M and below releases in the 4.21.x train; 4.22.7M and below releases in the 4.22.x train; 4.23.5M and below releases in the 4.23.x train; 4.24.2F and below releases in the 4.24.x train.
|
|||||
| CVE-2020-26147 | 4 Arista, Debian, Linux and 1 more | 14 C-65, C-65 Firmware, C-75 and 11 more | 2024-11-21 | 3.2 LOW | 5.4 MEDIUM |
|
An issue was discovered in the Linux kernel 5.8.9. The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used.
|
|||||
| CVE-2020-26146 | 3 Arista, Samsung, Siemens | 38 C-100, C-100 Firmware, C-110 and 35 more | 2024-11-21 | 2.9 LOW | 5.3 MEDIUM |
|
An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WPA, WPA2, and WPA3 implementations reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vulnerability is exploitable when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used. Note that WEP is vulnerable to this attack by design.
|
|||||
| CVE-2020-26144 | 3 Arista, Samsung, Siemens | 36 C-100, C-100 Firmware, C-110 and 33 more | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
|
An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext A-MSDU frames as long as the first 8 bytes correspond to a valid RFC1042 (i.e., LLC/SNAP) header for EAPOL. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.
|
|||||
| CVE-2020-26143 | 3 Alfa, Arista, Siemens | 12 Awus036h, Awus036h Firmware, C-65 and 9 more | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
|
An issue was discovered in the ALFA Windows 10 driver 1030.36.604 for AWUS036ACH. The WEP, WPA, WPA2, and WPA3 implementations accept fragmented plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
|
|||||
| CVE-2020-26140 | 5 Alfa, Arista, Cisco and 2 more | 388 Awus036h, Awus036h Firmware, C-100 and 385 more | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
|
An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
|
|||||
| CVE-2020-26139 | 5 Arista, Cisco, Debian and 2 more | 330 C-100, C-100 Firmware, C-110 and 327 more | 2024-11-21 | 2.9 LOW | 5.3 MEDIUM |
|
An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients.
|
|||||
| CVE-2020-24588 | 8 Arista, Cisco, Debian and 5 more | 350 C-100, C-100 Firmware, C-110 and 347 more | 2024-11-21 | 2.9 LOW | 3.5 LOW |
|
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets.
|
|||||
| CVE-2020-24587 | 6 Arista, Cisco, Debian and 3 more | 332 C-100, C-100 Firmware, C-110 and 329 more | 2024-11-21 | 1.8 LOW | 2.6 LOW |
|
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.
|
|||||
| CVE-2020-24586 | 5 Arista, Debian, Ieee and 2 more | 44 C-200, C-200 Firmware, C-230 and 41 more | 2024-11-21 | 2.9 LOW | 3.5 LOW |
|
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP, this can be abused to inject arbitrary network packets and/or exfiltrate user data.
|
|||||
| CVE-2020-24360 | 1 Arista | 27 7280cr2ak-30, 7280cr2k-60, 7280cr3-32d4 and 24 more | 2024-11-21 | 6.1 MEDIUM | 7.4 HIGH |
|
An issue with ARP packets in Arista’s EOS affecting the 7800R3, 7500R3, and 7280R3 series of products may result in issues that cause a kernel crash, followed by a device reload. The affected Arista EOS versions are: 4.24.2.4F and below releases in the 4.24.x train; 4.23.4M and below releases in the 4.23.x train; 4.22.6M and below releases in the 4.22.x train.
|
|||||
| CVE-2020-24333 | 1 Arista | 1 Cloudvision Portal | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
A vulnerability in Arista’s CloudVision Portal (CVP) prior to 2020.2 allows users with “read-only” or greater access rights to the Configlet Management module to download files not intended for access, located on the CVP server, by accessing a specific API.
|
|||||
| CVE-2020-17355 | 1 Arista | 1 Eos | 2024-11-21 | 4.3 MEDIUM | 7.5 HIGH |
|
Arista EOS before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23.5M, and 4.24.x before 4.24.2F allows remote attackers to cause a denial of service (restart of agents) by crafting a malformed DHCP packet which leads to an incorrect route being installed.
|
|||||
| CVE-2020-15898 | 1 Arista | 49 7050cx3-32s, 7050cx3m-32s, 7050qx-32s and 46 more | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
In Arista EOS malformed packets can be incorrectly forwarded across VLAN boundaries in one direction. This vulnerability is only susceptible to exploitation by unidirectional traffic (ex. UDP) and not bidirectional traffic (ex. TCP). This affects: EOS 7170 platforms version 4.21.4.1F and below releases in the 4.21.x train; EOS X-Series versions 4.21.11M and below releases in the 4.21.x train; 4.22.6M and below releases in the 4.22.x train; 4.23.4M and below releases in the 4.23.x train; 4.24.2.1 ...
Show More |
|||||
| CVE-2020-15897 | 1 Arista | 1 Eos | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Arista EOS before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23.5M, and 4.24.x before 4.24.2F allows remote attackers to cause traffic loss or incorrect forwarding of traffic via a malformed link-state PDU to the IS-IS router.
|
|||||
| CVE-2020-13881 | 4 Arista, Canonical, Debian and 1 more | 4 Cloudvision Portal, Ubuntu Linux, Debian Linux and 1 more | 2024-11-21 | 4.3 MEDIUM | 7.5 HIGH |
|
In support.c in pam_tacplus 1.3.8 through 1.5.1, the TACACS+ shared secret gets logged via syslog if the DEBUG loglevel and journald are used.
|
|||||
| CVE-2020-13100 | 1 Arista | 1 Cloudvision Exchange | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Arista’s CloudVision eXchange (CVX) server before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23.5M, and 4.24.x before 4.24.2F allows remote attackers to cause a denial of service (crash and restart) in the ControllerOob agent via a malformed control-plane packet.
|
|||||