Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arista eos - vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-28510
For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling message with an invalid Type-Length-Value (TLV) causes the PTP agent to restart. Repeated restarts of the service will make the service unavailable.
Arista Eos
7.5
CVSSv3
CVE-2021-28505
On affected Arista EOS platforms, if a VXLAN match rule exists in an IPv4 access-list that is applied to the ingress of an L2 or an L3 port/SVI, the VXLAN rule and subsequent ACL rules in that access list will ignore the specified IP protocol.
Arista Eos
7.5
CVSSv3
CVE-2021-28504
On Arista Strata family products which have “TCAM profile” feature enabled when Port IPv4 access-list has a rule which matches on “vxlan” as protocol then that rule and subsequent rules ( rules declared after it in ACL ) do not match on IP protocol field a...
Arista Eos
7.5
CVSSv3
CVE-2020-15897
Arista EOS prior to 4.21.12M, 4.22.x prior to 4.22.7M, 4.23.x prior to 4.23.5M, and 4.24.x prior to 4.24.2F allows remote malicious users to cause traffic loss or incorrect forwarding of traffic via a malformed link-state PDU to the IS-IS router.
Arista Eos
7.5
CVSSv3
CVE-2020-17355
Arista EOS prior to 4.21.12M, 4.22.x prior to 4.22.7M, 4.23.x prior to 4.23.5M, and 4.24.x prior to 4.24.2F allows remote malicious users to cause a denial of service (restart of agents) by crafting a malformed DHCP packet which leads to an incorrect route being installed.
Arista Eos
7.5
CVSSv3
CVE-2020-11622
A vulnerability exists in Arista’s Cloud EOS VM / vEOS 4.23.2M and below releases in the 4.23.x train, 4.22.4M and below releases in the 4.22.x train, 4.21.3M to 4.21.9M releases in the 4.21.x train, 4.21.3FX-7368.*, 4.21.4-FCRFX.*, 4.21.4.1, 4.21.7.1, 4.22.2.0.1, 4.22.2.2....
Arista Cloudeos 4.21.3fx-7368
Arista Cloudeos
Arista Cloudeos 4.21.4-fcrfx
Arista Cloudeos 4.21.4.1
Arista Cloudeos 4.21.7.1
Arista Cloudeos 4.22.2.0.1
Arista Cloudeos 4.22.2.2.1
Arista Cloudeos 4.22.3.1
Arista Cloudeos 4.23.2.1
Arista Veos 4.21.3fx-7368
Arista Veos
Arista Veos 4.21.4-fcrfx
Arista Veos 4.21.4.1
Arista Veos 4.21.7.1
Arista Veos 4.22.2.0.1
Arista Veos 4.22.2.2.1
Arista Veos 4.22.3.1
Arista Veos 4.23.2.1
7.5
CVSSv3
CVE-2019-18948
An issue was found in Arista EOS. Specific malformed ARP packets can impact the software forwarding of VxLAN packets. This issue is found in Arista’s EOS VxLAN code, which can allow malicious users to crash the VxlanSwFwd agent. This affects EOS 4.21.8M and below releases i...
Arista Eos 4.15
Arista Eos 4.16
Arista Eos 4.17
Arista Eos 4.18
Arista Eos 4.19
Arista Eos 4.20
Arista Eos
7.5
CVSSv3
CVE-2019-17596
Go prior to 1.12.11 and 1.3.x prior to 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client to a server that verifies client certificates.
Golang Go
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Redhat Enterprise Linux 8.0
Redhat Developer Tools 1.0
Redhat Enterprise Linux Server 8.1
Opensuse Leap 15.0
Opensuse Leap 15.1
Arista Mos
Arista Eos
Arista Cloudvision Portal 2019.1.2
Arista Cloudvision Portal 2019.1.1
Arista Cloudvision Portal 2019.1.0
Arista Cloudvision Portal
Arista Terminattr
1 Github repository
7.5
CVSSv3
CVE-2018-5254
Arista EOS prior to 4.20.2F allows remote BGP peers to cause a denial of service (Rib agent restart) via a malformed path attribute in an UPDATE message.
Arista Eos
7.5
CVSSv3
CVE-2016-6894
Arista EOS 4.15 prior to 4.15.8M, 4.16 prior to 4.16.7M, and 4.17 prior to 4.17.0F on DCS-7050 series devices allow remote malicious users to cause a denial of service (device reboot) by sending crafted packets to the control plane.
Arista Dcs-7050t Eos Software
Arista Dcs-7050q Eos Software
Arista Dcs-7050s Eos Software
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »