Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arista eos vulnerabilities and exploits
(subscribe to this query)
9.1
CVSSv3
CVE-2021-28506
An issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip authorization and authentication which could potentially allow a factory reset of the device.
Arista Eos
7.4
CVSSv3
CVE-2020-24360
An issue with ARP packets in Arista’s EOS affecting the 7800R3, 7500R3, and 7280R3 series of products may result in issues that cause a kernel crash, followed by a device reload. The affected Arista EOS versions are: 4.24.2.4F and below releases in the 4.24.x train; 4.23.4M...
Arista Eos
7.5
CVSSv3
CVE-2023-3646
On affected platforms running Arista EOS with mirroring to multiple destinations configured, an internal system error may trigger a kernel panic and cause system reload.
Arista Eos
7.5
CVSSv3
CVE-2021-28510
For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling message with an invalid Type-Length-Value (TLV) causes the PTP agent to restart. Repeated restarts of the service will make the service unavailable.
Arista Eos
7.5
CVSSv3
CVE-2018-5254
Arista EOS prior to 4.20.2F allows remote BGP peers to cause a denial of service (Rib agent restart) via a malformed path attribute in an UPDATE message.
Arista Eos
6.5
CVSSv3
CVE-2018-5255
The Mlag agent in Arista EOS 4.19 prior to 4.19.4M and 4.20 prior to 4.20.2F allows remote malicious users to cause a denial of service (agent restart) via crafted UDP packets.
Arista Eos
6.5
CVSSv3
CVE-2021-28496
On systems running Arista EOS and CloudEOS with the affected release version, when using shared secret profiles the password configured for use by BiDirectional Forwarding Detection (BFD) will be leaked when displaying output over eAPI or other JSON outputs to other authenticated...
Arista Eos
7.8
CVSSv3
CVE-2021-28500
An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local users with nopassword configuration.
Arista Eos
7.5
CVSSv3
CVE-2020-17355
Arista EOS prior to 4.21.12M, 4.22.x prior to 4.22.7M, 4.23.x prior to 4.23.5M, and 4.24.x prior to 4.24.2F allows remote malicious users to cause a denial of service (restart of agents) by crafting a malformed DHCP packet which leads to an incorrect route being installed.
Arista Eos
6.5
CVSSv3
CVE-2015-5239
Integer overflow in the VNC display driver in QEMU prior to 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop.
Qemu Qemu
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Fedoraproject Fedora 21
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Suse Linux Enterprise Server 11
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Debuginfo 11
Suse Linux Enterprise Server 12
Suse Linux Enterprise Software Development Kit 12
Suse Linux Enterprise Software Development Kit 11
Suse Linux Enterprise Desktop 12
Arista Eos 4.15
Arista Eos 4.14
Arista Eos 4.13
Arista Eos 4.12
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »