Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arista vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-24548
On affected platforms running Arista EOS with VXLAN configured, malformed or truncated packets received over a VXLAN tunnel and forwarded in hardware can cause egress ports to be unable to forward packets. The device will continue to be susceptible to the issue until remediation ...
Arista Eos
Arista Eos 4.25.0f
356
VMScore
CVE-2015-5745
Buffer overflow in the send_control_msg function in hw/char/virtio-serial-bus.c in QEMU prior to 2.4.0 allows guest users to cause a denial of service (QEMU process crash) via a crafted virtio control message.
Qemu Qemu
Fedoraproject Fedora 21
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Arista Eos 4.12
Arista Eos 4.13
Arista Eos 4.14
Arista Eos 4.15
668
VMScore
CVE-2020-9015
Arista DCS-7050QX-32S-R 4.20.9M, DCS-7050CX3-32S-R 4.20.11M, and DCS-7280SRAM-48C6-R 4.22.0.1F devices (and possibly other products) allow malicious users to bypass intended TACACS+ shell restrictions via a | character. NOTE: the vendor reports that this is a configuration issue ...
Arista Dcs-7050qx-32s-r Firmware 4.20.9m
Arista Dcs-7050cx3-32s-r Firmware 4.20.11m
Arista Dcs-7280sram-48c6-r Firmware 4.22.0.1f
445
VMScore
CVE-2019-17596
Go prior to 1.12.11 and 1.3.x prior to 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client to a server that verifies client certificates.
Golang Go
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Redhat Enterprise Linux 8.0
Redhat Developer Tools 1.0
Redhat Enterprise Linux Server 8.1
Opensuse Leap 15.0
Opensuse Leap 15.1
Arista Mos
Arista Eos
Arista Cloudvision Portal 2019.1.2
Arista Cloudvision Portal 2019.1.1
Arista Cloudvision Portal 2019.1.0
Arista Cloudvision Portal
Arista Terminattr
1 Github repository
356
VMScore
CVE-2015-5278
The ne2000_receive function in hw/net/ne2000.c in QEMU prior to 2.4.0.1 allows malicious users to cause a denial of service (infinite loop and instance crash) or possibly execute arbitrary code via vectors related to receiving packets.
Qemu Qemu
Fedoraproject Fedora 21
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Arista Eos 4.12
Arista Eos 4.13
Arista Eos 4.14
Arista Eos 4.15
NA
CVE-2023-3646
On affected platforms running Arista EOS with mirroring to multiple destinations configured, an internal system error may trigger a kernel panic and cause system reload.
Arista Eos
837
VMScore
CVE-2021-28506
An issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip authorization and authentication which could potentially allow a factory reset of the device.
Arista Eos
NA
CVE-2023-24545
On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial of service attack by sending malformed packets to the switch. This causes a leak of packet buffers and if enough malformed packets are received, the switc...
Arista Cloudeos
NA
CVE-2023-24509
On affected modular platforms running Arista EOS equipped with both redundant supervisor modules and having the redundancy protocol configured with RPR or SSO, an existing unprivileged user can login to the standby supervisor as a root user, leading to a privilege escalation. Val...
Arista Eos
NA
CVE-2023-24510
On the affected platforms running EOS, a malformed DHCP packet might cause the DHCP relay agent to restart.
Arista Eos
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »