CVE-2018-5255 — EOS vulnerability

3 documents3 sources

Severity

6.5MEDIUMNVD

EPSS

0.6%

top 30.35%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Arista EOS

Timeline

PublishedMar 5

Latest updateMay 13

Description

The Mlag agent in Arista EOS 4.19 before 4.19.4M and 4.20 before 4.20.2F allows remote attackers to cause a denial of service (agent restart) via crafted UDP packets.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages1 packages

▶NVDarista/eos4.19 — 4.19.4m+1

Patches

Patch: www.arista.com ↗Patch: www.arista.com ↗

🔴Vulnerability Details

GHSA

GHSA-jf47-qj6f-fq8j: The Mlag agent in Arista EOS 4↗2022-05-13

▶

CVEList

CVE-2018-5255: The Mlag agent in Arista EOS 4↗2018-03-05

▶