CVE-2020-17355EOS vulnerability

3 documents3 sources
Severity
7.5HIGHNVD
EPSS
0.6%
top 31.69%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Arista EOS
Timeline
PublishedOct 21
Latest updateMay 24

Description

Arista EOS before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23.5M, and 4.24.x before 4.24.2F allows remote attackers to cause a denial of service (restart of agents) by crafting a malformed DHCP packet which leads to an incorrect route being installed.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

NVDarista/eos4.21.04.21.12m+3

🔴Vulnerability Details

2
GHSA
GHSA-jp7j-xv2r-4c7j: Arista EOS before 42022-05-24
CVEList
CVE-2020-17355: Arista EOS before 42020-10-21
CVE-2020-17355 — Arista EOS vulnerability | cvebase