cbcvebase.
CVE-2020-24360
published 2020-12-28

CVE-2020-24360: An issue with ARP packets in Arista’s EOS affecting the 7800R3, 7500R3, and 7280R3 series of products may result in issues that cause a kernel crash, followed…

PriorityP433high7.4CVSS 3.1
AVAACLPRNUINSCCNINAH
EPSS
0.65%
46.6th percentile
An issue with ARP packets in Arista’s EOS affecting the 7800R3, 7500R3, and 7280R3 series of products may result in issues that cause a kernel crash, followed by a device reload. The affected Arista EOS versions are: 4.24.2.4F and below releases in the 4.24.x train; 4.23.4M and below releases in the 4.23.x train; 4.22.6M and below releases in the 4.22.x train.

Affected

3 ranges
VendorProductVersion rangeFixed in
aristaeos4.22.0f – 4.22.6m
aristaeos4.23.0f – 4.23.4m
aristaeos4.24.0f – 4.24.2.4f

CVSS provenance

nvdv3.17.4HIGHCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
nvdv2.06.1MEDIUMAV:A/AC:L/Au:N/C:N/I:N/A:C
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.