CVE-2023-24545
published 2023-04-12CVE-2023-24545: On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial of service attack by sending…
PriorityP337high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
0.78%
51.1th percentile
On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial of service attack by sending malformed packets to the switch. This causes a leak of packet buffers and if enough malformed packets are received, the switch may eventually stop forwarding traffic.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| arista | cloudeos | >= 4.26.0 < 4.26.9m | 4.26.9m |
| arista | cloudeos | >= 4.27.0 < 4.27.8m | 4.27.8m |
| arista | cloudeos | >= 4.28.0 < 4.28.5m | 4.28.5m |
| arista | cloudeos | >= 4.29.0 < 4.29.2f | 4.29.2f |
| arista_networks | eos | 4.26.8M – 4.26.8M | — |
| arista_networks | eos | 4.27.0 – 4.27.7M | — |
| arista_networks | eos | 4.28.0 – 4.28.4M | — |
| arista_networks | eos | 4.29.0 – 4.29.1F | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-04-12
Published