Arista Networks Eos vulnerabilities
27 known vulnerabilities affecting arista_networks/eos.
Total CVEs
27
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH12MEDIUM11LOW2
Vulnerabilities
Page 2 of 2
CVE-2023-24513HIGHCVSS 7.5≥ 4.29.0, ≤ 4.29.1F≥ 4.28.0, ≤ 4.28.5M+2 more2023-04-12
CVE-2023-24513 [HIGH] CWE-126 CVE-2023-24513: On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can l
On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial of service attack by sending malformed packets to the switch. This causes a leak of packet buffers and if enough malformed packets are received, the switch may eventually stop forwarding traffic.
cvelistv5nvd
CVE-2021-28510HIGHCVSS 7.5v4.22≥ 4.27.1, ≤ 4.27.0+4 more2023-01-26
CVE-2021-28510 [HIGH] CWE-400 CVE-2021-28510: For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling me
For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling message with an invalid Type-Length-Value (TLV) causes the PTP agent to restart. Repeated restarts of the service will make the service unavailable.
cvelistv5nvd
CVE-2021-28511MEDIUMCVSS 6.5≥ 4.24.0, ≤ 4.24.9≥ 4.25.0, ≤ 4.25.8+2 more2022-08-05
CVE-2021-28511 [MEDIUM] CWE-284 CVE-2021-28511: This advisory documents the impact of an internally found vulnerability in Arista EOS for security A
This advisory documents the impact of an internally found vulnerability in Arista EOS for security ACL bypass. The impact of this vulnerability is that the security ACL drop rule might be bypassed if a NAT ACL rule filter with permit action matches the packet flow. This could allow a host with an IP address in a range that matches the range allowed
cvelistv5nvd
CVE-2021-28505HIGHCVSS 7.5≥ 4.26.3M, ≤ 4.26.0≥ 4.27.0F, ≤ 4.27.02022-04-14
CVE-2021-28505 [HIGH] CWE-284 CVE-2021-28505: On affected Arista EOS platforms, if a VXLAN match rule exists in an IPv4 access-list that is applie
On affected Arista EOS platforms, if a VXLAN match rule exists in an IPv4 access-list that is applied to the ingress of an L2 or an L3 port/SVI, the VXLAN rule and subsequent ACL rules in that access list will ignore the specified IP protocol.
cvelistv5nvd
CVE-2021-28504HIGHCVSS 7.5≥ 4.26.3F, ≤ 4.26.0≥ 4.27.0F, ≤ 4.27.02022-04-01
CVE-2021-28504 [HIGH] CWE-284 CVE-2021-28504: On Arista Strata family products which have “TCAM profile” feature enabled when Port IPv4 access-lis
On Arista Strata family products which have “TCAM profile” feature enabled when Port IPv4 access-list has a rule which matches on “vxlan” as protocol then that rule and subsequent rules ( rules declared after it in ACL ) do not match on IP protocol field as expected.
cvelistv5nvd
CVE-2021-28506CRITICALCVSS 9.1≥ 4.26.2F, ≤ 4.26.0≥ 4.25.5.1M, ≤ 4.25.5+3 more2022-01-14
CVE-2021-28506 [CRITICAL] CWE-285 CVE-2021-28506: An issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip authori
An issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip authorization and authentication which could potentially allow a factory reset of the device.
cvelistv5nvd
CVE-2021-28507HIGHCVSS 7.1v4.22.x≥ 4.26.2F, ≤ 4.26.0+6 more2022-01-14
CVE-2021-28507 [HIGH] CWE-284 CVE-2021-28507: An issue has recently been discovered in Arista EOS where, under certain conditions, the service ACL
An issue has recently been discovered in Arista EOS where, under certain conditions, the service ACL configured for OpenConfig gNOI and OpenConfig RESTCONF might be bypassed, which results in the denied requests being forwarded to the agent.
cvelistv5nvd
← Previous2 / 2