CVE-2023-24511

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-24511
On affected platforms running Arista EOS with SNMP configured, a specially crafted packet can cause a memory leak in the snmpd process. This may result in the snmpd processing being terminated (causing SNMP requests to time out until snmpd is automatically restarted) and potential memory resource exhaustion for other processes on the switch. The vulnerability does not have any confidentiality or integrity impacts to the system.

7.5 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://www.arista.com/en/support/advisories-notices/security-advisory/17239-security-advisory-0084 Exploit Patch Vendor Advisory
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*
cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*
cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*
cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*
OR cpe:2.3:a:arista:ceos-lab:-:*:*:*:*:*:*:*
cpe:2.3:a:arista:cloudeos:-:*:*:*:*:*:*:*
cpe:2.3:a:arista:veos-lab:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7010t:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7010t-48:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7010tx-48:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7010tx-48-dc:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7020sr-24c2:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7020sr-32c2:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7020tr-48:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7020tra-48:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7050cx3-32s:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7050cx3m-32s:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7050qx-32s:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7050qx2-32s:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7050sx-128:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7050sx-64:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7050sx-72q:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7050sx2-128:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7050sx2-72q:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7050sx3-48c8:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7050sx3-48yc:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7050sx3-48yc12:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7050sx3-48yc8:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7050sx3-96yc8:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7050tx-48:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7050tx-64:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7050tx-72q:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7050tx2-128:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7050tx3-48c8:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7060cx-32s:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7060cx2-32s:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7060dx4-32:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7060px4-32:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7060sx2-48yc6:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7150s-24:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7150s-52:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7150s-64:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7150sc-24:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7150sc-64:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7160-32cq:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7160-48tc6:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7160-48yc6:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7170-32c:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7170-32cd:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7170-64c:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7170b-64c:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:720df-48y:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:720dp-24s:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:720dp-48s:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:720dt-24s:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:720dt-48s:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:720dt-48y:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:720xp-24y6:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:720xp-24zy4:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:720xp-48y6:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:720xp-48zc2:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:720xp-96zc2:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:722xpm-48y4:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:722xpm-48zy8:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7250qx-64:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7260cx:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7260cx3:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7260cx3-64:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7260qx:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7260qx-64:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280cr2ak-30:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280cr2k-60:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280cr3-32d4:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280cr3-32p4:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280cr3-96:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280cr3k-32d4:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280cr3k-32p4:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280cr3k-96:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280dr3-24:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280dr3k-24:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280e:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280pr3-24:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280pr3k-24:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280r:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280r2:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280r3:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280sr3-48yc8:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280sr3k-48yc8:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7300x-32q:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7300x-64s:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7300x-64t:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7300x3-32c:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7300x3-48yc4:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7304:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7308:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7316:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7320x-32c:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7368x4:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7388x5:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7500e:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7500r:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7500r2:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7500r3:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7500r3-24d:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7500r3-24p:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7500r3-36cq:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7500r3k-36cq:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7800r3-36p:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7800r3-48cq:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7800r3k-48cq:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:ccs-750x-48thp:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:ccs-750x-48tp:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:ccs-750x-48zp:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:ccs-750x-48zxp:-:*:*:*:*:*:*:*
History

21 Apr 2023, 14:27

Type Values Removed Values Added
New CVE
Information

Published : 2023-04-12 21:15

Updated : 2024-02-04 23:37

NVD link : CVE-2023-24511

Mitre link : CVE-2023-24511

CVE.ORG link : CVE-2023-24511

JSON object : View

Products Affected

arista

  • 7500r2
  • 7300x-64s
  • 7388x5
  • ccs-750x-48zxp
  • 722xpm-48y4
  • 7050sx3-48yc
  • 720xp-48zc2
  • 7280cr3k-32d4
  • 7260cx
  • 720dt-48s
  • 7280e
  • 7050tx-48
  • 7170-64c
  • 7150s-52
  • 7280sr3k-48yc8
  • 7300x-32q
  • 7050sx3-48yc12
  • 7300x3-48yc4
  • 7060sx2-48yc6
  • eos
  • 7250qx-64
  • 7260cx3
  • 7308
  • 722xpm-48zy8
  • 7280r3
  • 7500r3-36cq
  • 7150sc-64
  • 720dp-48s
  • 7800r3-36p
  • 7010tx-48-dc
  • 720xp-48y6
  • 7320x-32c
  • 7280r
  • 7050tx-64
  • 7050sx3-48yc8
  • 720xp-24y6
  • 7800r3-48cq
  • 720dt-48y
  • 7050cx3-32s
  • 7150sc-24
  • 7500r3-24p
  • 7800r3k-48cq
  • ccs-750x-48tp
  • 7050sx-64
  • 7050qx-32s
  • 7160-32cq
  • 7170-32cd
  • 7020tra-48
  • 7050tx3-48c8
  • 7500r3
  • 720dp-24s
  • 7050sx2-128
  • 7280pr3k-24
  • 7050cx3m-32s
  • 7050tx-72q
  • 7260qx
  • 7050sx3-96yc8
  • 7260qx-64
  • 7500e
  • 7170-32c
  • 7300x3-32c
  • 7280dr3k-24
  • 7304
  • 7020tr-48
  • 7060cx2-32s
  • 720df-48y
  • 7316
  • 7280cr3-96
  • 7280sr3-48yc8
  • 7280cr3k-32p4
  • 7170b-64c
  • 7280cr3-32p4
  • 7500r3-24d
  • 7280r2
  • 720xp-96zc2
  • 7280cr2k-60
  • 7150s-64
  • 7280cr2ak-30
  • 7060px4-32
  • ceos-lab
  • 7500r3k-36cq
  • 7280cr3k-96
  • 7280pr3-24
  • ccs-750x-48thp
  • 7010tx-48
  • 7010t
  • ccs-750x-48zp
  • 7050sx-128
  • 720xp-24zy4
  • 7050tx2-128
  • 7060cx-32s
  • 7020sr-24c2
  • 7050sx-72q
  • 7300x-64t
  • 7160-48yc6
  • 7260cx3-64
  • 7020sr-32c2
  • 7280cr3-32d4
  • veos-lab
  • 7050sx2-72q
  • 7160-48tc6
  • 7368x4
  • 7050sx3-48c8
  • 7500r
  • 7280dr3-24
  • 7150s-24
  • 7060dx4-32
  • cloudeos
  • 7010t-48
  • 7050qx2-32s
  • 720dt-24s
CWE
CWE-401

Missing Release of Memory after Effective Lifetime