Vulnerabilities (CVE)

Filtered by vendor Arista Subscribe
Total 73 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-9015 1 Arista 6 Dcs-7050cx3-32s-r, Dcs-7050cx3-32s-r Firmware, Dcs-7050qx-32s-r and 3 more 2024-08-04 7.5 HIGH 9.8 CRITICAL
** DISPUTED ** Arista DCS-7050QX-32S-R 4.20.9M, DCS-7050CX3-32S-R 4.20.11M, and DCS-7280SRAM-48C6-R 4.22.0.1F devices (and possibly other products) allow attackers to bypass intended TACACS+ shell restrictions via a | character. NOTE: the vendor reports that this is a configuration issue relating to an overly permissive regular expression in the TACACS+ server permitted commands.
CVE-2014-7169 17 Apple, Arista, Canonical and 14 more 85 Mac Os X, Eos, Ubuntu Linux and 82 more 2024-07-24 10.0 HIGH 9.8 CRITICAL
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.
CVE-2014-6271 17 Apple, Arista, Canonical and 14 more 85 Mac Os X, Eos, Ubuntu Linux and 82 more 2024-07-24 10.0 HIGH 9.8 CRITICAL
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
CVE-2017-18017 9 Arista, Canonical, Debian and 6 more 29 Eos, Ubuntu Linux, Debian Linux and 26 more 2024-04-24 10.0 HIGH 9.8 CRITICAL
The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.
CVE-2023-24547 1 Arista 5 7130, 7130-16g3s, 7130-48g3s and 2 more 2024-02-05 N/A 6.5 MEDIUM
On affected platforms running Arista MOS, the configuration of a BGP password will cause the password to be logged in clear text that can be revealed in local logs or remote logging servers by authenticated users, as well as appear in clear text in the device’s running config.
CVE-2023-24512 1 Arista 110 32qd, 48ehs, 48lbas and 107 more 2024-02-04 N/A 6.5 MEDIUM
On affected platforms running Arista EOS, an authorized attacker with permissions to perform gNMI requests could craft a request allowing it to update arbitrary configurations in the switch. This situation occurs only when the Streaming Telemetry Agent (referred to as the TerminAttr agent) is enabled and gNMI access is configured on the agent. Note: This gNMI over the Streaming Telemetry Agent scenario is mostly commonly used when streaming to a 3rd party system and is not used by default when streaming to CloudVision
CVE-2023-24513 5 Amazon, Arista, Equinix and 2 more 6 Aws Marketplace, Cloudeos, Dca-200-veos and 3 more 2024-02-04 N/A 7.5 HIGH
On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial of service attack by sending malformed packets to the switch. This causes a leak of packet buffers and if enough malformed packets are received, the switch may eventually stop forwarding traffic.
CVE-2023-24509 1 Arista 21 704x3, 7304x, 7304x3 and 18 more 2024-02-04 N/A 7.8 HIGH
On affected modular platforms running Arista EOS equipped with both redundant supervisor modules and having the redundancy protocol configured with RPR or SSO, an existing unprivileged user can login to the standby supervisor as a root user, leading to a privilege escalation. Valid user credentials are required in order to exploit this vulnerability.
CVE-2023-24511 1 Arista 111 7010t, 7010t-48, 7010tx-48 and 108 more 2024-02-04 N/A 7.5 HIGH
On affected platforms running Arista EOS with SNMP configured, a specially crafted packet can cause a memory leak in the snmpd process. This may result in the snmpd processing being terminated (causing SNMP requests to time out until snmpd is automatically restarted) and potential memory resource exhaustion for other processes on the switch. The vulnerability does not have any confidentiality or integrity impacts to the system.
CVE-2023-24546 1 Arista 1 Cloudvision Portal 2024-02-04 N/A 8.1 HIGH
On affected versions of the CloudVision Portal improper access controls on the connection from devices to CloudVision could enable a malicious actor with network access to CloudVision to get broader access to telemetry and configuration data within the system than intended. This advisory impacts the Arista CloudVision Portal product when run on-premise. It does not impact CloudVision as-a-Service.
CVE-2023-24545 1 Arista 2 Cloudeos, Dca-200-veos 2024-02-04 N/A 7.5 HIGH
On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial of service attack by sending malformed packets to the switch. This causes a leak of packet buffers and if enough malformed packets are received, the switch may eventually stop forwarding traffic.
CVE-2021-28510 1 Arista 77 7020r, 7050cx3-32s, 7050cx3m-32s and 74 more 2024-02-04 N/A 7.5 HIGH
For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling message with an invalid Type-Length-Value (TLV) causes the PTP agent to restart. Repeated restarts of the service will make the service unavailable.
CVE-2021-28511 1 Arista 16 7050cx3-32s, 7050cx3m-32s, 7050sx3-48c8 and 13 more 2024-02-04 N/A 6.5 MEDIUM
This advisory documents the impact of an internally found vulnerability in Arista EOS for security ACL bypass. The impact of this vulnerability is that the security ACL drop rule might be bypassed if a NAT ACL rule filter with permit action matches the packet flow. This could allow a host with an IP address in a range that matches the range allowed by a NAT ACL and a range denied by a Security ACL to be forwarded incorrectly as it should have been denied by the Security ACL. This can enable an ACL bypass.
CVE-2022-29071 1 Arista 1 Cloudvision Portal 2024-02-04 N/A 5.5 MEDIUM
This advisory documents an internally found vulnerability in the on premises deployment model of Arista CloudVision Portal (CVP) where under a certain set of conditions, user passwords can be leaked in the Audit and System logs. The impact of this vulnerability is that the CVP user login passwords might be leaked to other authenticated users.
CVE-2021-28505 1 Arista 18 Ccs-710p-12, Ccs-710p-16p, Ccs-720xp-24y6 and 15 more 2024-02-04 5.0 MEDIUM 7.5 HIGH
On affected Arista EOS platforms, if a VXLAN match rule exists in an IPv4 access-list that is applied to the ingress of an L2 or an L3 port/SVI, the VXLAN rule and subsequent ACL rules in that access list will ignore the specified IP protocol.
CVE-2021-28508 1 Arista 45 7050cx3-32s, 7050cx3m-32s, 7050sx3-48c8 and 42 more 2024-02-04 3.6 LOW 6.1 MEDIUM
This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak IPsec sensitive data in clear text in CVP to other authorized users, which could cause IPsec traffic to be decrypted or modified by other authorized users on the device.
CVE-2021-28504 1 Arista 18 Ccs-710p-12, Ccs-710p-16p, Ccs-720xp-24y6 and 15 more 2024-02-04 4.3 MEDIUM 7.5 HIGH
On Arista Strata family products which have “TCAM profile” feature enabled when Port IPv4 access-list has a rule which matches on “vxlan” as protocol then that rule and subsequent rules ( rules declared after it in ACL ) do not match on IP protocol field as expected.
CVE-2021-28509 1 Arista 45 7050cx3-32s, 7050cx3m-32s, 7050sx3-48c8 and 42 more 2024-02-04 3.6 LOW 6.1 MEDIUM
This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak MACsec sensitive data in clear text in CVP to other authorized users, which could cause MACsec traffic to be decrypted or modified by other authorized users on the device.
CVE-2021-28501 1 Arista 1 Terminattr 2024-02-04 6.9 MEDIUM 7.8 HIGH
An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local users with nopassword configuration.
CVE-2021-28499 1 Arista 2 7130, Metamako Operating System 2024-02-04 2.1 LOW 5.5 MEDIUM
In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, user account passwords set in clear text could leak to users without any password. This issue affects: Arista Metamako Operating System MOS-0.18 and post releases in the MOS-0.1x train All releases in the MOS-0.2x train MOS-0.31.1 and prior releases in the MOS-0.3x train