6.5 Medium
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
3.3 Low
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:A/AC:L/Au:N/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
29.5%
Revision | Date | Changes |
---|---|---|
1.0 | December 16th, 2020 | Initial Release |
The CVE-ID tracking this issue is: CVE-2020-3702
CVSSv3.1 Base Score: 7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
This advisory documents the impact of a vulnerability in the 2.4GHz radios of Arista Wireless Access Points (APs). Not all systems are impacted, please refer to the “Affected Platforms”, and “Symptoms” sections below for specific required configuration to be vulnerable.
The effect of this vulnerability is that, under certain conditions, APs configured to use the WPA2 or the WPA/WPA2 mixed-mode encryption standards may temporarily transmit Wi-Fi traffic without encryption. Please note that Wi-Fi traffic which is encrypted at higher layers (ex. a TLS connection) by edge devices (ex. desktops, phones etc.) will remain encrypted by the application layer’s encryption.
This vulnerability is applicable if all of the following conditions are matched:
Details on how to determine if these settings apply can be found under “Symptoms”.
This vulnerability is NOT applicable if any one (or more) of the following conditions are matched:
Arista is not aware of any malicious uses of this issue in customer networks.
The following checks can be performed on the AP to determine if this vulnerability is applicable.
Example:
Note: Please refer to the “Affected Platforms” section below for the list of affected models.
2)Confirm if a SSID(s) has been configured to operate in the 2.4GHz band.
Example (GHz highlighted in yellow):
Example (The following SSID is configured to operate in both the 2.4GHz and 5 GHz bands, this is also an example of vulnerable configuration):
3)Confirm the encryption standard configured for the 2.4GHz SSID(s):
Example(s):
Note: As observed in the above examples, this vulnerability is applicable if either WPA2 mode or WPA/WPA2 mixed mode security standards are configured for the 2.4GHz SSID(s).
Example:
Affected Software
Affected Platforms
Please note that the affected AP models mentioned in the above list have reached the end of sale. However, these AP models are under active support until 2023.
Any one of the following workarounds can be leveraged to mitigate the issue:
Example:
For the final resolution, please refer to the next section which lists the details of the remediated software versions.
This vulnerability is being tracked by Bug 519647. The recommended resolution is to upgrade to a remediated Wi-Fi version. The vulnerability has been fixed in the following AP Build versions:
For instructions on how to upgrade APs, please refer to the following resources:
If you require further assistance, or if you have any further questions regarding this security notice, please contact the Arista Networks Technical Assistance Center (TAC) by one of the following methods:
By email: This email address is being protected from spambots. You need JavaScript enabled to view it.
By telephone: 408-547-5502
866-476-0000
6.5 Medium
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
3.3 Low
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:A/AC:L/Au:N/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
29.5%