Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2019-14810
HistoryOct 10, 2019 - 7:15 p.m.

CVE-2019-14810

2019-10-1019:15:10
CWE-362
mitre
web.nvd.nist.gov
80
eos
ldp
dos
cve-2019-14810
security vulnerability
denial of service
out of memory

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

5.7

Confidence

High

EPSS

0.001

Percentile

45.6%

JSON

A vulnerability has been found in the implementation of the Label Distribution Protocol (LDP) protocol in EOS. Under race conditions, the LDP agent can establish an LDP session with a malicious peer potentially allowing the possibility of a Denial of Service (DoS) attack on route updates and in turn potentially leading to an Out of Memory (OOM) condition that is disruptive to traffic forwarding. Affected EOS versions include: 4.22 release train: 4.22.1F and earlier releases 4.21 release train: 4.21.0F - 4.21.2.3F, 4.21.3F - 4.21.7.1M 4.20 release train: 4.20.14M and earlier releases 4.19 release train: 4.19.12M and earlier releases End of support release trains (4.18 and 4.17)

Affected configurations

Nvd
Node
aristaextensible_operating_systemRange4.194.19.12m
OR
aristaextensible_operating_systemRange4.204.20.14m
OR
aristaextensible_operating_systemRange4.21.0f4.21.2.3f
OR
aristaextensible_operating_systemRange4.21.3f4.21.7
OR
aristaextensible_operating_systemMatch4.17
OR
aristaextensible_operating_systemMatch4.18
OR
aristaextensible_operating_systemMatch4.22.1f
AND
arista7020rMatch-
OR
arista7280eMatch-
OR
arista7280rMatch-
OR
arista7280r2Match-
OR
arista7280r3Match-
OR
arista7500eMatch-
OR
arista7500rMatch-
OR
arista7500r2Match-
OR
arista7500r3Match-
VendorProductVersionCPE
aristaextensible_operating_system*cpe:2.3:o:arista:extensible_operating_system:*:*:*:*:*:*:*:*
aristaextensible_operating_system4.17cpe:2.3:o:arista:extensible_operating_system:4.17:*:*:*:*:*:*:*
aristaextensible_operating_system4.18cpe:2.3:o:arista:extensible_operating_system:4.18:*:*:*:*:*:*:*
aristaextensible_operating_system4.22.1fcpe:2.3:o:arista:extensible_operating_system:4.22.1f:*:*:*:*:*:*:*
arista7020r-cpe:2.3:h:arista:7020r:-:*:*:*:*:*:*:*
arista7280e-cpe:2.3:h:arista:7280e:-:*:*:*:*:*:*:*
arista7280r-cpe:2.3:h:arista:7280r:-:*:*:*:*:*:*:*
arista7280r2-cpe:2.3:h:arista:7280r2:-:*:*:*:*:*:*:*
arista7280r3-cpe:2.3:h:arista:7280r3:-:*:*:*:*:*:*:*
arista7500e-cpe:2.3:h:arista:7500e:-:*:*:*:*:*:*:*
Rows per page:
1-10 of 131

Related

nessus 1
prion 1
nvd 1
cvelist 1
arista 1
nessus
nessus
Arista Networks EOS LDP DoS (SA0042)
2020-03-11 00:00:00
prion
prion
Race condition
2019-10-10 19:15:00
nvd
nvd
CVE-2019-14810
2019-10-10 19:15:10
cvelist
cvelist
CVE-2019-14810
2019-10-10 18:07:51
arista
arista
Security Advisory 0042
2019-10-09 00:00:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

5.7

Confidence

High

EPSS

0.001

Percentile

45.6%

JSON
Related for CVE-2019-14810
nessus1prion1nvd1cvelist1arista1