CVE-2023-24545 On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial of service attack by sending malformed packets to the switch.

🗓️ 12 Apr 2023 00:00:00Reported by AristaType

Arista CloudEOS denial of service vulnerability

Reporter	Title	Published	Views	Family All 10
Arista	Security Advisory 0085	11 Apr 202300:00	–	arista
Circl	CVE-2023-24545	13 Apr 202300:24	–	circl
CNNVD	Arista Networks CloudEOS 资源管理错误漏洞	12 Apr 202300:00	–	cnnvd
CVE	CVE-2023-24545	12 Apr 202300:00	–	cve
EUVD	EUVD-2023-28561	3 Oct 202520:07	–	euvd
NVD	CVE-2023-24545	12 Apr 202321:15	–	nvd
OSV	CVE-2023-24545	12 Apr 202321:15	–	osv
Prion	Design/Logic Flaw	12 Apr 202321:15	–	prion
Positive Technologies	PT-2023-19682 · Arista · Arista Cloudeos	12 Apr 202300:00	–	ptsecurity
Vulnrichment	CVE-2023-24545 On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial of service attack by sending malformed packets to the switch.	12 Apr 202300:00	–	vulnrichment

[
  {
    "vendor": "Arista Networks",
    "product": "EOS",
    "versions": [
      {
        "version": "4.29.0",
        "status": "affected",
        "lessThanOrEqual": "4.29.1F",
        "versionType": "custom"
      },
      {
        "version": "4.28.0",
        "status": "affected",
        "lessThanOrEqual": "4.28.4M",
        "versionType": "custom"
      },
      {
        "version": "4.27.0",
        "status": "affected",
        "lessThanOrEqual": "4.27.7M",
        "versionType": "custom"
      },
      {
        "version": "4.26.8M",
        "status": "affected",
        "lessThanOrEqual": "4.26.8M",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
arista	www.arista.com/en/support/advisories-notices/security-advisory/17240-security-advisory-0085

12 Apr 2023 00:00Current

7.5High risk

Vulners AI Score7.5

CVSS 3.17.5

EPSS0.00457

CWE-400