Lucene search

AristaCVELIST:CVE-2023-3646

HistoryAug 29, 2023 - 4:31 p.m.

CVE-2023-3646 On affected platforms running Arista EOS with mirroring to multiple destinations configured, an internal system error may trigger a kernel panic and cause system reload.

2023-08-2916:31:57

CWE-125

Arista

www.cve.org

cve-2023-3646

arista eos

multiple destinations

kernel panic

system reload

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

0.0005 Low

EPSS

Percentile

17.1%

JSON

On affected platforms running Arista EOS with mirroring to multiple destinations configured, an internal system error may trigger a kernel panic and cause system reload.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "EOS",
    "vendor": "Arista Networks",
    "versions": [
      {
        "lessThanOrEqual": "4.28.5.1M ",
        "status": "affected",
        "version": "4.28.2F",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "4.29.1F",
        "status": "affected",
        "version": "4.29.0",
        "versionType": "custom"
      }
    ]
  }
]

References

www.arista.com/en/support/advisories-notices/security-advisory/18042-security-advisory-0088

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

0.0005 Low

EPSS

Percentile

17.1%

JSON

Related for CVELIST:CVE-2023-3646