10 matches found
PT-2025-34703
Name of the Vulnerable Software and Affected Versions: Arista EOS affected versions not specified Description: Maliciously formed UDP packets with source port 3503 may be accepted by EOS. UDP Port 3503 is associated with LspPing Echo Reply. This can result in unexpected behaviors, especially for...
PT-2025-23040 · Arista · Arista Eos
Name of the Vulnerable Software and Affected Versions: Arista EOS affected versions not specified Description: The issue affects Arista EOS with IPsec enabled and anti-replay protection configured on platforms with hardware IPSec support. In specific cases, EOS may exhibit unexpected behavior,...
PT-2025-23043 · Arista · Arista Eos
Name of the Vulnerable Software and Affected Versions: Arista EOS affected versions not specified Description: On affected platforms running Arista EOS, ACL policies may not be enforced. This issue affects IPv4 ingress ACL, MAC ingress ACL, or IPv6 standard ingress ACL enabled on one or more...
CVE-2018-14008
Arista EOS through 4.21.0F allows a crash because 802.1x authentication is mishandled...
Security Advisory 0118
Security Advisory 0118 . CSAF PDF Date: May 20, 2025 Revision | Date | Changes ---|---|--- 1.0 | May 20, 2025 | Initial release The CVE-ID tracking this issue: CVE-2024-11185 CVSSv3.1 Base Score: 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N Common Weakness Enumeration: CWE-1189: Improper...
CVE-2025-0936
On affected platforms running Arista EOS with a gNMI transport enabled, running the gNOI File TransferToRemote RPC with credentials for a remote server may cause these remote-server credentials to be logged or accounted on the local EOS device or possibly on other remote accounting servers i.e...
PT-2025-20409 · Arista · Arista Eos
Name of the Vulnerable Software and Affected Versions: Arista EOS affected versions not specified Description: The issue affects Arista EOS platforms with Traffic Policies configured, causing received untagged packets to bypass Traffic Policy rules. As a result, packets that should be dropped...
PT-2025-20313 · Arista · Arista Eos
Name of the Vulnerable Software and Affected Versions: Arista EOS affected versions not specified Description: On affected platforms running Arista EOS with a gNMI transport enabled, running the gNOI File TransferToRemote RPC with credentials for a remote server may cause these remote-server...
PT-2023-25577 · Arista · Arista Eos
Name of the Vulnerable Software and Affected Versions: Arista EOS affected versions not specified Description: On affected platforms running Arista EOS with mirroring to multiple destinations configured, an internal system error may trigger a kernel panic and cause system reload. This issue was...
PT-2023-19659 · Arista · Arista Eos
Name of the Vulnerable Software and Affected Versions: Arista EOS affected versions not specified Description: An authorized attacker with permissions to perform gNMI requests could craft a request allowing it to update arbitrary configurations in the switch. This situation occurs only when the...