818 matches found
Arista EOS 安全漏洞
Arista EOS is a fully programmable, highly modular Linux-based network operating system developed by the American company Arista. There is a security vulnerability in Arista EOS, which occurs when, under certain conditions, physical interface fluctuations and proxy restarts may cause the IPsec...
Arista EOS 安全漏洞
Arista EOS is a fully programmable, highly modular Linux-based network operating system developed by the American company Arista. There is a security vulnerability in Arista EOS, which arises due to the lack of verification of the tunnel protocol type during tunnel decapsulation configurations...
CVE-2025-8873
On affected platforms running Arista EOS with IPsec configured, a specially crafted packet can cause the dataplane to stop processing all IPsec traffic. The control plane may detect this condition, and attempt to reset the IPsec processing pipeline. After reset traffic may not resume being...
CVE-2024-27892
Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected. This can result in unexpected configuration being applied to the switch...
CVE-2024-27891
On affected platforms running Arista EOS with MACsec and egress ACLs configured on the same interfaces, the ACL policies may not be enforced for packets egressing on those ports. This can cause outgoing packets to incorrectly be allowed or denied...
CVE-2024-27890
Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected. This can result in unexpected configuration being applied to the switch...
CVE-2023-5502
On affected platforms running Arista EOS with 802.1x authentication configured on the access/trunk ports, and routing enabled on the access VLAN of the ports, a malicious supplicant may be able to bypass the requirement to perform 802.1x authentication...
CVE-2025-8873 Arista EOS Dataplane Denial of Service via Malformed IPsec Packet
On affected platforms running Arista EOS with IPsec configured, a specially crafted packet can cause the dataplane to stop processing all IPsec traffic. The control plane may detect this condition, and attempt to reset the IPsec processing pipeline. After reset traffic may not resume being...
CVE-2025-8873
CVE-2025-8873 affects Arista EOS with IPsec enabled: a specially crafted packet can stop dataplane processing of all IPsec traffic, with control plane detecting and resetting the IPsec pipeline; after reset, IPsec traffic may not resume. Non-IPsec traffic is unaffected. Affected EOS releases incl...
CVE-2025-8873 Arista EOS Dataplane Denial of Service via Malformed IPsec Packet
On affected platforms running Arista EOS with IPsec configured, a specially crafted packet can cause the dataplane to stop processing all IPsec traffic. The control plane may detect this condition, and attempt to reset the IPsec processing pipeline. After reset traffic may not resume being...
CVE-2023-5502 On affected platforms running Arista EOS with 802.1x authentication configured on the access/trunk ports, a malicious supplicant may bypass authentication.
On affected platforms running Arista EOS with 802.1x authentication configured on the access/trunk ports, and routing enabled on the access VLAN of the ports, a malicious supplicant may be able to bypass the requirement to perform 802.1x authentication...
CVE-2023-5502 On affected platforms running Arista EOS with 802.1x authentication configured on the access/trunk ports, a malicious supplicant may bypass authentication.
On affected platforms running Arista EOS with 802.1x authentication configured on the access/trunk ports, and routing enabled on the access VLAN of the ports, a malicious supplicant may be able to bypass the requirement to perform 802.1x authentication...
CVE-2024-27892 On affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected (SSL Profiles Enabled).
Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected. This can result in unexpected configuration being applied to the switch...
CVE-2024-27892 On affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected (SSL Profiles Enabled).
Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected. This can result in unexpected configuration being applied to the switch...
CVE-2024-27892
Arista CVE-2024-27892 affects Arista EOS platforms running OpenConfig, where a gNMI Set request can be allowed when it should be rejected, enabling unexpected configuration changes. Impact is elevated integrity/availability risk under network attack vectors; OpenConfig must be enabled with SSL pr...
CVE-2024-27890 On affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected (No SSL Profiles Enabled).
Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected. This can result in unexpected configuration being applied to the switch...
CVE-2024-27890 On affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected (No SSL Profiles Enabled).
Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected. This can result in unexpected configuration being applied to the switch...
CVE-2024-27890
CVE-2024-27890 affects Arista EOS platforms with OpenConfig enabled; a gNMI Set request can be accepted when it should be rejected, causing unexpected configuration changes. Affected EOS versions include 4.29.x (≤4.29.7M), 4.28.x (≤4.28.10M), 4.27.x (≤4.27.8M), 4.26.x (≤4.26.9M), 4.25.x (≤4.25.10...
CVE-2024-27891 On affected platforms running Arista EOS with MACsec and egress ACLs configured on the same interfaces, the ACL policies may not be enforced for packets egressing on those ports.
On affected platforms running Arista EOS with MACsec and egress ACLs configured on the same interfaces, the ACL policies may not be enforced for packets egressing on those ports. This can cause outgoing packets to incorrectly be allowed or denied...
CVE-2024-27891
Arista CVE-2024-27891 affects EOS platforms where MACsec and outbound egress ACLs are on the same interface, potentially causing ACL policies to not be enforced for egress packets. Affected EOS releases include 4.32.x (4.32.0.1F and below), 4.31.x (4.31.2F and below), 4.30.x (4.30.6M and below), ...