4 matches found
CVE-2023-24512
The CVE-2023-24512 issue affects Arista EOS running with the Streaming Telemetry Agent (TerminAttr) enabled and gNMI access configured. An authorized attacker with gNMI permissions could craft a request to update arbitrary switch configurations, under conditions where TerminAttr is present and gR...
CVE-2023-24513
CVE-2023-24513 affects Arista CloudEOS Sfe in multiple CloudEOS trains. The issue is a size-check bypass in the Software Forwarding Engine that can lead to buffer over-reads and, depending on options, TCP checksum recomputation, potentially enabling DoS via malformed packets and packet-buffer lea...
CVE-2023-24545
CVE-2023-24545 affects Arista CloudEOS, with a vulnerability in the Software Forwarding Engine (Sfe) that can cause a denial-of-service by sending malformed packets to the switch. The advisory lists multiple affected CloudEOS trains and versions: CloudEOS 4.29.1F and below (4.29.x), 4.28.4M and b...
CVE-2020-11622
The CVE concerns Arista CloudEOS VM / vEOS Router code when TCP MSS options are configured. Affected releases include CloudEOS VM / vEOS Router: 4.23.2M and below in 4.23.x, 4.22.4M and below in 4.22.x, 4.21.3M–4.21.9M in 4.21.x, plus special builds 4.21.3FX-7368., 4.21.4-FCRFX. , 4.21.4.1, 4.21....