Eos@* Security Vulnerabilities and Issues — Eos@* CVE List

Lucene search

AristaEos*

4 matches found

CVE•added 2022/01/14 8:15 p.m.•48 views

CVE-2021-28500

An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local users with nopassword configuration.

9.1CVSS7.7AI score0.00312EPSS

CVE•added 2023/01/26 9:15 p.m.•40 views

CVE-2021-28510

For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling message with an invalid Type-Length-Value (TLV) causes the PTP agent to restart. Repeated restarts of the service will make the service unavailable.

7.5CVSS6.2AI score0.00224EPSS

CVE•added 2018/04/12 9:29 p.m.•39 views

CVE-2018-5254

Arista EOS before 4.20.2F allows remote BGP peers to cause a denial of service (Rib agent restart) via a malformed path attribute in an UPDATE message.

7.5CVSS7.3AI score0.00598EPSS

CVE•added 2020/10/26 4:15 p.m.•30 views

CVE-2020-15897

Arista EOS before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23.5M, and 4.24.x before 4.24.2F allows remote attackers to cause traffic loss or incorrect forwarding of traffic via a malformed link-state PDU to the IS-IS router.

7.5CVSS7.5AI score0.00691EPSS