CVE-2020-17355

Published: Oct 21, 2020Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

Arista EOS before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23.5M, and 4.24.x before 4.24.2F allows remote attackers to cause a denial of service (restart of agents) by crafting a malformed DHCP packet which leads to an incorrect route being installed.

Affected (4)

Products: Arista: Eos

Arista

1 product

Eos

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Arista Eos	From 4.21.0 to 4.21.12m
Arista Eos	From 4.22 to 4.22.7m
Arista Eos	From 4.23 to 4.23.5m
Arista Eos	From 4.24.0 to 4.24.2f

References (2)

https://www.arista.com/en/support/advisories-notices/security-advisories/11759-security-advisory-53

Source: cve@mitre.org

Vendor Advisory

https://www.arista.com/en/support/advisories-notices/security-advisories/11759-security-advisory-53

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.